Risky Business

Adam Boileau is along this week to discuss the week’s security news. We cover:

• NYTimes reports USA is getting all up in Russia’s grids
• Kremlin not happy
• CYBERCOM targets Iranian rocket control and APT crews
• TRITON attackers target US grid
• Turla completes hostile takeover of Oilrig
• Reuters publishes huge feature on Cloudhopper/APT10
• China pwns global telcos, targets key subscribers
• FVEY owns Yandex
• Tourists entering Xinjiang now have mobile malware installed at border
• Florida city governments having a bad time
• Much, much more!

This week’s edition of Risky Business is brought to you by Senetas. They make layer 2 encryption tech, but they’ve also got a content disarm and reconstruction play now, Votiro, as well as their safe file sharing platform SureDrop. But we’re sticking with encryption in this week’s sponsor interview. Senetas CTO Julian Fay will be along a bit later to talk about his trip to the International Crypto Module Conference. He’ll fill us in on what the agenda was there – lots of talk about quantum resistant crypto and also some talk about streamlining various certification regimes.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes U.S. Escalates Online Attacks on Russia’s Power Grid - The New York Times Kremlin Warns of Cyberwar After Report of U.S. Hacking Into Russian Power Grid - The New York Times The Highly Dangerous 'Triton' Hackers Have Probed the US Grid | WIRED US wants to isolate power grids with 'retro' technology to limit cyber-attacks | ZDNet Wait, What The Hell Is Going On With Huawei Now? | Gizmodo Australia The Legal Context for CYBERCOM’s Reported Operations Against Iran - Lawfare Iran executes ‘defence ministry contractor’ over spying for CIA Iranian Hackers Launch a New US-Targeted Campaign as Tensions Mount | WIRED Nation-sponsored hackers likely carried out hostile takeover of rival group’s servers | Ars Technica Stealing Clouds Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers — Krebs on Security Chinese spies have been sucking up call records at multinational telecoms, researchers say Exclusive: Western intelligence hacked 'Russia's Google' Yandex to spy on accounts - sources - Reuters China Is Forcing Tourists to Install Text-Stealing Malware at its Border - VICE Will Hurd’s Black Hat keynote nixed amid criticism of voting record A Florida city paid a $600,000 bitcoin ransom to hackers who took over its computers — and it's a massive alarm bell for the rest of the US | Business Insider Florida city fires IT employee after paying ransom demand last week | ZDNet Ryuk, Ryuk, Ryuk: Georgia’s courts hit by ransomware | Ars Technica Georgia courts (mostly) shrug off ransomware attack | Ars Technica Collections Firm Behind LabCorp, Quest Breaches Files for Bankruptcy — Krebs on Security Firefox zero-day was used in attack against Coinbase employees, not its users | ZDNet FTC settles with device maker D-Link, requires 'comprehensive' security effort Cellebrite Now Says It Can Unlock Any iPhone for Cops | WIRED Gift-card scheme went well beyond Wipro hack, RiskIQ reports Tracing the Supply Chain Attack on Android — Krebs on Security Fraudsters Spoof Blockchain.com to Steal $27M in Cryptocurrency Android Malware Bypasses 2FA by Stealing One-Time Passwords LTE flaws let hackers ‘easily’ spoof presidential alerts | TechCrunch NASA hacked because of unauthorized Raspberry Pi connected to its network | ZDNet Microsoft warns Azure customers of Exim worm | ZDNet