IT Security News Blast 5-10-2017

Cyberinsurance options a ‘Wild West’ for healthcare organizations

Ten million dollars in coverage is a benchmark for community hospitals, but not all of them “are there yet,” Lennon said. However, some carriers are building out pre-breach offerings as part of the policy package, working with hospitals to become as immune to breaches as possible and therefore potentially diminishing the amount of coverage they might need. Clients can also get credit for working with a monitoring system that detects potential threats.

http://www.healthcarefinancenews.com/news/cyberinsurance-options-wild-west-healthcare-organizations

 What healthcare CISOs should know

It used to be that retail and financial services were the most popular targets for breaches and malicious attacks, but the healthcare industry is now right up there with them. The reason for that change is simple: protected health information (PHI) is more lucrative on the dark web than other forms of personally identifiable information. Also, healthcare organizations keep other useful data: access credentials, personally identifiable information, and financial records.

https://www.helpnetsecurity.com/2017/05/09/advice-healthcare-ciso/

 Dissect Cyber notifies small businesses targeted by cybercriminals

The project, Dissect Cyber, is being led by a threat analyst training and alert provider with of same name. CSD is part of S&T’s Homeland Security Advanced Research Projects Agency. The initiative’s goal is to develop validated strategies to increase the effectiveness of cybersecurity notifications to companies supporting critical infrastructure sectors, including the U.S. government.

http://www.homelandsecuritynewswire.com/dr20170508-dissect-cyber-notifies-small-businesses-targeted-by-cybercriminals

 Scottrade hit with new class action suit over 2013 Data Breach

The latest in a series of class action suits was filed against Scottrade in a Florida court late last week claiming that the financial brokerage failed to take appropriate measures to protect its customers’ personal information that could have prevented a data breach that exposed the personal information of millions of customers.

https://www.scmagazine.com/scottrade-hit-with-new-class-action-suit-over-2013-data-breach/article/656029/

 Study finds cybersecurity pros are hiding breaches, bypassing protocols, and paying ransoms

Cybersecurity company Bromium has found that an average of 10% of security professionals have quietly paid ransomware demands, and that 35% have admitted to circumventing, disabling, or otherwise bypassing their organization’s security. […] “To find from their own admission that security pros have actually paid ransoms or hidden breaches speaks to the human-factor in cyber security.”

http://www.techrepublic.com/article/study-finds-cybersecurity-pros-are-hiding-breaches-bypassing-protocols-and-paying-ransoms/

 Cyber enemies of the United States

There are simply too many variables and the tools are offensive available to all. A single person with a grudge sitting in their basement, to the head of the largest country on the planet or of the most populous nation all have access equally to some of the most destructive malware around.  So, it’s more a matter of what type of attack the bad actors are in the mood for that will determine which causes a catastrophic-level cyber event.

https://www.scmagazine.com/cyber-enemies-of-the-united-states/article/650736/

 The NSA Confirms It: Russia Hacked French Election ‘Infrastructure’

In a hearing of the Senate’s Armed Forces Committee, Rogers indicated that the NSA had warned French cybersecurity officials ahead of the country’s presidential runoff that Russian hackers had compromised some elements of the election. For skeptics, that statement may help tip the balance towards credibly blaming Russia for the attacks.

https://www.wired.com/2017/05/nsa-director-confirms-russia-hacked-french-election-infrastructure/amp/

 DOD needs cyberwarriors so badly it may let skilled recruits skip boot camp

But as Rogers noted in his testimony, “We need a broad range of skills, and many of the best candidates won’t necessarily have advanced educations but have deep experience in the field.” And the problem won’t be fixed with the military’s current approach to workforce development, Rogers acknowledged. “We can’t keep relying on five- to ten-year development cycles in terms of manpower,” he said.

https://arstechnica.com/information-technology/2017/05/dod-needs-cyberwarriors-so-bad-it-may-let-skilled-recruits-skip-boot-camp/

 U.S. military cyber operation to attack ISIS last year sparked heated debate over alerting allies

As part of the operation, Cyber Command obtained the passwords to a number of Islamic State administrator accounts and then used them to access the accounts, change the passwords and delete content such as battlefield video. It also shut the group’s propaganda specialists out of their accounts, former officials said.

https://www.washingtonpost.com/world/national-security/us-military-cyber-operation-to-attack-isis-last-year-sparked-heated-debate-over-alerting-allies/2017/05/08/93a120a2-30d5-11e7-9dec-764dc781686f_story.html?utm_term=.c37ab2e73b26

 Air Force Launches Initiative to Train Airmen on Defensive Cyber Operations

Selected from existing manpower, the Air Force has organized, equipped and trained 15 initial cyber squadrons, dubbed pathfinder units, to support various applications for their respective wings’ missions. “Air Force core missions are cyber dependent, and the complexities and threats in this environment have grown exponentially,” said Lt. Gen. William Bender, chief information dominance officer and chief information officer of the Air Force.

https://www.executivegov.com/2017/05/air-force-creates-cyber-squadron-initiative-to-train-airmen-on-defensive-cyber-operations/

 NSA chief: This is what a worst-case cyber attack scenario looks like

He said that while until now most cyber activity has been “penetration and extraction” — that is, hackers breaking in and stealing information — for attackers to break in and alter information is “a very different kind of challenge for us.” Rogers said the third element of a worst case scenario centered on “what happens when non-state actors decide that cyber now is an attractive weapon and enables them to destroy the status quo.”

http://www.zdnet.com/article/nsa-chief-this-is-what-a-worst-case-cyber-attack-scenario-looks-like/

 Will New Cybersecurity Legislation Offer Better Protection for Consumers?

These regulations are necessary for consumers. For obvious reasons, financial institutions are a favorite target of hackers. The past year set another record for the number of reported security breaches internationally, with more than half of those being cyber-related. However, these reactionary regulations are indicative of the barriers in place preventing us from fully addressing the ever-increasing number of successful cyber-attacks.

https://www.infosecurity-magazine.com/opinions/will-new-cybersecurity-legislation/

 Over 80 Percent of Americans Are More Worried About Privacy, Security Than a Year Ago

Following the recent passage of a bill allowing ISPs to collect users’ personal data without their permission, the survey found that over 95 percent of respondents are concerned about companies collecting and selling their personal information without their consent, and more than 50 percent are looking for new ways to safeguard their personal data. The survey also found that while 70 percent of respondents are doing more today to protect their online privacy than they were a year ago, just one in four believe they’re ultimately responsible for ensuring safe and secure Internet access.

http://www.esecurityplanet.com/network-security/over-80-percent-of-americans-are-more-worried-about-privacy-security-than-a-year-ago.html

 FCC hit with DDoS attacks after John Oliver takes on net neutrality

“These were deliberate attempts by external actors to bombard the FCC’s comment system with a high amount of traffic to our commercial cloud host,” Bray said in an emailed statement. “These actors were not attempting to file comments themselves; rather they made it difficult for legitimate commenters to access and file with the FCC.” […] Before its 2015 vote to impose net neutrality rules, the FCC received 4 million public comments on the issue, with a large majority supporting strong regulations.

http://www.csoonline.com/article/3195408/security/fcc-hit-with-ddos-attacks-after-john-oliver-takes-on-net-neutrality.html

 FCC should produce logs to prove ‘multiple DDoS attacks’ stopped net neutrality comments

A DDoS attack at the exact same time as Oliver’s viewers would have been leaving comments? Pfft. The last rally cry by Oliver resulted in such a flood of would-be commenters that it crashed the FCC comments site. So, it doesn’t seem outside the realm of possibilities that his newest plea for every internet group to come together and tell the FCC to preserve net neutrality and Title II could also crash the site.

http://www.networkworld.com/article/3195466/security/fcc-should-produce-logs-to-prove-multiple-ddos-attacks-stopped-net-neutrality-comments.html

 Emergency Fix for Windows Anti-Malware Flaw Leads May’s Patch Tuesday

Adobe and Microsoft both issued updates today to fix critical security vulnerabilities in their software. Microsoft actually released an emergency update on Monday just hours ahead of today’s regularly scheduled “Patch Tuesday” (the 2nd Tuesday of each month) to fix a dangerous flaw present in most of Microsoft’s anti-malware technology that’s being called the worst Windows bug in recent memory.

https://krebsonsecurity.com/2017/05/emergency-fix-for-windows-anti-malware-flaw-leads-mays-patch-tuesday/

 Disconnected: Why Mass Distrust of IoT Devices is Inevitable

Now, an unseen battle unfolds. Weaponized digital worms are entering the scene and infecting masses of devices that obediently await instructions from a remote master to spring to action, possibly a new botnet attack. The threat from botnets is so serious that FBI Director James Comey brought them up at a Senate hearing last week, saying the “zombie armies” created from internet devices can do tremendous harm.

http://www.govtech.com/security/Diconnected-Why-Mass-Distrust-of-IoT-Devices-is-Inevitable.html

 Hikvision Patches Backdoor in IP Cameras

The backdoor stems from two bugs: an improper authentication bug and a password in configuration file vulnerability. Both bugs could have allowed an attacker to escalate privileges and access sensitive information. The United States Computer Emergency Readiness Team (US-CERT) disclosed the vulnerabilities in an advisory on Friday, assigning the highest possible CVSS rating, 10.0 to the improper authentication vulnerability. The password in configuration file issue, meanwhile, received a high severity 8.8 rating.

https://threatpost.com/hikvision-patches-backdoor-in-ip-cameras/125522/

 New Persirai IoT Botnet Emerges

According to Trend Micro, the newly discovered Persirai is targeting over 1,000 IP Camera models, with most users unaware that their devices are exposed to Internet-based attacks. As a result, the researchers argue, attackers can easily gain access to the devices’ web-based interfaces via TCP Port 81. Because IP Cameras typically use the Universal Plug and Play (UPnP) protocol, which allows devices to open a port on the router and act like a server, they are highly visible targets for IoT malware.

http://www.securityweek.com/new-persirai-iot-botnet-emerges

 The intelligent intersection could banish traffic lights forever

Over the course of an hour, the intelligent intersection only required 11 vehicles to come to a complete halt. By contrast, when the simulation was run with a traffic light instead, more than 1,100 vehicles had to stop at the junction over the course of an hour. Unfortunately, it’s going to be a long time before the rest of us will see that kind of benefit. As you might imagine, it only works when every car that navigates the intersection is being controlled by the system[.]

https://arstechnica.com/cars/2017/05/the-intelligent-intersection-could-banish-traffic-lights-for-ever/

 How to check for the Intel exploit that lets hackers take over your PC

While the vast majority of consumer PCs probably don’t have the exploit, it wouldn’t hurt to take five minutes to check your system. First, download Intel’s tool to check for the vulnerability. You can also click this link to download it from Intel directly. It’s listed as supporting Windows 10 and Windows 7, but we had no issues running it on Windows 8.1. Once you’ve downloaded it, decompress the zip file to a folder. Open the folder, then open its Windows subfolder. Inside you’ll find several files. Launch Intel-SA-00075-GUI.exe.

http://www.csoonline.com/article/3195424/security/how-to-check-for-the-intel-exploit-that-lets-hackers-take-over-your-pc.html

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>