The “silly season” is upon us – when the bosses are on vacation, and media wretches have to come up with something to say even as the news goes on holiday. Cyber, it turns out, may have a silly season of its own.
This week I asked Tom Patterson, Chief Trust Officer of security giant Unisys, what he is reading for news — and his answer was “nothing” until the hype over DefCon and BlackHat settles down.
Patterson says those events produce theoretical demonstrations that are soon spun into too many fantastical, sky-is-falling scare stories. Want an example? Patterson said the panic over the hacking of Volkswagen keys is a prime example of something that is technically possible, but far from a real world problem.
What do you think, readers? Does Patterson sound like a “get off my lawn” kind of guy — or does he have a point about too much hype over hacking?
I came to share some of his sentiment this week when I reported on an alleged cyber-threat to the 2016 election. If you saw the story, it probably screamed something like this:
But when I dug into the story, the real threat of hackers hijacking the election turned out to be basically zero. For now, corrupt party bosses stuffing ballots are a bigger threat than a sinister cyber army. (I’m not the only one who found this – Bloomberg also described the threat as “highly unlikely“).
On the other hand, as our round-up reflects, there’s is serious stuff to worry about. If you want to, that is — for now, my worries center on the right amount of mint to muddle into my julep. Have a great weekend, readers. Robert will be back with next week’s newsletter.
Jeff John Roberts
Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my about.me), PGP encrypted email (see public key on my Keybase.io), Wickr, Signal, or however you (securely) prefer. Feedback welcome.
Russian hackers call Congress. Guccifer 2.0 is up to his old tricks, this time leaking the private cell phones and emails of nearly every Democrat in the House of Representatives. The hacker — who is almost certainly a front for the Russian military — appears bent on meddling with U.S. electoral politics. Expect more of this in coming weeks. (Politico)
Snapchat serious about security: Millennials’ favorite messaging app, seen by many as a rival to Facebook, has racked up some serious cyber gaffes in its short existence. But its “we’re hiring” booth at Black Hat shows Snapchat is growing up (ghost cupcakes notwithstanding) (Fortune)
Cyber stocks sinking? Those lackluster earnings keep on coming – after FireEye’s flop, it was CyberArk’s turn to disappoint. The spate of “meh” results led Jim Cramer to say cyber stocks have peaked and it’s time to move money elsewhere. (The Street)
Uh-oh, Oracle: The database giant confirmed it was the victim of a doozy of an attack carried out by (surprise!) Russian criminals. The breach is a bad one because it affects not just Oracle’s computers, but hundreds of its customers’ cash-register connected terminals. (Fortune)
And hackers had it in for Australia this week, hitting both its census records and its swimming website. Many are speculating the chaos comes from China, where folks got angry after an Australian swimmer called out a Chinese rival as a drug cheat who “pees purple.”
Share today’s Data Sheet with a friend:
Looking for previous Data Sheets? Click here.
Where do cyber-criminals start their assault? Robert has a helpful overview of four forums, including small businesses, from which they stage attacks.
Oftentimes, priority no. 1 for a hacker preparing to launch a cyberattack is finding a suitable launchpad. The goal: to obfuscate the origin of an attack. Read the rest on Fortune.com.
‘Trump’ Totally Beats ‘Clinton’ When It Comes to Email Scams by Jeff John Roberts
Uh-oh! Microsoft Leaks ‘Golden Keys’ to Windows Devices by Robert Hackett
ONE MORE THING
Apple just added a crazy new turn to the FBI encryption debate: A smart cyber consultant sums up Apple’s talk at Black Hat. He concludes the company’s use of an autonomous, cloud-based “crypto self-destruct” function means security may be up to the computers now. A mind-boggling read. (Lawfare)