IT Security News Blast 6-2-2017

11 Things the Health Care Sector Must Do to Improve Cybersecurity

Given that most transactions in the health care sector are conducted through vulnerable hardware and software, it’s critical for providers and payers to strengthen their cybersecurity. For an example of how to proceed, they can look to the financial services industry, where some of the most well-known examples of cyberattacks in the last decade have occurred. This turmoil led to huge operational shifts in the financial services sector, where there’s more focus than ever on consumer education, industry information sharing, and stronger forms of authentication, among other things.

https://hbr.org/2017/06/11-things-the-health-care-sector-must-do-to-improve-cybersecurity

 Cybersecurity in an IoT and mobile world: The key trends

As each new technology appears, manufacturers and service providers rush to bring products to market, often without due consideration for security. […] In due course, the tech industry gets its security act together in areas such as threat intelligence, firewalling, endpoint protection, intrusion detection, incident response, network and application architecture, best practices and user education. Governments may also weigh in with laws and regulations, and the insurance industry picks up the pieces. Eventually, some sort of order is restored. But cybersecurity remains, and will probably always remain, an arms race — especially in the early stages of an innovation cycle.

http://www.zdnet.com/article/cybersecurity-in-an-iot-and-mobile-world-the-key-trends/

 Beware! Fireball Malware Infects Nearly 250 Million Computers Worldwide

Dubbed Fireball, the malware is an adware package that takes complete control of victim’s web browsers and turns them into zombies, potentially allowing attackers to spy on victim’s web traffic and potentially steal their data. […] While the company is currently using Fireball for generating revenue by injecting advertisements onto the browsers, the malware can be quickly turned into a massive destroyer to cause a significant cyber security incident worldwide.

http://thehackernews.com/2017/06/fireball-computer-virus.html

 Insecure Backend Databases Blamed for Leaking 43TB of App Data

Appthority Mobile Threat Team called the vulnerability HospitalGown and said the culprit behind the threat are misconfigured backend storage platforms including Elasticsearch, Redis, MongoDB and MySQL. “HospitalGown is a vulnerability to data exposure caused, not by any code in the app, but by the app developers’ failure to properly secure the backend servers with which the app communicates,” wrote the authors of the report released Wednesday.

https://threatpost.com/insecure-backend-databases-blamed-for-leaking-43tb-of-app-data/126021/

 Spear-Phishing Attacks Increasingly Focused: Report

Experts believe attackers have been targeting fewer inboxes as this can help their operation stay under the radar longer, and it increases their chances of success if the emails are “hyper-personalized.” The IRONSCALES study showed that 65 percent of email phishing attacks lasted for up to one month, and nearly half of them only lasted for less than 24 hours. Of the campaigns that went on for more than 30 days, roughly one-third spanned across 12 months or more.

http://www.securityweek.com/spear-phishing-attacks-increasingly-focused-report

 OneLogin breached, passwords possibly compromised

“Password managers are a high-value target for attackers for obvious reasons, and breaches of password vault companies aren’t unprecedented: LastPass suffered a breach that exposed master password hashes back in July of 2015,” he said. LastPass suffered two security situations, the first time in July 2016 when it patched a message-hijacking vulnerability. The company was then hit twice in a two week period in late March 2017 when critical vulnerabilities were found.

https://www.scmagazine.com/onelogin-breached-passwords-possibly-compromised/article/665822/

 Security pros cancel bid to buy Shadow Brokers’ exploits

A group of cybersecurity researchers launched on Wednesday a crowdfunding effort to raise the $25,000 being demanded by the Shadow Brokers, a hacker group. It raised $3,906.62 in 36 hours before the campaign was canceled. Lawyers and law enforcement experts warned the group that it was asking for trouble. The group decided to cancel the crowdfunding campaign after learning about the litany of legal problems it would run into by buying stolen hacks from a criminal organization.

https://www.cnet.com/news/wannacry-shadow-brokers-response-team-crowdfund-zcash-cyber-security-hackers/

 Invest in These 5 Cybersecurity Stocks for Better Returns

From being a niche industry a decade ago, cyber security has grown into a very important segment in the IT space. Various independent research firms forecast strong demand ahead. According to a Markets and Markets report, worldwide cybersecurity spending will reach $90 billion in 2017, $101 billion in 2018 and $170 billion by 2020. Gartner had earlier mentioned that IT security spending peaked to above $83 billion in 2016.

http://www.nasdaq.com/article/invest-in-these-5-cybersecurity-stocks-for-better-returns-cm797129

 Trump’s 2018 Budget for DHS Emphasizes Federal Network Protection, Cyber Monitoring

The budget requests $971.3 million “to improve security of the U.S. cyber infrastructure in collaboration with public, private, and international partners. ”However, some programs are getting shortchanged. As CyberScoop notes: “Despite these increases, not every tech element of the department got its funding goosed. Research and development in the DHS Science and Technology Directorate was slashed by $100 million and the allocation for the CIO office was also down $60 million.”

https://fedtechmagazine.com/article/2017/05/trump-s-2018-budget-dhs-emphasizes-federal-network-protection-cyber-monitoring

 When employees cause cyber breaches, most insurers won’t pay out

Insurers are limiting pay outs under cyber-security policies, reports Cyberheist News. If employers neglect to patch known breaches in their systems or employees take the bait from phishing schemes, some insurers won’t cover the resulting claims for damages. According to Cyberheist, cyber-security policies are a new fast-growing insurance market, with current estimates of $5 billion in premiums by 2020.

http://www.hrdive.com/news/when-employees-cause-cyber-breaches-most-insurers-wont-pay-out/443881/

 Emerging cyber risks reshape the market in the internet-of-things era

The traditional cyber policy addresses the financial aspects of a breach, such as the cost of notifying individuals of compromised information as well as defending against a lawsuit. It doesn’t, however, extend to covering bodily injury or property damage that result from a breach. For example, the Target Corp. data breach came through a HVAC company that serviced Target stores. While the hacker only took payment card information, that same server could have potentially allowed the hacker to overheat or freeze all of Target’s refrigeration units.

http://www.sbnonline.com/article/emerging-cyber-risks-reshape-market-internet-things-era/

 NATO might trigger Article 5 for certain cyberattacks

NATO will not rule out invoking Article 5 of its charter should one or more member nations find themselves under a serious cyberattack that threatens critical military and civilian infrastructure. NATO officials told delegates at the International Conference on Cyber Conflict, or CyCon, in Estonia that the Western alliance would deliver a robust response in the event of a serious and prolonged attack on a member state in cyberspace. Article 5 provides for a united response by NATO states should a member nation come under attack.

http://www.defensenews.com/articles/nato-might-trigger-article-5-for-certain-cyberattacks

 WikiLeaks says CIA’s “Pandemic” turns servers into infectious Patient Zero

“Pandemic,” as the implant is codenamed, turns file servers into a secret carrier of whatever malware CIA operatives want to install, according to documents published Thursday by WikiLeaks. When targeted computers attempt to access a file on the compromised server, Pandemic uses a clever bait-and-switch tactic to surreptitiously deliver malicious version of the requested file. The Trojan is then executed by the targeted computers. A user manual said Pandemic takes only 15 seconds to be installed.

https://arstechnica.com/security/2017/06/wikileaks-says-cias-pandemic-implant-turns-servers-into-malware-carriers/

 Who’s to blame for that cyberattack? Here’s why nobody’s really sure

Case in point: Symantec researchers on Thursday discovered what they thought was a nation-state actor using highly sophisticated malware and techniques typically employed by a government, but was in fact a low-level cyber-criminal, who was just out to make a few bucks. In other words, what could’ve easily been the Russian government turned out to be a fairly amateur individual. […] “Even with copious amounts of data, it is incredibly difficult to find that one smoking gun,” she said.

http://www.zdnet.com/article/nation-state-hacker-or-script-kiddie-why-is-pointing-blame-so-difficult/

 UK’s nuclear submarines vulnerable to ‘catastrophic’ cyber attack sparking nuclear conflict, warn experts

Malicious software could be secretly installed on the submarines’ computer systems when they are docked in the UK. “Trident’s sensitive cyber systems are not connected to the internet or any other civilian network,” says the report. “Nevertheless, the vessel, missiles, warheads and all the various support systems rely on networked computers, devices and software, and each of these have to be designed and programmed. All of them incorporate unique data and must be regularly upgraded, reconfigured and patched.”

http://www.independent.co.uk/news/uk/home-news/uk-nuclear-submarines-cyber-attack-vulnerable-nuclear-war-security-experts-royal-navy-a7767496.html

 How The DNC (And RNC) Are Preparing For The Inevitable Next Cyberattack

Both political parties have been understandably tight-lipped about their cybersecurity plans and any upgrades they’ve made since the election, although some cybersecurity experts with knowledge of their operations tell Fast Company that they’ve seen the DNC move much aggressively than they have in the past, reaching out to Silicon Valley much more frequently for assistance with their efforts. […] The DNC had last year announced the creation of a cybersecurity advisory board following the disclosure of the hacks, but it has since shared little about the board’s activities or progress.

https://www.fastcompany.com/40425928/how-the-dnc-and-rnc-are-preparing-for-the-inevitable-next-election-hack-attempt

 Putin: “Patriotic” Russian hackers may have interfered in US election

The admission, which Putin made during comments at the St. Petersburg International Economic Forum, was a reversal of previous Kremlin denials of any Russian involvement in the information operations against Hillary Clinton and the Democrats. Putin continued to deny state involvement in the attacks, instead suggesting that the attacks were staged by Russians acting independently. “If they are patriotically minded, they start making their contributions—which are right, from their point of view—to the fight against those who say bad things about Russia,” he said.

https://arstechnica.com/security/2017/06/putin-patriotic-russian-hackers-may-have-interfered-in-us-election/

 Putin: Hackers Are Like Artists, Who Wake Up In A Good Mood & Start Painting

Talking to international media at the St Petersburg Economic Forum on Thursday, Russian President Vladimir Putin made a number of statement surrounding alleged Russia’s involvement in hacking. […] The US authorities and intelligence community concluded in January that Mr. Putin had personally directed cyber attacks against Democrats and the dissemination of false information in order to influence US election and help Mr. Trump win the election.

http://thehackernews.com/2017/06/putin-russian-hackers.html

 Hooligans Biker Gang Arrested for Hacking and Stealing 150 Jeep Wranglers

“According to court records, the transnational criminal organization is responsible for the theft of more than 150 Jeep Wranglers worth approximately $4.5 million within San Diego County since 2014. The Hooligans used high-tech methods to disable security systems and steal away with Jeeps in just a few minutes, in the middle of the night, while unsuspecting owners slept nearby. After stealing the Jeeps in San Diego County, the Hooligans transported them to Tijuana, Mexico, where the vehicles were sold or stripped for parts.”

https://www.hackread.com/hooligans-biker-gang-arrested-for-hacking-stealing-jeep-wranglers/

 Ohio Companies Unite to Share Threat Intelligence

The Collaboratory comprises seven major non-competitive firms in several separate sectors: Nationwide Insurance, Cardinal Health, LBrands (which includes Victoria’s Secret, and Bath & Body Works), Huntington Bank, OhioHealth, American Electric Power, and Batelle. It was formed with $28 million commitment from the members, and a $5 million Ohio Third Frontier Grant.

http://www.securityweek.com/ohio-companies-unite-share-threat-intelligence

 How quantum computing increases cybersecurity risks

Experts have estimated that a commercial quantum computer capable of breaking the cryptography we rely on today will be available by 2026. In fact, IEEE Spectrum reported last year that a quantum computer is close to cracking RSA encryption. To many people, a nine-year timeline doesn’t sound alarming, and the consequences of not updating our security technology with quantum-safe solutions may not be clear. Here’s why the work to upgrade to quantum-safe security needs to start now to keep our data safe once quantum computers arrive.

http://www.networkworld.com/article/3197366/security/how-quantum-computing-increases-cybersecurity-risks.html

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.