{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

10/01/2019
linkedin facebook twitter instagram
WorkScoop
Disinformation is no longer just a tool of governments. The NSA's Cybersecurity Directorate is officially operational. And ransomware groups are getting greedy. This is CyberScoop for Tuesday, October 1, 2019.

Yes, 'Disinfo-as-a-service' is a thing

Did you know that for just a few hundred dollars, you can hire your own sophisticated propaganda arm to pump out phony articles to either tear an idea down or build it up? You do now, thanks to research released Monday by threat intelligence company Recorded Future, which found “disinformation-as-a-service” features advertised on criminal forums to be “alarmingly simple” to use — and effective as well. “If the ease of this experience is any indication, we predict that disinformation-as-a-service will soon spread from a nation-state tool to one increasingly used by individuals and organizations,” the Recorded Future analysts said. They set up a fake company and hired one threat actor to promote it and another to discredit it. Both were professional, amenable to feedback, and engaged real people in the ploy. Sean Lyngaas has more.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


More sanctions for Russian trolls

The U.S. Treasury announced Monday it is sanctioning Yevgeniy Prigozhin, the Russian financier and six Russian operatives behind the Russian troll farm Internet Research Agency that sought to interfere in both the 2016 and 2018 elections. Specifically, the Treasury Office of Foreign Assets Control is sanctioning three aircraft, a yacht and front companies associated with Prigozhin. The IRA sought to interfere in the 2018 midterm elections using many of the same tactics deployed in the months before the 2016 presidential elections, according to the Treasury. They used fake personas on social media and propagated false information in order to both influence the 2018 midterm elections and insert discord about U.S. democratic institutions. Shannon Vavra has the details.


Open for business

As of today, the NSA officially has a new Cybersecurity Directorate that is intended to better provide information gleaned from signals intelligence to the private sector. The directorate will aim to supply more context on nation-state hackers and hackers’ overall goals in a quicker, unclassified way, the new directorate’s chief said last month. The goal is to root out threats from foreign adversaries and improve the country's protection. Part of the urgency in creating the new directorate is the broader recognition from the U.S. government that rival countries represent a larger threat to the U.S. than terrorists, officials said. Shannon gave you the scoop earlier this month.


States' cyber resources under one roof

The National Association of Secretaries of State on Tuesday released a guide to help their members and staff combat cyberthreats. The guide is a rundown of the major cybersecurity resources available to state officials, including standards put out by international bodies and DHS’s unclassified network for sharing threat data. “With countless cybersecurity resources available, it can be hard to determine which are applicable to the wide-ranging work of secretaries of state,” said NASS President Paul Pate, who is also Iowa’s secretary of state. With 13 months until next year’s presidential election, states will be kicking their preparations into high gear. Read the guide here.


Your company should manage your cyber risk like any other risk

The best thing company boards can do is manage cybersecurity risk is to approach it like any other business risk. To be effective, there must be a working relationship between the boards and the CISO, where goals are aligned, strategy drives protection options, and the business plan gives leadership clear risk appetite choices. Douglas Ferguson, founder and CTO of Pharos Security, explains how this can be done inside your organization. Read the op-ed here.


What to learn from ransomware

The last four months have seen a financially motivated set of hackers use a tried and tested technique to deploy ransomware throughout victims’ networks, cybersecurity company FireEye said Tuesday. The new campaign mimics one from last year in which hackers used breached websites to deploy stealthy trojans posing as internet browser updates. The hackers were greedy: their demands are in the multi-millions of dollars. Their goal in some cases was to infect system “in mass with BitPaymer or DoppelPaymer ransomware,” the researchers said. “Ransomware proves that threat actors don’t need to get access to the most sensitive parts of your organization – they need to get access to the ones that will disrupt business processes.” Read the report here.


Guarding digital risk

Digital Shadows co-founder James Chappell talks with Greg Otto on understanding what digital risk means for enterprises across the world. Watch the video here.


Tweet Of The Day

Image

In our opinion, meatdata > metadata.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}