Leading the latest edition of the ISMG Security Report: President Trump has not authorized the National Security Agency to go after Russian election hackers at the source. Also, 23,000 digital certificates get revoked after their private keys get leaked.
In this report, you'll hear (click on player beneath image to listen):
- Russia's U.S. election meddling: Adm. Mike Rogers, NSA director and chief of U.S. Cyber Command, telling the Senate Armed Services Committee on Tuesday that the White House has not authorized the NSA to confront Russian election hacking at the source. "I believe that President Putin has clearly come to the conclusion there's little price to pay here and that therefore, I can continue this activity," Rogers said. But White House Press Secretary Sarah Sanders attempted to defect blame onto the Obama administration and claimed that the White House has been responding to Russia's interference and will continue to do so (see Russian Meddling: Trump Hasn't Ordered Direct NSA Response).
- Digital certificate revocation: Jeremy Kirk, ISMG managing editor for security and technology, reporting on a blame game between digital certificate reseller Trustico and certificate authority DigiCert that centers on a recent leak of 23,000 private keys (see Leak of 23,000 Private Keys Triggers Security Scramble).
- Deception technology: Anton Chuvakin, research vice president at advisory firm Gartner, describing how deception technology can be used to not only fool but also detect attackers moving laterally inside networks (see Deception Technology: Worth the Investment?).
The ISMG Security Report appears on this and other ISMG websites on Fridays. Don't miss the Feb. 16 and Feb. 23 editions, which respectively analyze U.S. intelligence chiefs warning Congress that Russia's information operations continue, and the Department of Justice indicts Russians for allegedly running an industrialized troll factory designed to influence U.S. politics.
The next ISMG Security Report will be posted on Friday, March 9.