ISA is committed to keeping the security community up to date with the latest cybersecurity news.
Microsoft Response to COVID-19
Microsoft has released a new version of their Edge browser that includes two key features designed to help users during the COVID-19 pandemic. “Edge 83”, in beta release to customers starting May 20, features the ability to switch profiles automatically, simplifying the work-from-home experience many users are currently facing. With dynamic profile handling, if you are using a personal account through the browser, but then try to access a website or resource that is associated with your work account, your profile will be switched automatically to keep permissions and access in synch.
The Microsoft Defender SmartScreen feature has also been improved to help protect users from website “re-directs”, a common feature of spoofed websites or malicious links in phishing emails. A complete list of features and fixes in the new version was posted on Microsoft’s documentation website in advance of the beta release.
Development for Edge (and for Google’s “Chrome” browser) had new development “paused” in late March. In the early days of “shelter-in-place” policies and widespread office closures, the software companies sought to minimize customer disruption by not releasing new versions of the browsers during the pandemic, recognizing staffing challenges and the importance of reacting to security patches as quickly as possible. Consequently, Edge version 82 and Chrome version 82 were skipped, and the production versions of the browsers will jump directly from 81 to 83.
The beta launch of Edge’s security features comes on the heels of Microsoft’s May 14 announcement that they are publishing their COVID-19-related threat intelligence feeds for the use of the general public. According to a Microsoft blog post, while Microsoft Threat Protection (the cyber defense suite bundled for users of Microsoft 365) automatically includes the protections, Microsoft’s decision to freely publish the information was designed to “raise awareness of attackers’ shift in techniques, how to spot them, and how to enable your own custom hunting.” The post went on to advise that the threat indicators will be available to the general public in two ways: “They are available in the Azure Sentinel GitHub and through the Microsoft Graph Security API. For enterprise customers who use MISP for storing and sharing threat intelligence, these indicators can easily be consumed via a MISP feed.” Microsoft has indicated that the data will be made available throughout the COVID-19 pandemic as part of their Responding to COVID-19 Together initiative.
United Nations Warns of Increase in Cyberattacks
In her briefing in New York City on May 22, Izumi Nakamitsu, The UN’s High Representative for Disarmament Affairs, warned of an increase in cyber threats during the COVID-19 pandemic. Ms Nakamitsu’s presentation, entitled “Cyber Stability, Conflict Prevention and Capacity Building” quoted a September 2019 report on cyberattack frequency in the United States, telling the audience that an Information and Communication Technology (ICT) attack is made approximately every 39 seconds. But with rapid, significant increases in the use of “technological innovation and online collaboration”, a correspondingly dramatic spike in cyberattacks has been seen, with an estimated 600% increase in malicious emails during the crisis. Ms Nakamitsu expressed concern that some 90 of the 193 member nations of the UN are only “at the early stages” of making commitments to the global issue of cybersecurity
The news was not all bleak: Ms Nakamitsu was “very heartened” to see that many of the other member nations are recognizing and responding to the serious risks. She commented, “It is clear that an increasing number of States are beginning to recognize the urgency of the issue of ICTs and international security and are committing themselves to action. Greater awareness, recognition and acceptance of the normative framework is growing globally.” She reminded the attendees that there is a great deal of additional work remaining to be done before we have a robust, mature global ICT defense framework, and encouraged nations to set aside their differences to work together to address the “digital challenges” presented by cybercrime.
Online Simulations Help Raise Teen Cybersecurity Awareness
The UK’s National Crime Agency (NCA) and the Cyber Security Challenge UK organization have teamed up to provide high school students the opportunity to hone their cyber defense skills from home. A virtual city called Cyberland has been developed, and is facing a series of simulated cybersecurity threats. In response, students are provided a set of 16 interactive modules that will help save Cyberland from the cyber criminals. The modules teach teens the fundamentals of cybersecurity, ranging from firewall configuration, network design, password handling, and encryption. Cyberland is free to use until September 30, 2020.
The initiative fits well with the NCA’s mandate to reduce crime and protect the public, and with CSC’s extensive cybersecurity awareness programs and resources designed for teenagers.
Also in the UK, the National Cyber Security Centre (NCSC) announced the curriculum for its summer 2020 CyberFirst program on May 15. CyberFirst features a trio of educational bundles targeted at age ranges 14-15, 15-16, and 16-17. The instructor-led courses, running in two-week windows during the school holidays, are provided free of charge and promise to deliver cybersecurity tools, knowledge, and skills in a “fun and interesting way”. The sessions build from basic security concepts right through to preparing students for careers in the cyber field.
Similar interactive simulations are available in North America. The CyberStart Go program, sponsored by the SysAdmin, Audit, Network and Security (SANS) Institute, is a free site that introduces a variety of cyber awareness tests and challenges over the course of a 60-minute cyber obstacle course. The national championships for the “Girls Go CyberStart” competition just wrapped up on May 21. Thousands of young women in 276 teams from across the United States participated, with the WillistonWildhackers taking home top prize. SANS recently announced a UK version of the CyberStart Go program as well.
SANS has also developed virtual programming for more advanced cyber defenders. The institute launched a “capture the flag” style series of cybersecurity challenges to help technologists keep their skills sharp. Initially launched in March for a two-month run, the response to the challenges was so overwhelming that SANS announced on May 22 that they would be extending the activities through to the end of August. The SANS blog provides additional details: access is free, but a complimentary SANS account is required to enroll.