Welcome to Codebook, the cybersecurity newsletter that goes down smooth.
Situational awareness: The Department of Justice will host a conference Friday on lawful access to data, an attempt to relaunch the encryption debate.
Today's Smart Brevity: 1,401 words, 5-minute read
Illustration: Sarah Grillo/Axios
A growing industry of commercial disinformation services based in countries like Russia and the Philippines may seem like more of a threat abroad than here in the U.S. After all, could untrained Russian criminals have the language skills, local contacts and cultural background to influence an English language conversation half a world away?
Yes. They can and they do.
Driving the news: A new report from the security firm Recorded Future documents two campaigns that it paid Russian-speaking, dark web propagandists-for-hire to run.
What they're saying: "Troublingly, we realized the process was quite easy," said Roman Sannikov, one of the researchers behind the report.
Disinformation-as-a-service providers — rentable, private-sector contractors providing full-service disinformation for anybody who can pay for it — have claimed to operate in English-speaking countries before. But the Recorded Future report appears to be the first time such activity in an English-speaking country has been documented by a third party.
The big picture: National boundaries and linguistic barriers did not hinder the two campaigns Recorded Future set up.
Codebook has discussed some of the implications of these commercial disinformation services in the past — namely, that no U.S. law would prevent a political campaign from contracting one to run a disinformation campaign on its behalf.
The bottom line: "A lot of the focus has been from the public side — impacting elections or law enforcement — as it should be," said Sannikov. "But we think that there hasn’t been as much discussion of the private sector as they could be."
Countries using cyber means to dissuade activists or surveil dissidents is no new phenomenon — there's a whole industry built to sell governments the tools to do so. But several new instances of governments spying on their people were uncovered this week.
Egyptian security forces surveilled opposition politicians, journalists, lawyers and academics, according to a new report by Check Point, first reported in the New York Times.
Uzbek cyber operatives are now developing their own malware, after years of using commercial malware products for surveillance, according to a presentation given by Kaspersky's Brian Bartholomew at the Virus Bulletin conference in London (summarized here by CyberScoop).
The Iraqi government appeared to cut internet connectivity within the country on Wednesday in an apparent attempt to quell protestors, according to connectivity monitor NetBlocks. That came after NetBlocks reported earlier in the day that access to major social media networks Facebook, Twitter and WhatsApp had been blocked.
Silent Starling, a West African criminal group newly discovered and named by Agari, is using a technique known as vendor email compromise to scam entire supply chains.
The big picture: Vendor email compromise involves an attacker hacking the email account of one company's employee to send phishing emails to all the vendors that the company uses. It's a particularly nasty version of business email compromise.
There's plenty of announcements, conferences and other festivities planned throughout October, the 16th annual National Cybersecurity Awareness Month.
Just a sampling:
And the best part about National Cybersecurity Awareness Month is that once November hits, you can go back to being cybersecurity ignorant.
The security industry's largest threat information sharing group, the Cyber Threat Alliance, announced that 3 new companies — K7 Computing, Scitum and Verizon — would join the fold Thursday.
Why it matters: The goal of CTA is to pool the resources of the industry for collective defense against the bad guys. The new adds, particularly mammoth service provider Verizon, bring tremendous new data to fuel that mission.
Tom Bossert. Photo: Saul Loeb/AFP/Getty Images
White House cyber controversies spin out of control (Axios, Washington Post): Days after a memo of a conversation with the president of Ukraine showed President Trump continuing to subscribe to an easily debunkable conspiracy theory about the cybersecurity firm CrowdStrike, former homeland security adviser Tom Bossert told ABC News he debunked that point directly to the president.
Urgent11 gets urgent-er (Armis): Urgent11, a recently discovered set of vulnerabilities in the VxWorks operating system, impacts a number of previously unreported devices using different operating systems, according to a new alert.
MasterMana "hits all of the cyber bingo buzzwords" (Prevailion): At least, that's according to a report from Prevailion, which lists the bingo buzzwords as "business email compromise, backdoors, and cryptocurrency wallets."
We'll be back next week. Promise.
Improbable Codebook reader pick the Cleveland Browns looked like a real football team in a 40-25 win over a very good Ravens squad. And if the faith of the Codebook faithful isn't motivation enough for the Factory of Sadness, maybe they'll try extra hard to win fans free Arby's curly fries.