IT Security News Blast 3-13-2017

Are regional banks immune to cyberattacks?

The first lesson we learn in security is that aiming to achieve 100 per cent is a fool’s errand, attackers will still get in. But once they are in your network, what attackers usually look for is fairly rudimentary. Nine times out of ten they are trying to find something of value and the easiest place to look is in your database. These structured repositories of data look like large, interconnected excel spreadsheets, with neatly organised records of user information, details and transactions, these are quite valuable to an attacker who can easily and anonymously resell this data in a matter of hours.

http://www.cpifinancial.net/features/category/technology/post/40015/are-regional-banks-immune-to-cyberattacks

San Diego cybersecurity chief shares 3 ways to shield cities from attacks

San Diego’s Chief Information Security Officer Gary Hayslip said he is preparing the city with techniques that reduce risk through a combination of advanced analytics, department partnerships and exploration of emerging technologies to secure the city’s Internet of Things. The effort is an attempt to reinforce the city’s defense strategy while shielding San Diego from the half million attacks that are volleyed against their networks each day. In an interview with StateScoop, Hayslip drew on his experience as a Navy Command information security officer and shared three core lessons for cities securing the digital front.

http://statescoop.com/san-diego-cybersecurity-chief-shares-3-ways-to-shield-cities-from-attacks

Nearly 200,000 IP Cameras are Vulnerable To Botnet Malware Intrusion

Research indicates there are close to 200,000 cameras that need to be considered as vulnerable targets. The majority of these cameras are hosted in China, although nearly 20,000 made their way to the United States. Thailand, Hong Kong, and Vietnam complete the top 5 list of locations where these vulnerable IP cameras can be found as of right now. It is important to note the GoAhead web server software embedded in these devices is not vulnerable, yet any custom iterations of this software may contain vulnerabilities.

https://themerkle.com/nearly-200000-ip-cameras-are-vulnerable-to-botnet-malware-intrusion/

Zero Days Have Staying Power

RAND Corporation analyzed 200 zero-day vulnerabilities, 40 percent of which it says are not publicly disclosed, and published the results this week in an extensive report titled “Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and their Exploits.” “This is a first-ever look at zero days that isn’t based on manufactured data or vulnerabilities that have already been discovered,” said Lillian Ablon, lead author of the study. “Unique to this report is access to privately known but not publicly disclosed zero day vulnerabilities.”

https://threatpost.com/zero-days-have-staying-power/124190/

Reports cast suspicion on Trump server, political consultant

The first report, from CNN, cites anonymous sources claiming that the FBI’s secretive Counterintelligence Division continues to look into anomalous behavior from a computer server owned by Russia-based Alfa Bank, which from May to September 2016 looked up the contact information for a Trump Organization-registered computer server 2,820 times. Internet data shows that 80 percent of all DNS lookup queries for that server, which was located in the rural town of Lititz, Pa., were from Alfa Bank, the report noted.

https://www.scmagazine.com/reports-cast-suspicion-on-trump-server-political-consultant/article/643483/

Russian Espionage Piggybacks on a Cybercriminal’s Hacking

While Mr. Bogachev was draining bank accounts, it appears that the Russian authorities were looking over his shoulder, searching the same computers for files and emails. In effect, they were grafting an intelligence operation onto a far-reaching cybercriminal scheme, sparing themselves the hard work of hacking into the computers themselves, officials said. The Russians were particularly interested, it seems, in information from military and intelligence services regarding fighting in eastern Ukraine and the war in Syria, according to law enforcement officials and the cybersecurity firm Fox-IT.

https://www.nytimes.com/2017/03/12/world/europe/russia-hacker-evgeniy-bogachev.html

Cyber security summit to be held over fears Russia could hack UK election

A senior Government source has confirmed to Sky News a cyber security summit will also be held to discuss fears of interference from Moscow. Spy chiefs are worried Russian hackers could steal and leak internal emails or publish private databases of voters’ political views, according to the Sunday Times. The National Cyber Security Centre, which is part of GCHQ, offered in the letter to help strengthen the parties’ security systems, the newspaper said.

http://news.sky.com/story/cyber-security-summit-to-be-held-over-fears-russia-could-hack-uk-election-10799314

Russian spokesman: U.S. election cyberattack ‘simply impossible’

“We sincerely cannot understand why American people and American politicians started the process of self-humiliation. You’re self-humiliating yourself, saying that a country can intervene in your election process,” he said, adding that it would be “simply impossible” for the Kremlin to easily influence an election of “the most powerful country in the world” with its “very, very stable political traditions.”

http://www.politico.com/story/2017/03/russia-cyberattacks-election-putin-trump-235971

Fareed Zakaria: Cyber warfare is the real menace to America

Nye argues that there are four ways to deal with cyber attacks — punishment, entanglement, defense and taboos. Punishment involves retaliation, and while it is worth pursuing, both sides can play that game and it could easily spiral out of control. Entanglement means that if other countries were to harm the United States, their own economies would suffer. It strikes me as of limited value because there are ways to attack the U.S. discreetly without shooting oneself in the foot (as Russia has shown recently, and as Chinese cyber theft of intellectual property shows as well). And it certainly wouldn’t deter groups like the Islamic State, al-Qaeda or even WikiLeaks.

http://www.dailycamera.com/columnists/ci_30849102/fareed-zakaria-cyber-warfare-is-real-menace-america

The global war in Cyberia has begun — and will never end

Which will be Donald Trump’s war? There is good reason to fear it could the the Second Korean War. Or it could be yet another quagmire in the Middle East. His most excitable critics warn that the Third World War will happen on his watch. But I am more worried about the First Cyber War — because that war has already begun. Last week’s cyber-attack was just the latest directed against the US by WikiLeaks: the release of a vast cache of documents stolen from the CIA.

http://www.theaustralian.com.au/news/world/the-times/the-global-war-in-cyberia-has-begun-and-will-never-end/news-story/3945b41441acaf8e51b36fd4548746df

The New Cyber Security Ecosystem

[The] cyber industry must work to develop a security protocol – a standard – that can operate effectively across all different elements of modern, large-scale computer systems; a system of systems. Such a protocol will allow for the effective identification and quantification of any security and privacy issues in any part of a business’ IT systems. Other industries have used similar models of ever-presenting testing and evaluation to ensure their services are as rigorous as can be. Engineering, constantly evolving since the industrial revolution, is built upon testing. From product design through to end-of-life decommissioning, the industry constantly tests the performance and capabilities of its devices.

http://www.informationsecuritybuzz.com/articles/new-cyber-security-ecosystem/

What Are The Consequences Of Cybersecurity Attacks for Marketing Leaders?

Many people are under the impression that is the worst thing that can happen is that data is taken.  However, industries such as utilities, oil and gas, transportation, chemical/critical manufacturing, etc. all rely on industrial control systems (ICS), which leverage IT to control physical machinery. Compromise and manipulation of these systems can have disastrous consequences on public safety, health, the environment and even the economy.

https://www.forbes.com/sites/kimberlywhitler/2017/03/11/what-are-the-consequences-of-cybersecurity-attacks-for-marketing-leaders/#915e20c2318e

Congressman: We need a National Guard for cybersecurity

“I think our government should look like our country,” said Hurd, a Republican from Texas. “We need a diversity of thought, backgrounds and experiences. The issue of the most talented folks not going into government is true, it’s not just in the legislative or executive branch.” A cybersecurity reservist group could occasionally be called on to protect the country against cyber threats, and strengthen national security on the digital level. That could include finding and patching bugs, upgrading outdated systems, and auditing current technology.

http://money.cnn.com/2017/03/12/technology/national-guard-tech-cybersecurity-sxsw/

FCC under fire for trying to ditch cybersecurity

Pai stopped an order that was intended to tackle flaws in the Emergency Alert System, and he has pulled cybersecurity out of IPTV proposals under consideration. When he stopped the privacy rules on ISPs from taking effect earlier this month, he also removed its cybersecurity provisions over data security. And a notice of inquiry that was intended to bring in the public’s input on cybersecurity risks associated with next-gen wireless network has also been ended. In response to all this, Democrats in the House of Representatives have this month started proposing legislation – three bills introduced so far – that would obligate the FCC to adopt some level of responsibility for cybersecurity.

https://www.theregister.co.uk/2017/03/10/fcc_under_fire_for_ditching_cybersecurity/

Gold Line Group Director Reveals That Wikileaks Vault7 Leak Is Tip of The Cyber Weapons Iceberg

For years now Gold Line Group has been warning their clients and advising them to avoid off-the-shelf encrypted communication apps and commercial anti-virus software. These products generate a false sense of security in the users and contribute very little to their privacy. What Gold Line Group researchers found is that attackers aren’t trying to break encryption codes like they used to. The way they work now is by taking advantage of the open and social nature of people and their devices, manipulating them to accept trojans that are disguised as a friendly SMS, app or system update, and gaining access to the whole device that way.

http://www.itbusinessnet.com/article/Gold-Line-Group-Director-Reveals-That-Wikileaks-Vault7-Leak-Is-Tip-of-The-Cyber-Weapons-Iceberg-4858681

Malware found preinstalled on 38 Android phones used by 2 companies

“This finding proves that, even if a user is extremely careful, never clicks a malicious link, or downloads a fishy app, he can still be infected by malware without even knowing it,” Check Point Mobile Threat Researcher Daniel Padon told Ars. “This should be a concern for all mobile users.” Most of the malicious apps were info stealers and programs that displayed ads on the phones. One malicious ad-display app, dubbed “Loki,” gains powerful system privileges on the devices it infects. Another app was a mobile ransomware title known as “Slocker,” which uses Tor to conceal the identity of its operators.

https://arstechnica.com/security/2017/03/preinstalled-malware-targets-android-users-of-two-companies/

Official: America auto-scanned visitors’ social media profiles. Also: It didn’t work properly

That poses a significant problem for the DHS – one that’s common to many mass data-slurping programs. If fleshy humans are the only way to check the information, they are going to be facing an enormous volume of data and may either miss key clues or draw the wrong conclusions. Nevertheless, the DHS isn’t giving up on the scheme yet. It has identified 275 software tools that could be used in the scanning, and it restarted the testing program in January 2017, presumably working on the principle that there’s no problem that can’t be overcome if you throw enough money at it.

https://www.theregister.co.uk/2017/03/10/autoscanning_us_visitors_social_media_doesnt_work/

Privilege Escalation Flaw Patched in Schneider Wonderware

The vulnerability was discovered in-house by Schneider Electric engineers in the Tableau server/desktop products. Versions 7.0 to 10.1.3 of the software running inside Schneider’s Wonderware Intelligence 2014R3 and earlier are affected. “The vulnerability, if exploited, could allow a malicious entity to escalate its privilege to an administrator and take control over the host machine where Tableau Server is installed,” said an advisory published this week by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

https://threatpost.com/privilege-escalation-flaw-patched-in-schneider-wonderware/124217/

7 Things That Happened After WikiLeaks Dumped The CIA Hacking Files

But the question remains: Has the CIA ever spied on American citizens? This was the exact question that was thrown at Julian Assange Thursday during a press briefing hosted on Twitter’s Periscope, to which Assange’s response was: “The answer is not no.” Assange claimed that Wikileaks had recovered over 22,000 IP addresses in the Vault 7 files that “corresponded” to the United States. […] Well, we need to wait until next WikiLeaks release for having more clarity on the US intelligence agencies’ operation, as the whistleblower organization tweeted that it “released less than 1% of its #Vault7 series in its part one publication yesterday ‘Year Zero.'”

http://thehackernews.com/2017/03/cia-wikileaks-hacking.html

U.S., EU both committed to strong Privacy Shield, Ansip says

During his address, Ansip noted that both the U.S. and the EU “have a strong interest in keeping data flowing freely,” since it lies “at the heart of the 4th industrial revolution” and “global data flows are surging.” That a “trade reality” that has translated in a 10 percent uptick in the world GDP, or “$7.8 trillion in 2014 alone,” Ansip said. Ansip’s remarks were on the heels of a stern warning to the Trump administration by EU Justice Commissioner Vera Jourova who said if the U.S. doesn’t stick to the terms of the Privacy Shield, the EU will yank it.

https://www.scmagazine.com/us-eu-both-committed-to-strong-privacy-shield-ansip-says/article/643517/