IT Security News Blast 1-20-2017

How to Outsource Security Services: Tips for Small Businesses

Considering the sophisticated cyber-attacks which SMBs may face, it’s not particularly practical to form an IT team to monitor the network and keep an eye on regular employees’ activities. However, it may be very costly for small companies to employ in-house specialists, and often they opt for looking an experienced outside provider of security services that will meet all the business needs. However, there are pros and cons for this activity.

https://www.infosecurity-magazine.com/opinions/outsource-security-services-tips/

MSPs see cyber security as clients’ most ‘important’ issue in 2017 – survey

“It’s imperative that MSPs do more than just ‘check off’ a service-offering box to capture the full market potential that is present and will continue to grow within the SMB market,” the report notes. “Any MSP that doesn’t continually expand their service offerings, find ways to work more efficiently (either by better staff training or more advanced technology solutions) and better communicate the value they deliver to their clients, can rest assured that their competition certainly will.” Examples of common services of high-growth MSPs are 24×7 NOC services (47 percent of high-growth MSPs versus 27 percent of lower-growth MSPs) and backup and disaster recovery.

http://www.channelnomics.com/channelnomics-us/analysis/3002462/msps-see-cyber-security-as-clients-most-important-issue-in-2017-survey

SMB security lacks board-level awareness and BYOD provision, says Streamwire

“SMBs [have] become highly susceptible to cyber breaches as hackers face less resistance in compromising systems and stealing valuable data. Increasing understanding throughout the hierarchy of an organisation and avoiding relying exclusively on outsourcing their security to a third-party can offer an initial stepping stone in improving cyber security in 2017.” […] “Cyber security is an issue that is here to stay and addressing SMBs innovative approaches to businesses will play a significant role in helping increase confidence in cyber security.”

http://www.computing.co.uk/ctg/news/3002898/smb-security-lacks-board-level-awareness-and-byod-provision-says-streamwire

Cybersecurity in the Internet of Things is a game of incentives

New cybersecurity devices are part of the solution, but standards set out by government agencies also will play a role. As the technologies continue to evolve, policymakers should be careful not to construct restrictive regulatory regimes, while seeking out ways to reward security-conscious products with certifications, promote the adoption of cyber insurance, encourage firms to share information about potential threats, and to develop and adopt best practices voluntarily.

http://thehill.com/blogs/pundits-blog/technology/314915-cybersecurity-in-the-internet-of-things-is-a-game-of-incentives

Insurer Slapped with $2.2 Million HIPAA Settlement

“OCR’s investigation revealed MAPFRE’s noncompliance with the HIPAA rules, specifically, a failure to conduct its risk analysis and implement risk management plans, contrary to its prior representations, and a failure to deploy encryption or an equivalent alternative measure on its laptops and removable storage media until September 1, 2014,” OCR notes. “MAPFRE also failed to implement or delayed implementing other corrective measures it informed OCR it would undertake.”

http://www.careersinfosecurity.com/insurer-slapped-22-million-hipaa-settlement-a-9643

Attackers start wiping data from CouchDB and Hadoop databases

According to Merrigan’s latest count, 126 Hadoop instances have been wiped so far. The number of victims is likely to increase because there are thousands of Hadoop deployments accessible from the internet — although it’s hard to say how many are vulnerable. The attacks against MongoDB and Elasticsearch followed a similar pattern. The number of MongoDB victims jumped from hundreds to thousands in a matter of hours and to tens of thousands within a week. The latest count puts the number of wiped MongoDB databases at more than 34,000 and that of deleted Elasticsearch clusters at more than 4,600.

http://www.csoonline.com/article/3159534/security/attackers-start-wiping-data-from-couchdb-and-hadoop-databases.html

What cyber can learn from counterterrorism

Speaking at the Aspen Institute in Washington, Lisa Monaco said the U.S. has developed a whole set of tools and policy frameworks to counter the terrorism threat and those policies have become increasingly clear to adversaries. […] The challenge, Monaco said, is striking a balance between being transparent to that adversaries know they will face consequences for malicious acts without revealing too much about policies and actions that would enable adversaries to counter any actions.

https://fcw.com/articles/2017/01/13/carberry-ct-cyber-monaco.aspx

ProtonMail Gets Own Tor-Accessible .Onion Hidden Service

The main goal of launching the hidden service, Yen claims, is a means to make the service more resistant to censorship and surveillance. “Tor applies extra encryption layers on top of your connection, making it more difficult for an advanced attacker to perform a man-in-the-middle attack on your connection to us. Tor also makes your connections to ProtonMail anonymous as we will not be able to see the true IP address of your connection to ProtonMail,” Yen wrote.

https://threatpost.com/protonmail-gets-own-tor-accessible-onion-hidden-service/123192/

St. Louis’ public library computers hacked for ransom

According to the library, hackers demanded $35,000 in the electronic currency Bitcoin — but the library refuses to pay. Instead, it’ll wipe the entire computer system and reset it, which could take days or weeks. The cyberattack hit 700 computers at all of the city’s 16 library branches, according to spokeswoman Jen Hatton. The entire checkout system is on hold. No one can walk out with any of the library’s 4 million books, magazines and videos. And all computers are frozen, she said. The city’s libraries are overwhelmingly used by school children and the city’s poorer residents.

http://money.cnn.com/2017/01/19/technology/st-louis-public-library-hack/index.html

CIA updates rules for collecting and retaining info on US people

Unevaluated information such as nonpublic telephone and electronic communications, including communications in electronic storage, acquired without the consent of a person who is party to the communications, shall be destroyed no later than five years after the information was made available to the agency. […] The new rules also place limits on the querying of such data. Queries of particularly sensitive data sets, such as the contents of communications, have when practicable to be accompanied by a statement explaining the purpose for the query when retrieving information concerning a U.S. person, the agency said.

http://www.csoonline.com/article/3159387/security/cia-updates-rules-for-collecting-and-retaining-info-on-us-people.html

The Post-Snowden Cyber Arms Hustle

At their most advanced, cyber arms—code that governments use to spy on or sabotage computers—are created by Ph.D.s working for defense contractors such as Raytheon and Northrop Grumman. But the market for those products is limited to the U.S. and the select few allies who can afford them. The rest is dominated by lone-wolf savants and boutique companies whose interactions are characterized by what economists politely call a trust deficit. It’s hard for buyers and sellers to know whether their counterparts are scammers, thieves, or something more dangerous.

https://www.bloomberg.com/news/features/2017-01-18/the-post-snowden-cyber-arms-hustle

Cyber-Attack Concerns Mount Ahead of French Elections

After allegations of cyber interference in the 2016 U.S. election campaign, French authorities are urging political party members to take precautions online, to be aware of signs of cyber-attacks, and to take measures in response as quickly as possible. They strongly advise parties to train staffers or to hire experts. […] “The attackers who influenced the American election could try to do it again in France. We must be prepared. Even if we cannot be sure that they are absolutely the same people, there are attackers who regularly tap the door of our ministries.”

http://www.cnsnews.com/news/article/fay-al-benhassain/cyber-attack-concerns-mount-ahead-french-elections

How corporations will defend themselves against cyber attacks in 2017

It’s because of that threat that CA Technologies (CA) CEO Mike Gregoire believes corporate IT security budgets will be virtually unlimited in 2017. Gregoire made his observation during an interview with Yahoo Finance Editor-in-Chief Andy Serwer at the World Economic Forum in Davos, Switzerland. “You’re going to see spending for sure in security,” Gregoire said, adding that corporations will move toward using artificial intelligence and data analytics to defend their users and customers.

https://finance.yahoo.com/news/cybersecurity-2017-ca-technologies-ceo-210914819.html

Americans are united on retaliating against Russian cyberattacks

Consistent with recent YouGov data on partisan differences toward Russia, almost 85 percent of Democrats viewed Russia as being either unfriendly or an enemy. That view was held by 65 percent of independents and 53 percent of Republicans. And yet these differences in attitudes toward Russia had no effect on what respondents thought the United States should do to respond to cyberattacks. About 36 percent of Republicans supported retaliatory airstrikes, while only 31 percent of independents and 33 percent of Democrats did. But these differences are not statistically significant.

https://www.washingtonpost.com/news/monkey-cage/wp/2017/01/19/americans-are-united-on-this-at-least-retaliating-against-russian-cyberattacks/

Obama sends mixed messages on Chelsea Manning pardoning

Manning will have completed 7 years of imprisonment by the time of his release next May. Cartwright will not see the inside of a prison cell, receiving the utmost leniency. That differentiates these two cases. What unites them, however, is a disregard for the precedent of not pursuing redress against individuals who would impose national security risks on the country to validate their own personal moral code. That should not be allowed. And when it is, the integrity of our system of laws designed to protect US security from the compromise of sensitive intelligence is weakened.

http://thehill.com/blogs/pundits-blog/the-administration/314889-obama-sends-mixed-messages-on-chelsea-manning-wikileaks

Evaluating the US-China Cybersecurity Agreement, Part 2: China’s Take on Cyberspace and Cybersecurity

At the World Internet Conference in December 2015, President Xi Jinping called for states to be allowed to set their own rules for cyberspace in their own countries. In other words, Xi appeared to be advocating for China’s continued ability  to limit its citizens’ access to the Internet, and for a greatly reduced U.S. role in Internet operations and rule setting. Xi has always promoted China’s notion of “internet sovereignty.” He also called for transforming the current global internet governance system to make it more “multilateral, democratic, and transparent,” surely a criticism of the dominant position of U.S. in Internet governance.

http://thediplomat.com/2017/01/evaluating-the-us-china-cybersecurity-agreement-part-2-chinas-take-on-cyberspace-and-cybersecurity/

Four Cyber Trends To Watch in 2017

From the hacking of the Democratic National Committee (DNC) to major data breaches at the FBI and the theft of NSA cyber weapons, 2016 was an alarming year for cybersecurity. Now get ready for more of the same in 2017. Cybersecurity experts from government, industry and academia all see more trouble ahead.

  • Foreign Government Hacks
  • Botnets attacks and attacking the Internet of Things
  • Intelligence Sharing of Cyber Vulnerabilities
  • Information Manipulation

https://www.govtechworks.com/four-cyber-trends-to-watch-in-2017/#gs.LGjTxiA

Air Force goes after cyber deception technology

Galios describes Prattle as a system that generates traffic that misleads an attacker that has penetrated a network: making them doubt what they have learned, or to cause them to make mistakes that increase their likelihood of being detected sooner. “To generate this traffic, Prattle starts with observations of local traffic, and then generates traffic indistinguishable from existing traffic, but subtly modified to meet the administrator’s goals. This additional information can be used to direct adversaries toward fake workstations or servers, for example, and/or to distract them from real search terms or operational priorities” Galios says.

http://www.networkworld.com/article/3159704/security/air-force-goes-after-cyber-deception-technology.html

Fraud and cyber crime are now the country’s most common offences

Online fraud is now the most common crime in the countrywith almost one in ten people falling victim, the latest figures have revealed. More than five and a half million cyber offences are now thought to take place each year accounting for almost half of all crime in the country. But just a fraction of offences are reported to the police because victims either feel embarrassed or believe little can be done to catch those responsible.

http://www.telegraph.co.uk/news/2017/01/19/fraud-cyber-crime-now-countrys-common-offences/

Connected Devices Give Spies a Powerful New Way to Surveil

The potential use of the IoT for surveillance is gaining recognition from the US intelligence community. Former US national intelligence chief James Clapper last year told the Guardian last year that agencies will probably use the IoT for “identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.” While this approach shows that the US intelligence community is taking heed of this new technology, the new powers of data gathering and analysis are bound to change the current intelligence paradigms—and create a new one.

https://www.wired.com/2017/01/connected-devices-give-spies-powerful-new-way-surveil/

Assange weasels out of pledge to surrender if Manning received clemency

“If Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ case.” As recently as Tuesday, WikiLeaks said that Assange “stands” by the promise. But on Wednesday, Assange’s lawyer blinked and said no dice—that Assange would not honor his statement. The lawyer announced a new caveat that was not stated in WikiLeaks’ original statement, leading many to speculate that Assange’s offer wasn’t genuine.

http://arstechnica.com/tech-policy/2017/01/assange-weasels-out-of-pledge-to-surrender-if-manning-received-clemency/