The Stroz Friedberg Cyber Brief

The Stroz Friedberg Cyber Brief, May 22, 2017
  FEATURED STORY            

MONDAY, MAY 22, 2017


A group of hackers suspected to be independent of those behind the Wannacry outbreak are reportedly attempting to revive the ransomware from its recent lull. Shortly after Wannacry began sweeping the globe on May 12, Marcus Hutchins, a 22-year-old cybersecurity expert from England, discovered and registered a web address that could put the ransomare into dormancy. But now he says that hackers are trying to overwhelm that so-called “kill switch” site with traffic.

Meanwhile, a loose-knit, international team of cybersecurity researchers has collaborated to develop a way to save some files targeted by Wannacry. The free tool that decrypts infected computers without paying ransom, dubbed "wanakiwi,” only works on computers which have not been rebooted since becoming infected, and must be applied before Wannacry locks files permanently. Victims of the ransomware are typically given seven days to pay sums up to $600 to regain control of their machines. (Wired, Reuters, Guardian, NYT, WaPo)


North Korea: Defectors, officials, and cybersecurity experts say that North Korea's main spy agency has a special cell called Unit 180 that is likely to have launched some of its most daring and successful cyberattacks. Researchers also say they have found technical evidence that could link Pyongyang with Wannacry. (Reuters)

Russian Banks: Russian hackers reportedly used malware planted on Android devices to steal hundreds of thousands of dollars from domestic bank customers, and were planning to target European lenders before they were arrested last November. (Reuters)


Assange: Swedish prosecutors announced that they were abandoning their attempt to extradite the WikiLeaks founder, invalidating the warrant for his arrest. However, experts say that Assange still faces enormous legal problems and could be arrested in London for other reasons if he left the sanctuary of Ecuador’s embassy. (NYT, Wired)


IBM China: A former software engineer for IBM in China, Jiaqiang Xu, pleaded guilty in New York federal court to stealing proprietary source code from the company. He is scheduled to be sentenced on October 13. (Reuters)


Facebook: A Brooklyn federal judge dismissed two lawsuits seeking to hold the social media giant liable for supporting terrorist groups by letting them use its platform to further their goals. Plaintiffs are the families and estates of U.S. citizens who were killed by Hamas. (Ars Technica)

Uber: The ride-hailing company signaled that it might be willing to fire Anthony Levandowski, the star engineer who led its driverless car efforts, if he does not comply with the lawsuit brought by Waymo, the self-driving car business that operates under Google’s parent company. (NYT)


  ON THE HILL                                    

FCC: The Federal Communications Commission has voted 2-1 to advance a Republican plan to reverse the Obama administration's 2015 "net neutrality" order. The public will have until mid-August to offer comments before the FCC votes on a final plan. (Reuters)

Senate: Republican Senator Ron Johnson of Wisconsin and Democratic Senator Brian Schatz of Hawaii introduced a bill that would require the NSA to inform other government agencies about security holes it finds in software. (Reuters)


Machine Learning: Last month, the Pentagon established a special cell called the Algorithmic Warfare Cross Functional Team, which will look to integrate big data and machine learning across the military. (Defense One)

  PRIVATE SECTOR                             

Insurance: Insurers say that companies without cyber insurance are increasingly attempting to use policies covering kidnap, ransom, and extortion in the world's political hotspots to recoup losses caused by ransomware viruses like Wannacry. (Reuters)


Rise of the Quants: Algorithmic-driven trading and the technicians who use sophisticated statistical models to find attractive trades are taking over the investment world, analysts say. Meanwhile, traditional trading strategies, such as looking at balance sheets and talking to companies’ customers, are losing prominence. (WSJ)

Crowdstrike: The southern California-based provider of digital security that aided the Democratic National Committee in its response to what is believed to be interference by Russia, has announced it had raised $100 million in capital. The new money values the company at close to $1 billion. (NYT)

  THE WORLD                                     

Digital Currencies: Bitcoin is now worth over $2,000 per coin, putting the total number of coins in circulation at more than $32 billion. Meanwhile, Ripple, the centralized currency aiming to be a settlement protocol for major banks, has surged more than 1000 percent in under a month, making it the second most valuable cryptocurrency. (Tech Crunch)


The Shadow Arms Bazaar That Fuels Cyber Crime: “The Wannacry incident illustrates in stark terms the complexities of the new threats in cyberspace. It calls attention to a shifting landscape of participants on the dark web, which was described to the FT by more than a dozen western intelligence officials and private-sector cyber security analysts,” write Sam Jones and Hannah Kuchler in the Financial Times.


Google, Not the Government, Is Building the Future: “Technology giants, not the government, are building the artificially intelligent future. And unless the government vastly increases how much it spends on research into such technologies, it is the corporations that will decide how to deploy them,” writes Farhad Manjoo in the New York Times.

Waiting for the Next Ransomware Catastrophe: “Wannacry wasn’t a disaster, but it could have been. Right now, it’s a cautionary tale of what can happen when spy agencies collide with technical debt and computer illiteracy. It’s an ecological disaster waiting to happen, no less complex for being an artificial ecology. In its way, this is no less vital than dealing with disease or pollution or environmental destruction, but it’s harder to see, because we did it to ourselves,” writes Quinn Norton in the Atlantic.


Center on National Security
Fordham University School of Law
150 W. 62nd St. 7th Floor
New York, NY 10023 US
Copyright © 2016 Center on National Security, All rights reserved.