Analysis | Craig of Craigslist wants to mobilize citizens in the cyber fight


Welcome to Cybersecurity 202! I’m back at the helm after a nice break, including a restorative week in Puerto Rico. Piña coladas and mofongo should definitely play a bigger role in my life. Many thanks to Aaron, Cat and Tatum for responding. Hit me up with cyber news and tips here or at Twitter.

Below: Senior European officials have been targeted by NSO spyware, and US officials fear further Russian interference in the election.

Ordinary Americans can mount ‘civilian cyber defense’

Philanthropist Craig Newmark wants the United States to step up to improve cybersecurity the same way it did to fight World War II.

Craigslist founder donates $50 million to what he called a ‘civilian cyber defense’ effort aimed at broadly raising cybersecurity standards for small businesses and ordinary American citizens. Axios first reported on grants here.

The concept was inspired by people who didn’t join the military in World War II, but contributed to the war effort by working in armament factories, scouring the coasts for sub- German sailors and planting victory gardens. Ordinary Americans could make a similar effort to protect themselves, their businesses and their families from hackers – but they are often blocked because the cybersecurity tools are too complicated to use or it is not clear which are useful and which are snake oil.

Details: Funding will be aiming broadly creating and promoting easy-to-use cybersecurity tools for the average citizen, pushing companies to make technology safer by default, and publishing verified information about the safest products.

The effort comes as government and big business have made great strides in improving cyber protections for their most critical systems — but those improvements haven’t always filtered down to the general public.

“My hidden agenda is to get the entire American public to play their part in cybersecurity because we’re under attack on American soil,” Newmark told me in an interview. “If you have the skills to stand up, you should. … Everyone has to stand up and play their part, just like we were all supposed to play our part in World War II.

Funding recipients include:

  • The Global Cyber ​​Alliancewhich has developed free tools aimed at improving the cybersecurity of ordinary citizens in the United States and elsewhere.
  • consumer reportswho works on expansion its product evaluation work includes sharing clear information about product cyber protections.
  • The Institute for Security and Technologywho has directed the efforts to make small businesses more resilient to ransomware attacks.

A key objective for grants: Determine which consumer cyber tools are actually useful.

It can be difficult even for people with a lot of training and resources to understand. Newmark told me he wasn’t even sure some of the tools he uses were the best, despite his background as an extremely successful software engineer.

“I will work with people to find out which tools can be recommended in good faith. And then I’m going to talk about it loud, ”he said.

Here are more Phil Reitinger, president of the Global Cyber ​​Alliance: “We in the industry and across the tech spectrum haven’t made it easy for people,” Reitinger told me. “There are ways for powerful people with lots of resources to do what they need to do, but it’s not that easy for most people.”

Reitinger declined to give a detailed explanation of what GCA will do with its share of civilian cyber defense funding, but said he expects to release details in a few weeks.

Another key objective: Educate citizens about the magnitude of the threat and what they can do to protect themselves.

Newmark compared this to the “why we fight” videos produced during the Second World War by the famous director Frank Capra.

“Our country is under attack,” Newmark said. “If you can play a part, do it. And we will empower people to do it. It’s time to defend the country. »

Ciao amici: Newmark spoke to me while visiting Florence, Italy, between a motorbike tour of the city and a nice dinner. (Next by Stanley Tucci tipssays Newmark, he recommends the Florentine steak).

Newmark and his wife during their motorcycle tour:

Ukraine closed an alleged hack of a Russian energy company

The Ukrainian government’s cyber defense agency blocked efforts by a Kremlin hacking group to shut down electrical substations late last week, the agency said in a statement. Release this morning.

“The attackers’ intention was to disable several infrastructure elements of the object of attack, namely: electrical substations using the Industroyer2 malware,” officials said. Hackers first compromised electrical systems in February, officials said. Cybersecurity firm ESET helped remove attackers from Ukrainian systems and released a blog post this morning about the effort.

Top European officials targeted by NSO spyware

European Union Justice Commissioner Didier Reynders and four European Commission staff were targeted last year, Raphael Satter and Christopher Bing of Reuters report. The revelation comes a week before the planned launch of a European Parliament inquiry committee investigating the use of Pegasus spyware from NSO.

NSO told Reuters it was not responsible and that such targeting “could not have happened with NSO’s tools”.

  • NSO formally petitioned the U.S. Supreme Court to recognize him as an agent of a foreign government and grant him sovereign immunity, the Associated pressby Joseph Federman reports. This would limit lawsuits against the company in the United States. WhatsApp, which sued the company in 2019, said “there is no reason for the Supreme Court to hear their last ditch attempt to avoid liability”.
  • A judge has blocked an attempt by Berkeley Research Group, which manages NSO’s proprietary fund, to seek an injunction against two former fund managers who want to end Berkeley’s management role, Kaye Wiggins of FinancialTimes reports.

US officials fear Putin could step up election interference

The Russian president could decide to launch disruptive cyberattacks against US election infrastructure, which would be a step beyond previous election interference campaigns, according to four people familiar with recent US intelligence assessments. Told CNN. There is no evidence that Putin decided to make such a move in the wake of Russia’s war with Ukraine.

“We have no direct information that Russia is seeking to target state, local or electoral systems more directly than before, but we certainly anticipate that possibility,” a US official told CNN. “We will continue to actively share any information about the increased threats with state and local authorities as we receive it.”

Kremlin hackers penetrated some US voter rolls ahead of the 2016 election, US intelligence agencies have determined, but there is no evidence they tampered with votes.

Hackers Strike Panasonic Again

The Japanese tech giant’s Canadian operations were hit by the latest “targeted cybersecurity attack” in February, Tech Crunchby Carly Page reports. It comes months after the company said hackers stole the personal data of job applicants and trainees in a cyberattack in November. Pirates too published information from Panasonic’s Indian subsidiary in 2020 after launching a ransomware hack.

The Conti ransomware gang reportedly claimed responsibility for the latest cyberattack. Panasonic has not disputed that it was hit by ransomware at the request of TechCrunch. The cyberattack only affected the company’s operations in Canada, he said.

Federal prosecutors are pursuing a suspected Russian hacker who mistakenly handed over documents unrelated to the case, lawyer says (CyberScoop)

Google sues alleged scam site operator who ran fake Basset Hound puppy mill (The Record)

Hackers use leaked Conti ransomware to attack Russian companies (Bleeping Computer)

Pinellas Park man stole nearly $600,000 in cryptocurrency, police say (Tampa Bay Times)

US extradites man who allegedly sold hijacked phones to FBI (Motherboard)

How a Trump ally got his baseless audit of the voting machine in front of federal cyber cops (Politico)

Lawmakers are asking the Energy Department to take the lead on the sector’s digital security (The Record)

Substack deploys two-factor authentication for users (Zero Day)

Open source leader urges strict FCC enforcement of routing security (NextGov)

  • Taniel Koushakjianthe managing director of BreakThru Strategies, joined Offensive Security as director of government affairs.
  • National Cyber ​​Director Chris Inglis speak at the IAPP Global Privacy Summit today at 2:30 p.m.
  • Senior Deputy Director of National Intelligence Stacey A. Dixon speak at the Center for Strategic and International Studies on Wednesday noon.
  • Director of the Agency for Cybersecurity and Infrastructure Security jen easter speak at the IAPP Global Privacy Summit on Wednesday at 1:30 p.m.
  • Director of the CIA William J. Burns speak at the Georgia Institute of Technology on Thursdays at 11 a.m.
  • Wayne Law’s Voting Rights and Election Law Society and Wayne Law’s Levin Center host an event on best practices for election audits on Thursday at 12:15 p.m.

Pro Tip: You can skip the line by getting some piña coladas Barracina Restaurantpresumed birthplace of the drink. Thanks for reading. Until tomorrow.

#Analysis #Craig #Craigslist #mobilize #citizens #cyber #fight

Related Articles

Back to top button