LPC: DigiCert to back Symantec unit buy with US$1.59bn loan

By Andrew Berlin

NEW YORK, Aug 15 (Reuters) – US internet security company
DigiCert’s banks have begun sounding out prospective investors
about the debt financing that will support the company’s
acquisition of Symantec’s web certification business, according
to four sources familiar with the matter.

The financing will total US$1.59bn and include a US$1.2bn
secured term loan with senior priority, a US$300m secured term
loan with junior priority and a US$90m revolving credit
facility, two of the sources said. UBS will lead a syndicate of
underwriters that includes Credit Suisse, Jefferies, Goldman
Sachs and Macquarie Group.

Private equity firm Thoma Bravo-owned DigiCert announced on
August 2 it will acquire the US software company’s website
security and public key infrastructure unit, which verifies the
authenticity of secure websites for web browsers.

The deal comes as Symantec faces scrutiny by Google and
other web browsers for the way it validates its web
certificates, Reuters has reported. The companies have been
negotiating since Google demanded changes to the web
certification segment’s technology and business practices in
order for its browser, Chrome, to continue honoring Symantec
certificates.

LOAN TERMS

As per the terms of the transaction, Symantec will receive
approximately US$950m of cash upfront and a 30% stake in the
equity of the new entity. The combined company will have an
enterprise value of US$4bn, two of the sources said.

Part of the proceeds will go toward refinancing Digicert’s
existing capital structure, which was placed in 2015 to back the
company’s leveraged buyout. Thoma Bravo will not contribute new
equity.

Credit Suisse, Jefferies and Thoma Bravo declined to
comment. UBS, Goldman Sachs, Macquarie and the company did not
respond to requests for comment.

Pricing is being discussed at 425bp-450bp over Libor with a
1% Libor floor and a 99 original issue discount (OID) for the
senior loan and 825bp-850bp over Libor with a 1% Libor floor and
a 98.5 OID for the junior tranche, the two sources said.

The combined company’s Ebitda, or earnings before interest,
taxes, depreciation and amortization, will be US$300m, the
sources added. Net of cash, DigiCert’s debt-to-Ebitda will stand
at three and a half times through the senior loan and four and a
half times total.

Marketing efforts will officially kick off after Labor Day.

DigiCert will not have audited financials from the carveout
of the Symantec business by the time syndication begins and
Moody’s Investors Service will not assign credit ratings until
they are available, one of the sources said. That could present
a challenge for some investors interested in participating in
the financing, such as Collateralized Loan Obligations, which
base their investment decisions on ratings from Moody’s and
Standard Poor’s.
(Reporting by Andrew Berlin; Editing By Michelle Sierra and
Lynn Adler)

Read the original article on Reuters. Copyright 2017. Follow Reuters on Twitter.

Article source: http://www.businessinsider.com/r-lpc-digicert-to-back-symantec-unit-buy-with-us159bn-loan-2017-8

Posted in Symantec | Comments Off on LPC: DigiCert to back Symantec unit buy with US$1.59bn loan

A Deep Flaw in Your Car Lets Hackers Shut Down Safety Features

Since two security researchers showed they could hijack a moving Jeep on a highway three years ago, both automakers and the cybersecurity industry have accepted that connected cars are as vulnerable to hacking as anything else linked to the internet. But one new car-hacking trick illustrates that while awareness helps, protection can be extremely complex. They’ve uncovered a vulnerability in vehicular internal networks that’s not only near-universal, but also can be exploited while bypassing the auto industry’s first attempts at anti-hacking mechanisms.

Security firm Trend Micro on Wednesday published a blog post highlighting a little-noticed automotive hacking technique it presented at the DIVMA security conference in Bonn, Germany last month, along with researchers at LinkLayer Labs and the Polytechnic University of Milan. Their work points to a fundamental security issue in the CAN protocol that car components use to communicate and send commands to one another within the car’s network, one that would allow a hacker who accesses the car’s internals to shut off key automated components, including safety mechanisms.

“You could disable the air bags, the anti-lock brakes, or the door locks, and steal the car,” says Federico Maggi, one of the Trend Micro researchers who authored the paper. Maggi says the attack is stealthier than previous attempts, foiling even the few intrusion detection systems some hardware makers like Argus and NNG have promoted as a way to head off car hacking threats. “It’s practically impossible to detect at the moment with current technology,” he says.

    More Car Hacks

  • Just a Pair of These $11 Radio Gadgets Can Steal a Car

  • Hackers Remotely Kill a Jeep on the Highway—With Me in It

  • Android Phone Hacks Could Unlock Millions of Cars

The researchers’ attack is far from a practical threat to cars on the road today. It’s a “denial of service” attack that turns off components, not one that hijacks them to take over basic driving functions like accelerating, braking, or steering as the Jeep hackers did in 2015, or Chinese hackers working for Tencent more recently achieved with a Tesla. And it’s not a fully “remote” attack: It requires the hacker to already have initial access to the car’s network—say, via another vulnerability in its infotainment system’s Wi-Fi or cellular connection, or via an insecure gadget plugged into the OBD port under its dashboard.

Instead, the attack represents an incremental advance in the still-theoretical cat-and-mouse game between the automotive industry and vehicle hackers. “It doesn’t depend on a specific vulnerability in some piece of software,” says Maggi. “It’s a vulnerability in the design of the CAN standard itself.”

Autoimmune

That CAN vulnerability works a bit like an autoimmune disease that causes a human body to attack its own organs. Unlike previous car-hacking techniques, the researchers’ attack doesn’t take over components on a car’s internal network and then use it to spoof entirely new “frames,” the basic units of communication sent among parts of a car’s CAN network. Instead, it waits for a target component to send one of those frames, and then sends its own at the same time with a single corrupted bit that overrides the correct bit in the original frame. When the target component sees that it’s sent an incorrect bit, the CAN protocol requires that it issue an error message “recalling” that faulty message. Repeat the attack enough times—car components tend to frequently exchange messages—and those repeated error message trick the component into telling the rest of the network that it’s defective, and cutting itself off from further communication.

That autoimmune attack, the researchers say, is far harder to detect, and easily circumvents existing intrusion detection systems that look for the anomalous frames that represent malicious communication within a car’s network. Automotive security researcher Charlie Miller, who along with fellow researcher Chris Valasek hacked a Jeep in 2015 and designed an intrusion detection module they say would have prevented their own attack, acknowledged on Twitter Wednesday that the attack does represent a new advance in defeating car hacking defenses. “If you are designing CAN bus IDS…this is something that you need to plan for now.” He added, though, that an intrusion detection system written by someone who knows about the researchers’ trick could defeat it. “It is hard to defend against, but is certainly detectable.”

But even if an IDS looked for error messages as a sign of an attack, Maggi says, an attacker could randomize the pattern of error messages to make that detection more difficult. And those errors are also tough to distinguish from actual malfunctioning components, he warns. “IDSes will really have to change how they work,” says Miller, who recently joined GM’s autonomous vehicle startup Cruise. “And in the end, I’m not really sure they’ll be able to distinguish between an attack and a faulty component.” He suggests that carmakers’ best defense instead is to segment their networks to isolate critical safety components from ones that might be accessible to hackers, and even to consider adding a layer of encryption to the CAN protocol to make messages more difficult to mimic.

Miles To Go

WIRED reached out to both Argus and NGG, whose defense tools the researchers’ write they could bypass with their attack. NGG didn’t immediately respond, but Argus CTO Yaron Galula claimed in a written statement that Argus was already aware of the researchers’ attack, while pointing to much earlier CAN attack research from 2014 Yalula added that the company’s IDS system “was designed to detect many types of attacks, including attacks that target security gaps inherent in the design of the CAN bus. Its ability to detect this attack and many others has been demonstrated in multiple studies with vehicle manufacturers, their suppliers, and third-party research centers.”

Regardless, don’t expect any real-world hackers to implement the researchers’ IDS-bypassing attack any time soon. Beyond vehicle thefts, hackers haven’t set their sights on cars in any known attacks yet. And even Miller, who has repeatedly warned of the risks of automotive hacking, writes he’d “be surprised to see this in practice.” The Department of Homeland Security’s Computer Emergency Response Team issued an alert about the vulnerability late last month, but noted that it required “extensive knowledge of CAN” to pull off.

But as cars become more connected and automated, car hacking becomes an increasingly realistic and serious threat. And before it does, attacks like Trend Micro’s hint at how deeply automakers may need to rework their cars’ innards in order to protect them.

Article source: https://www.wired.com/story/car-hack-shut-down-safety-features/

Posted in Trend Micro | Comments Off on A Deep Flaw in Your Car Lets Hackers Shut Down Safety Features

Claims resurface that Kaspersky helped Russian intelligence

Video: Is Russia using hacking and misinformation to disrupt Western nations?

Once more, the Russian antivirus and security company Kaspersky Lab is accused of working closely with Russia’s main intelligence agency, the FSB.

Kaspersky replies, “Regardless of how the facts are misconstrued to fit in with a hypothetical, false theory, Kaspersky Lab, and its executives, do not have inappropriate ties with any government. The company does regularly work with governments and law enforcement agencies around the world with the sole purpose of fighting cybercrime.”

In this latest go-around, Bloomberg Businessweek reports it has emails from October 2009, between Eugene Kaspersky and his senior staff describing a secret project for “the Lubyanka side,” a reference to the FSB offices.

Bloomberg says that Kaspersky has confirmed the emails are authentic. Kaspersky denies this.

A Kaspersky representative said, “Kaspersky Lab never confirmed the emails the media outlet claims to have are authentic, as the media outlet refused to share them with the company for validation to protect an anonymous source; however, the archives were thoroughly searched for any document they might be referring to, and an internal email that contains routine business chatter regarding product development may be the document the publication is referencing.”

These emails are about distributed denial-of-service (DDoS) protection. Besides defending against DDoS attacks it would include working with internet providers to identify attackers and “active countermeasures.”

Kaspersky clarified that it “does not cooperate with hosting companies to locate bad actors, and cooperation with hosting providers in an anti-DDoS context means working with a hosting provider to block an attack on their level, before malicious traffic reaches the attacked web resource.

“This happens when the company experts understand that potential sources of the attack are located in particular data centers,” the company said.

The article claims that these active countermeasures included providing “the FSB with real-time intelligence on the hackers’ location and sends experts to accompany the FSB and Russian police when they conduct raids.”

The company replied to this, “Kaspersky Lab assists law enforcement agencies around the world with fighting cyber-threats, including those in Russia, by providing cybersecurity expertise on malware and cyber-attacks. When assisting in official Russian cybercrime investigations, in accordance with Russian law, we only provide technical expertise throughout the investigation to help them catch cyber-criminals. Concerning raids and physically catching cyber-criminals, Kaspersky Lab might ride along to examine any digital evidence found, but that is the extent of our participation.”

Kaspersky noted that it helps law enforcement agencies worldwide to fight malware and cyber-attacks.

One person accused of going on these raids was Ruslan Stoyanov, an anti-DDoS programmer. Stoyanov has since been arrested for treason. He was accused of passing state secrets to Verisign and other US-based companies — though, Stoyanov was not working for Kaspersky at that time.

While the US government has no evidence connecting Kaspersky to Russia’s spy agencies, the antivirus maker and security giant has been attacked as being unsafe for American use.

In May 2017, Sen. Marco Rubio (R-FL) directly asked six US security officials whether they’d authorize Kaspersky software on their networks; all six replied no. And, last month, a proposal to ban the US military from using Kaspersky’s products was brought before Congress out of concern they “might be vulnerable to Russian government influence.”

Even people who don’t use Kaspersky’s well-regarded antivirus application may be using their software.

Companies such as Cisco, Juniper, and CheckPoint are all Kaspersky partners. Even Microsoft, which had fought with Kaspersky over how it handled antivirus programs in Windows 10, recently made peace.

Related stories:

Article source: http://www.zdnet.com/article/claims-kaspersky-works-with-russian-intelligence-resurface/

Posted in Kaspersky | Comments Off on Claims resurface that Kaspersky helped Russian intelligence