IT Security News Blast 2-21-2017

Got Effective Cybersecurity Practices? Be Aware: The FTC Is Watching You.

Following a July ruling against medical testing laboratory LabMD (which is now out of business), the Federal Trade Commission has emerged as a central regulator of cybersecurity practices for U.S. businesses. The FTC’s mandate to act on “unfair or deceptive” business practices that could harm consumers is being interpreted in a way that means any business that handles (and might potentially mishandle) consumer data is liable to fall under the organization’s scrutiny.

https://www.entrepreneur.com/article/289418

Data breaches becoming more complex, pervasive and damaging

This year’s report points to five actions an organization should take in the aftermath of a breach:

  • Preserve evidence; consider consequences of every action taken
  • Be flexible; adapt to evolving situations
  • Establish consistent methods for communication
  • Know your limitations; collaborate with other key stakeholders
  • Document actions and findings; be prepared to explain them.

https://www.helpnetsecurity.com/2017/02/17/data-breaches-report/

Confidential Information At Greatest Risk In New Businesses

Our research found that younger firms have inherently bad habits with private information, little faith in their own data protection procedures and little inclination to automate processes. This is because they generally still have their heads in start-up phase, where chasing the next sale and the race to the next product cycle get their full attention.

http://www.informationsecuritybuzz.com/articles/confidential-information-greatest-risk-new-businesses/

Legal liability from cyber attacks

Data breaches often trigger investigations by the US Federal Trade Commission, the US Securities and Exchange Commission, the US Department of Justice, and state regulatory agencies, as well as class-action lawsuits and shareholder derivative actions. The modern inevitability of cyber attacks behooves directors and officers at oil and gas companies to allocate adequate funds and time to implement cyber security risk-management strategies that protect sensitive business information and property and minimize the company’s legal exposure.

http://www.ogfj.com/articles/print/volume-14/issue-2/features/legal-liability-from-cyber-attacks.html

Anatomy of a cyber attack explained at HIMSS17

In the current cyber environment, CISOs need to be much more aggressive, he asserted. “You need to push through security measures—there’s no excuses anymore. We’re beyond allowing ourselves to get pushed by that pushback. Focus on the pain and millions of dollars that can be spend to end an organizational incident. I urge you to use this experience as a burning platform. If your organization is not paying attention, scream louder and ask them to talk to me.”

https://www.healthdatamanagement.com/news/anatomy-of-a-cyber-attack-explained-at-himss17

The Rise of the Weaponized AI Propaganda Machine

By leveraging automated emotional manipulation alongside swarms of bots, Facebook dark posts, A/B testing, and fake news networks, a company called Cambridge Analytica has activated an invisible machine that preys on the personalities of individual voters to create large shifts in public opinion. Many of these technologies have been used individually to some effect before, but together they make up a nearly impenetrable voter manipulation machine that is quickly becoming the new deciding factor in elections around the world.

https://medium.com/join-scout/the-rise-of-the-weaponized-ai-propaganda-machine-86dac61668b#.arn3xqipy

Techdirt’s First Amendment Fight For Its Life

As you may have heard, last week we were sued for $15 million by Shiva Ayyadurai, who claims to have invented email. We have written, at great length, about his claims and our opinion — backed up by detailed and thorough evidence — that email existed long before Ayyadurai created any software. We believe the legal claims in the lawsuit are meritless, and we intend to fight them and to win.

https://www.techdirt.com/articles/20170111/11440836465/techdirts-first-amendment-fight-life.shtml

Ransomware emerging as medical device cybersecurity threat

“It’s only a matter of time before we see some sort of significant type of events that involve patient safety that are cyber enabled,” said Edwards, at a HIMSS17 pre-conference symposium in Orlando on Sunday. “There have been a lot of healthcare providers and hospitals that have fallen prey to ransomware.”

https://www.healthdatamanagement.com/news/ransomware-emerging-as-medical-device-cybersecurity-threat

Android Ransomware Up By More Than 50% In 2016

Authors of lock-screen as well as file-encrypting “crypto-ransomware” types have used the past 12 months to copycat effective techniques from desktop malware. They have also developed their own sophisticated methods specialized for targets running Android devices. Cybercriminals have also been putting increased effort into keeping a low profile, by encrypting and burying the malicious payload deeper into the infected apps.

http://www.informationsecuritybuzz.com/news/android-ransomware-50-2016/

Large-scale reconnaissance operation used PC microphones to bug targets

“Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources,” the CyberX researchers wrote. “In particular, the operation requires a massive back-end infrastructure to store, decrypt, and analyze several GB per day of unstructured data that is being captured from its targets. A large team of human analysts is also required to manually sort through captured data and process it manually and/or with Big Data-like analytics.”

https://arstechnica.com/security/2017/02/hackers-who-took-control-of-pc-microphones-siphon-600-gb-from-70-targets/

Four Disruptive ‘Cyber Trends’ At RSA

Disruption #1: Targeting the Links in the Cyber Kill Chain

Disruption #2: Leveraging AI to Better Understand Human Behavior

Disruption #3: ‘Software-Defined’ Cybersecurity

Disruption #4: Israel Becomes the Cyber Silicon Valley

http://www.forbes.com/sites/jasonbloomberg/2017/02/20/four-disruptive-cyber-trends-at-rsa/#7eef3530d1d6

The World Can Expect More Cybercrime From North Korea Now That China Has Banned Its Coal

Hacks are especially likely to ramp up as Pyongyang searches for ways to fund the final stage of its quest for a nuclear-armed ballistic missile capable of hitting the U.S. mainland. Although North Korea remains one of the world’s most impoverished regimes — its official economy was worth just $28.4 billion in 2014, according to South Korea’s central bank — the Kim regime has still invested an estimated $1.1 billion to $3.2 billion toward developing a nuclear deterrent.

http://time.com/4676204/north-korea-cyber-crime-hacking-china-coal/

5 trends and factors that continue to impact cyber security in 2017

  • Serious breaches still take too long to discover.
  • Employees will continue to be critical to protection
  • Cyber insurance is hot and growing hotter
  • Companies may begin to realize the importance of managing their intranet
  • The best protection for consumers is still self-protection

http://techaeris.com/2017/02/20/5-trends-and-factors-that-continue-to-impact-cyber-security-in-2017/

Study finds gaps in cyber security readiness in US oil and gas industry

The study, titled as the Ponemon Institute – The State of Cybersecurity in the Oil & Gas Industry: United States saw only 35% of 377 respondents rating the cyber readiness of their company’s operational technology (OT) to be high. Ponemon Institute chairman and founder Dr. Larry Ponemon said: “Cyber attacks in the oil and gas industry can have potentially devastating consequences for the economy and national security.

http://explorationanddevelopment.energy-business-review.com/news/american-oil-and-gas-industry-falls-short-in-cyber-readiness-170217-5742636

‘Twas The Season To Attack: Large Online Retailers Pummeled Over Holidays

Of the 5.6 million anomalous behaviours detected, over 1 million events were directly attributed to malicious automated activity from scripts and bots.

  • Malicious scripted, bot and botnet activity accounted for 31% of all login activity for the month of December.
  • Had they been successful, these automated attacks would have been used to power identity-based account takeover (ATO) and a wide array of cybercrime over the holiday period, including account information scraping, transaction fraud, coupon and reward abuse.

http://www.informationsecuritybuzz.com/study-research/twas-season-attack-large-online-retailers-pummeled-holidays/

Gun Retailer Airsoft GI’s Forum Hacked; 65,000 User Accounts Leaked

A hacker is claiming to have hacked the official web forum of a gun retailer Airsoft GI and uploaded its data on Dropbox earlier today. The hacker who wants to remain anonymous is part of an underground hacker platform and maintains that the forum was hacked in January 2017. […] The data includes personal details of registered user such as user id, username, email account, IP address and password hashed with bcrypt, Blowfish. Among the data, there are 40,521 Gmail accounts, 3,261 Yahoo accounts, 2,760 Outlook and 2,760 Hotmail accounts. The total number of unique IPs is 17,364.

https://www.hackread.com/gun-retailer-airsoft-gi-forums-hacked/

The dangers that come with buying pre-owned IoT devices

Standards should be created for factory reset of smart functionality. Access revocation procedures should be intuitive and obvious for users, and users should be made aware of the fact that the option exists, and why it’s important for them personally to take advantage of it when they sell their old or buy second-hand connected devices. Manufacturers should consider providing “guides for second owners” and “sale preparation guides” for smart technology.

https://www.helpnetsecurity.com/2017/02/20/danger-buying-pre-owned-iot-devices/

When Hackers Hack Hackers

Sometimes the attacks are purely mercenary: rivals know they can hit pay dirt very quickly if they find an easy way to tap into data stores of already vetted stolen identities or financial information. Similarly, certain kinds of cyber skirmishes are initiated to take competitors out. And then there are the attacks that are a little more personal: to show someone up, settle a score, or otherwise make a philosophical stand.

http://www.darkreading.com/threat-intelligence/when-hackers-hack-hackers/d/d-id/1328095

Congressional staffers eye response, future deterrents, in wake of Russian election interference

A trio of high-level Congressional staffers gathered at the 2017 RSA Conference this week in a joint session that sought to explore possible responses to Russia’s interference in the 2016 U.S. presidential election, as well as future deterrents that might prevent future foreign cyberattacks. “If someone does something to you, and you don’t respond appropriately, are you allowing yourself to have them do it to you as well?” asked Brendan Shields, staff director with House of Representatives Committee on Homeland Security. “I think there is a growing desire to see that deterrence is real,” he later added.

https://www.scmagazine.com/congressional-staffers-eye-response-future-deterrents-in-wake-of-russian-election-interference/article/638589/