Pete Recommends Weekly highlights on cyber security issues, March 6, 2022

Subject: Facebook, Instagram and Twitter limit ads over Russia’s invasion of Ukraine
Source: NPR via WHYY

Updated February 27, 2022: Facebook is blocking Russian state media from running ads on its platform anywhere in the world. The move comes after Russia said it would limit access to the giant social network in the country. Nathaniel Gleicher, head of security policy at Facebook, tweeted: “We are now prohibiting Russian state media from running ads or monetizing on our platform anywhere in the world.”Twitter, which banned advertising from state-controlled media in 2019, said on Friday that it was temporarily pausing all ads in Ukraine and Russia “to ensure critical public safety information is elevated and ads don’t detract from it. ”Meta, Facebook’s parent company, says the decision to bar Russian state media from making money on that platform as well as on Instagram comes in response to the invasion of Ukraine.”

Subject: How to make software supply chains resilient to cyber attacks
Source: VentureBeat

Consuming the unknown is exactly what IT departments do every day. They install software and updates on critical systems without knowing what’s inside or what it does. They trust their suppliers, but the thing that software suppliers don’t tell IT departments is they can’t be sure of all their upstream suppliers. Protecting all of the parts of a software supply chain, including those outside of IT’s control, is nearly impossible. Unfortunately, bad actors are taking full advantage of this large “attack surface” and scoring big wins in cyber breaches.

Quite obviously, attackers have figured out it’s far easier to hack software that people willingly install on thousands of systems than to hack each system individually. Software supply chain attacks increased by 300% from 2020 to 2021, according to an Argon Security report. This problem isn’t going away.

How could this happen?

There are two ways hackers attack software supply chains: They compromise software build tools or they compromise third-party components
A lot of focus has been placed on securing the source code repositories of build tools. Google’s proposed SLSA (Supply Chain Levels for Software Artifacts) framework allows organizations to benchmark how well they have “locked down” these systems.

Even if companies control their own build environments, the use of third-party components creates massive blind spots in software. Gone are the days when companies wrote a complete software package from scratch.

Subject: Elon Musk activates Starlink to help keep Ukraine’s internet up
Source: ZDNet

Russia’s invasion of Ukraine is targeting its internet as well along with its military and civilians. Help is on the way.With Russia’s invasion of Ukraine, Ukraine’s internet was sent staggering. Georgia Tech’s Internet Outage Detection and Analysis (IODA) project, which monitors the internet, reported serious outages in Ukraine starting late on February 23. In response to this and other internet attacks, Mykhailo Fedorov, Ukraine’s Vice Prime Minister and Minister of Digital Transformation, forlornly asked for help from SpaceX and Tesla billionaire Elon Musk. “We ask you to provide Ukraine with Starlink stations.” Musk’s response? “Starlink service is now active in Ukraine. More terminals en route.”…


Topics: Security | Cloud | Internet of Things | Data Centers

Subject: Fact checking the Russian attack on Ukraine
Source: Mashable via beSpacific

Mashable: “Even if you think you’re following reports from reputable sources, it’s still important to do your due diligence and fact check it yourself. Here are some pointers on how to do that…

Note – this article includes: Live Blogs, TV stations and several dozen Twitter accounts (by journalists, public figures, and Open-source intelligence (OSINT). If you can listen to and/or read foreign media posts, you will gain additional valuable insight into this escalating war.

Subject: Using mobile networks for cyber attacks as part of a warfare strategy
Source: Help Net Security

AdaptiveMobile Security published a research which highlights how vulnerabilities in mobile network infrastructure could be weaponized in offensive military operations.

“Malicious mobile network signalling attacks must be recognized as a state-level cyber threat to individual nations as well as to collective security, and an integral component of hybrid warfare”, says Cathal McDaid, CTO, AdaptiveMobile Security.

Subject: NIST wants help with guide for restoring industrial control systems after cyberattacks
Source: FedScoop

The National Institute of Standards and Technology is developing a Cybersecurity Practice Guide with steps for recovering equipment and restoring operations after cyberattacks on industrial control systems in manufacturing environments.The agency’s National Cybersecurity Center of Excellence (NCCoE) and Communications Technology Laboratory (CTL) want to show how to use commercial-off-the-shelf (COTS) technologies for cyber event reporting, log review, event analysis, incident handling and response, and eradication and recovery in a work cell mirroring the typical manufacturing process.

NIST says it wants industry feedback “to help refine the project scope.” The comment period opened this week and will close on April 14.

Recent cyberattacks have seen hackers use business systems and IT networks to access industrial control systems (ICS), which often require tailored cyber solutions because they rely on different types of hardware and software than office or household IT. The White House has highlighted ICS security as part of its push to protect U.S. manufacturing, utility companies and the supply chain for goods and services.


Posted in: Cybercrime, Cybersecurity, Open Source, Social Media