The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and US Cyber Command yesterday issued an alert detailing tactics, techniques, and procedures used by North Korea’s Kimsuky group, a cyberespionage unit of Pyongyang’s Hidden Cobra outfit. Kimsuky uses spearphishing, waterholing, and other social engineering techniques to compromise two distinct target sets: on the one hand think tanks and subject matter experts who deal with Korean affairs, and on the other cryptocurrency organizations. Thus Kimsuky’s remit extends to both traditional espionage and to revenue-generating cybercrime.
CISA Director Krebs has been tweeting advice and reassurance about election security in the few remaining days before voting concludes on Tuesday. Among the points he makes is that website defacements like the one the Trump campaign briefly sustained (apparently, TechCrunch says, at the hands of alt-coin scammers) are just petty larceny noise, of very little consequence.
The Wall Street Journal, citing Facebook, says that with respect to election interference, appearance is more important than reality. (You don’t have to actually have hacked anything to have an effect, as long as people think you did.)
Big Tech begins its latest round of appearances before the US Senate today. Forbes predicts “a lousy day” for Facebook’s Zuckerberg and Twitter’s Dorsey.
There’s been another guilty plea in the cyberstalking case involving people who formerly worked for eBay. Reuters reports that Philip Cooke, who’d been a supervisor of security operations at eBay’s European and Asian offices, entered a guilty plea to conspiracy charges of cyberstalking and witness tampering.