Alien Eye in the Sky 18th May, 2017

MalBot · May 19, 2017, 2:45pm

WannaCry

We should start by addressing the elephant in the room. In the past week WannaCry has dominated the news and still looks to be the topic on the tips of everyone’s tongues.

There’s probably not much to add without repeating much of what has already been said.

SOCs are maturing, but need more automation

According to a new SANS survey, it appears as if security operation centres (SOCs) are getting better.

The survey indicates that SOCs need more automation, particularly for prevention and detection.

There are two sides to automation. One part is to understand the workflows that are needed, in other words what is the playbook to follow once certain events occur. The second part is around having technology that is tightly integrated so that the automation can occur across the IT stack. Neglecting one at the cost of the other can greatly reduce effectiveness.

Data keeps getting stolen

Getting media attention when there’s a data breach is a great thing. However, some days it feels as if fatigue has set in and breaches are reported and shoulders are shrugged as if it was a normal an occurrence as the bus being late.

Despite growing regulation, and better technologies, companies seem to repeat the same errors repeatedly, resulting in huge data losses.

Such as the case of a hacker that stole millions of users accounts from education platform Edmodo, which includes usernames, email addresses, and password hashes.

But even that pales in comparison to where breaches can affect entire countries. With reports of Indian biometric system data being leaked that could impact over 130m people.

GDPR

Before WannaCry hijacked all security conversations this past week, GDPR has remained a popular topic. While it is good to see awareness of the upcoming regulation, it also invites a lot of uninformed commentary. Many claims are made about the implications, and frankly hijacking the conversation to suit an InfoSec and technology narrative.

GDPR rubbish

Artificial Intelligence

AI continues to be touted and discussed wide and far, with many potentially interesting security applications.

Apple acquired a data mining and machine learning company called Lattice.io at an estimated cost of $175m

In the UK, AI is being used to determine which criminals will get bail. Working with academics, Durham Constabulary has developed HART (Harm Assessment Risk Tool) an algorithm that analyses crime data and predicts whether an arrested suspect is likely to pose a risk if released from custody.

An algorithm is replacing bail hearings in New Jersey

United Flight Attendant Accidentally Leaked Door Codes Online

This is an interesting story after a flight attendant posted door codes to the flight deck online. It probably poses some additional questions, such as, whether all cockpits share the same codes, are the codes ever changed? When airline staff retire, leave, or are fired – do they change the codes? It’s all very confusing.

Insider trading

I hacked the law, and made millions by insider trading. OK, so maybe that’s not quite as catchy as the song, but law firms are a treasure trove of data. As hackers broke into prominent NY-based law firms obtained sensitive plans for upcoming mergers, acquisitions, and used the information to make money trading shares using non-public information.

Their spree was short-lived though, as the alleged hackers have been fined $9m. Proving that in this case, crime didn’t pay. But it’s not just law firms that need to remain vigilant. PR agencies, accountants, consultancies, and all firms in between need to be wary of the value of their clients data and ensure appropriate security controls are put in place – not just to protect the data, but also to be able to quickly detect any breaches.

Article Link: http://feeds.feedblitz.com/~/326235370/0/alienvault-blogs~Alien-Eye-in-the-Sky-th-May