Newsletters

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Interesting — but not conclusive — reporting suggests that a destructive cyber incident targeting satellite communications provider ViaSat was aimed at disrupting Ukrainian military communications.

ViaSat suffered network outages on 24 February — the same day as the invasion of Ukraine — on KA-SAT spot beams servicing Eastern Europe including Ukraine. The outages had effects beyond Ukraine, including disconnecting 5,800 wind turbines in Germany from their monitoring system and also affected other customers in Germany, France, Hungary, Greece, Italy and Poland.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

There is no evidence that cyber operations have been used effectively in support of conventional military action in Russia's invasion of Ukraine, but the resulting chaos in the cybers is still making life interesting.

There have been many incidents affecting Ukrainian interests that are likely state-directed in support of Russia:

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Servers that host data for the International Committee of the Red Cross's (ICRC) Restoring Family Links service were breached in January. The service reunites families and individuals separated by conflict and disaster and the details of the more than half a million people using the service are likely to have been stolen. Who was responsible? And why?

We mentioned this hack briefly two weeks ago when the US State Department warned that it was a "dangerous development" that "harmed the global humanitarian network’s ability to locate missing people and reconnect families".

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The leader of the Lurk hacking group, Konstanin Kozlovsky, was sentenced to 14 years in prison in a Yekaterinburg court this week.

At first glance this appears to be more evidence Russia is getting serious about cybercrime. Lurk was a professionally run group that managed to steal USD$45m before most of its members were arrested in 2016. But the history is, err, complicated. Kozlovsky's claims link him to world-changing hacks, criminal activity and treason.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The US Department of Homeland Security has officially established the Cyber Safety Review Board (CSRB), with its first task to be a review of the Log4j vulnerability and responses to it.

The new organisation is tasked with reviewing cyber security incidents, establishing root causes and providing recommendations to improve security. This CSRB concept is comparable to the NTSB, which investigates civil aviation accidents in the US and issues safety recommendations aimed at preventing future disasters.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

A Citizen Lab report into the official Beijing Winter Olympics app has triggered a flurry of over-the-top news articles about privacy risks to those attending the games. It's true there are risks to the privacy and digital security of games attendees, but a poorly constructed event app is pretty low on the list of things to worry about.

The My 2022 app provides a wide range of functions including voice and text chat, weather updates, translation services, navigation and Covid-19 health monitoring. According to Citizen Lab's report, installation of the app is "mandated" for attendees. Other reputable sources say attendees can use a web portal to submit their health information if they don't want to install it on their device. So… not mandatory.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Cyber operations will play a role in a (god forbid) Russian invasion of Ukraine, but let's be clear: cyber war is Not a Thing.

Offensive cyber operations (those that degrade, deny, disrupt, destroy or manipulate) can at times be a force multiplier or achieve something you couldn't with conventional military force, but they simply can't replace the brutal consequences of blowing something up or killing people.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The newsletter will be taking a break and the next edition will be 27 January.

End-to-end encrypted (E2EE) messaging app Signal has rolled out a worldwide beta integration with MobileCoin, an anonymity-enhanced cryptocurrency (AEC). We expect this will result in an avalanche of legal and regulatory challenges.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

Welcome back to the first edition of 2022! This edition highlights some of the themes we expect will be important over the coming year — surveillance and exploit dev for hire, ransomware, and supply chain security and resiliency.

Public discussion of mobile exploit and malware developers has so far focussed on a small number of companies (and NSO Group in particular), but this will change in 2022.

Your weekly dose of Seriously Risky Business news is written by Tom Uren, edited by Patrick Gray and supported by the Cyber Initiative at the Hewlett Foundation, AustCyber and founding corporate sponsors CyberCX and Proofpoint.

The vulnerability disclosed in the Java Log4j logging library last week is, to put it mildly, quite bad. It also proves we need to pay more attention to little-known but pervasive software in the open source supply chain.

First, let's talk about the actual vulnerability.