Risky Business #490 -- North Korea, "cyber norms" and diplomacy

The DPRK is the Soprano Family of APT groups...
14 Mar 2018 » Risky Business

On this week’s show we’re taking a look at how an acceleration in 24-carat bonkers state-sponsored hacking is leading to calls at senior levels of government for some actual norms to be established. We’ve got Russia hacking the planet with NotPetya, North Korea owning central banks and cryptocurrency exchanges, China owning the CCleaner supply chain and… well.. it’s all getting a bit much.

So in this week’s feature segment we’re going to zero in on one norm-breaking country, North Korea. We’ll hear from John Hultquist of FireEye and Adam Meyers of Crowdstrike on that.

As you’ll hear, countries like North Korea are pushing the limits of what they can get away with on the Internet and friendlier states are desperately trying to establish what the boundaries for good faith actors should actually be. We’ll hear from Australia’s cyber ambassador Tobias Feakin on that part of the discussion, courtesy of some audio gifted to the Risky Business podcast by Australian journalist James Riley. That’s a fun package and it’s coming up after the news.

This week’s sponsor interview is with Zane Lackey of Signal Sciences. Zane joins us to talk about a few things – how developer teams are increasingly making their own security decisions and how that’s actually a good thing… we’ll also talk about companies that have found themselves operating on multiple cloud platforms even though they didn’t plan for it.

Adam Boileau, as usual, is this week’s news guest.

We cover:

  • The AMD bugs
  • China’s tightening grip on security research
  • Slingshot APT
  • Christopher Wray’s mind bogglingly daffy comments on key escrow

The show notes/links are below, and you can follow Adam or Patrick on Twitter if that’s your thing.

Show notes

AMD allegedly has its own Spectre-like security flaws
China's government is keeping its security researchers from attending conferences
China's national vulnerability database is merely a tool for its intelligence agencies
China and Vulnerability Research – the grugq – Medium
Cyber-enabled information and influence operations—it’s not just Russia | The Strategist
How Dutch Police Took Over Hansa, a Top Dark Web Market | WIRED
Crypto Exchange Offers a $250,000 Bounty for Hacker Tip-Offs - Bloomberg
Victims can sue Yahoo for massive breaches, federal judge says
Potent malware that hid for six years spread through routers | Ars Technica
ISPs inside Turkey and Egypt spread FinFisher spyware in massive espionage campaign
The FBI Director thinks this company found an answer to 'going dark'
Feds Bust CEO Allegedly Selling Custom BlackBerry Phones to Sinaloa Drug Cartel - Motherboard
'Snitches Get Stitches': How Secure Phones for Criminals Are Sold on Instagram - Motherboard
Olympic Destroyer: A False Flag Confusion Bomb | Threatpost | The first stop for security news
Revenge Porn Moves to Slack - Motherboard
CCleaner Attackers Intended To Deploy Keylogger In Third Stage | Threatpost | The first stop for security news
Let’s Encrypt takes free “wildcard” certificates live | Ars Technica
Samba Patches Two Critical Vulnerabilities in Server Software | Threatpost | The first stop for security news
Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability
Any.Run - An Interactive Malware Analysis Tool - Is Now Open To The Public
Tobias Feakin, Cyber Ambassador - InnovationsAus.com
The Next-Gen Web Protection Platform - WAF And RASP | Signal Sciences