IT Security News Blast 6-26-2017

FDA Implementing Risk-Based Medical Device Regulation

For [health-related apps] and other digital technologies to take hold and reach their fullest potential, it is critical that FDA be forward-leaning in making sure that we have implemented the right policies and regulatory tools, and communicated them clearly, to encourage safe and effective innovation, he explained. […] FDA will also undertake a new approach to regulation, Gottlieb wrote. The pilot program will help create a more efficient, risk-based regulatory framework for overseeing medical technologies, such as digital health tools.

https://healthitsecurity.com/news/fda-implementing-risk-based-medical-device-regulation

Senators question need for HHS cyber office

He described it as a health-focused version of the National Cybersecurity and Communications Integration Center (NCCIC) at the DHS and said it would be operational this month. […] Johnson and McCaskill, who lead the Senate Homeland and Governmental Affairs Committee, wrote to HHS Secretary Tom Price on Wednesday asking for more information about the center, including documents demonstrating the need for it. We are interested in learning more about the HCCIC’s purpose and how it will interact with the NCCIC, the rest of the federal government, and the private sector without duplicating efforts already underway by the Department of Homeland Security,they wrote.

http://thehill.com/policy/cybersecurity/338997-senators-question-need-for-hhs-cyber-office

CIO: HHS faces 500 million hack attempts per week

By virtue of possessing millions of medical records, the Department of Health and Human Services is a prime and frequent target for attempted cybersecurity intrusions. According to HHS CIO Beth Killoran’s estimation, the department faces “500 million cyber hack attempts each week” and cautioned that already staggering number is only going to swell in the future.

https://fcw.com/articles/2017/06/20/hhs-cio-cyber-attacks.aspx

Healthcare Cyber Security Market: Global Industry Size, Share, Growth, Opportunities, Outlook, Analysis and Forecast 2016 To 2023

According to a new market report published by Credence Research, Inc. Healthcare Cyber Security Market […] Growth, Share, Opportunities & Competitive Analysis, 2016 – 2023, the global healthcare cyber security market is expected to expand at a healthy CAGR of over 13% between 2016 to 2023.

http://technorati.com/healthcare-cyber-security-market-global-industry-size-share-growth-opportunities-outlook-analysis-and-forecast-2016-to-2023/

Cybercrime industry growing rapidly, cybersecurity can’t keep up

Maor said it’s imperative for people to change how they approach security. Companies are not doing basic things to protect themselves from cybercrime, they need to have backups in place and always be prepared, Maor furthered. The mindset around cybersecurity and cybercrime must shift. Businesses need to run under a “when will I get hacked” instead of an “if I get hacked” mentality, making security more of a priority than expediency to release a product.

http://www.techrepublic.com/article/cybercrime-industry-growing-rapidly-cybersecurity-cant-keep-up

Fired Employee Hacks and Shuts Down Smart Water Readers in Five US Cities

According to court documents, the FBI tracked down Flanagan’s actions to six incidents in five cities across the US East Coast: Aliquippa (Pennsylvania), Egg Harbor (New Jersey), Kennebec (Maine), New Kensington (Pennsylvania), and Spotswood (New Jersey). Flanagan’s attacks resulted in water utility providers not being able to collect user equipment readings remotely. This incurred damage to the utility providers, who had to send out employees at customer premises to collect monthly readings.

https://www.bleepingcomputer.com/news/security/fired-employee-hacks-and-shuts-down-smart-water-readers-in-five-us-cities/

Under pressure, Western tech firms bow to Russian demands to share cyber secrets

Russian authorities are asking Western tech companies to allow them to review source code for security products such as firewalls, anti-virus applications and software containing encryption before permitting the products to be imported and sold in the country. But those inspections also provide the Russians an opportunity to find vulnerabilities in the products’ source code – instructions that control the basic operations of computer equipment – current and former U.S. officials and security experts said.

http://www.reuters.com/article/us-usa-russia-tech-idUSKBN19E0XB

Australia advocates weakening strong crypto at upcoming Five Eyes meeting

The move indicates that Canberra is now running ahead with what the FBI has dubbed “going dark” for several years now. This is the notion that with the advent of widespread, easy-to-use strong encryption on smartphones and other devices, law enforcement has been hindered. Many experts say, however, that any method that would allow the government access even during certain situations would weaken overall security for everyone.

https://arstechnica.com/tech-policy/2017/06/australia-to-target-encrypted-messaging-apps-at-upcoming-security-meeting/

Germany Just Gave Cops More Hacking Powers to Get Around Encryption

On Thursday, the Bundestaag (the German parliament) passed legislation authorizing the country’s law enforcement to use malware in a wider range of investigations, including drug trafficking. “Police must be able to do what terrorists and criminals can already do today,” Johannes Fechner from the SPD, a centre-left party which forms part of the current government, said during a debate before the vote.

https://motherboard.vice.com/en_us/article/gyp7em/germany-just-gave-cops-more-hacking-powers-to-get-around-encryption

Mexico Hacking and Spying on Its Citizens Is a ‘Human Rights Crisis’

We already knew the Mexican government previously purchased Pegasus, a sophisticated surveillance software sold by NSO Group, the Israeli cyberarms company. As the Times reports, that spyware has been used to intimidate activists, reporters and human rights defenders. […] These cases directly challenge the legitimacy of the Mexican government. Despite being illegal, the abuse of hacking tools against activists and reporters in Mexico has become a systematic policy of intimidation and harassment.

https://motherboard.vice.com/en_us/article/mbjyqx/mexico-hacking-and-spying-on-its-citizens-is-a-human-rights-crisis

UK Cops Say Visiting the Dark Web Is a Potential Sign of Terrorism

Police in the capital have reportedly been handing out leaflets listing what authorities deem as suspicious activity, in the hope that vigilant community members can continue to provide helpful information to law enforcement. […] While the list of suspicious activity includes more traditional examples, such as strange transactions on their bank account, or taking photos of security arrangements, one item reads, “is visiting the dark web, or ordering unusual items online.”

https://motherboard.vice.com/en_us/article/pay4gz/uk-cops-say-visiting-the-dark-web-is-a-potential-sign-of-terrorism

Smart burglars will ride the surf of inter-connected hackability

A nifty burglar will hack into your home security device through a chain of infection, starting from a humble e-cig. Malicious code will then flow though your connected junk of unnecessary gadgetry, via your smart lampshades, robotically enhanced cutlery and intelligent toilet seats, and simply put your security camera in sleep mode. On the way, it will change the timer on your boiler, unlock your autonomous vehicle and reprogram the skills in Alexa. You’ll come home to find the only warm place in the house is the fridge, your car has driven itself to Devon for the weekend and Amazon has delivered 4,000 bananas.

https://www.theregister.co.uk/2017/06/23/smart_burglars_will_ride_the_surf_of_interconnected_hackability/

Even homeowner associations are targets of hackers looking to profit off cybercrime

Our HOA’s website, which was created and controlled by the management company, houses a treasure trove of documents and information pertaining to our association and its members. The website has been hacked, causing embarrassing and confidential information to be leaked and destroying our attorney-client privilege in a legal case. It also caused a huge uproar by owners about the board’s cavalier attitude about cybersecurity.

http://www.latimes.com/business/la-fi-associations-cyber-crime-20170622-story.html

Hollywood Studio Hit By Cyber Extortion Says: ‘Don’t Trust Hackers’

In an exclusive story, the publication Variety tells the tale of Larson Studios, a Hollywood post-production facility that saw three dozen titles, including the forthcoming season of the dark prison comedy, stolen from its network by The Dark Overlord. […] The company’s owners, Jill and Rick Larson, say they transferred $50,000 worth of bitcoin to the attackers in an attempt to prevent the release of stolen content, Variety reports. But The Dark Overlord released the series to file-sharing networks anyway.

http://www.bankinfosecurity.com/blogs/hollywood-studio-hit-by-cyber-extortion-says-dont-trust-hackers-p-2500

Obama reportedly ordered implants to be deployed in key Russian networks

After months of discussions with various advisors, Obama enacted a series of responses, including shutting down two Russian compounds, sanctioning nine Russian entities and individuals, and expelling 35 Russian diplomats from the US. All of those measures have been known for months. The Post, citing unnamed US officials, said Obama also authorized a covert hacking program that involved the National Security Agency, the CIA, and the US Cyber Command. According to Friday’s report: The cyber operation is still in its early stages and involves deploying implants in Russian networks deemed important to the adversary and that would cause them pain and discomfort if they were disrupted, a former U.S. official said.

https://arstechnica.com/tech-policy/2017/06/obama-reportedly-ordered-hacking-operation-targeting-key-russian-networks/

US Secretary of State: I will work with Russia on cyber security issues

US Secretary of State Rex Tillerson has expressed a willingness to work directly with Russia on cybersecurity and other issues. […] “In the case of Russia, any nation state must carefully be aware of their proclivity for taking advantage of such cooperation, especially in the cyber domain  and even more distinctly when it comes to the Russian use of cyber in conjunction with combined arms such as espionage, kinetic means, and physical invasion of a sovereign state eg, Estonia and Ukraine.”

https://www.theregister.co.uk/2017/06/23/tillerson_to_work_with_putin/

CISOs believe CEOs are breaking security rules: Symantec

Covering 1,100 CISOs across 11 global markets, the Symantec CISO Survey revealed that CISOs in Australia are also concerned about growing threats to enterprise data in the cloud and their ability to respond quickly to attacks, with 86 percent of those surveyed indicating that ensuring cloud applications adhere to compliance regulations is one of the most stressful aspects of their job.

http://www.zdnet.com/article/cisos-believe-ceos-are-breaking-security-rules-symantec/

How Corporate Citizens Can Do Their Part In The Fight Against IoT Cyberattacks

Our threat researchers have observed vulnerabilities in IoT devices of virtually every kind. One of the most common vulnerabilities is that the devices are sold with default login credentials, but they don’t prompt the user to change the password upon installation. […] Companies across industries may not be going far enough to fend off network attacks, but at least they’re making incremental efforts to keep customers safer. So it’s a shame to see other members of the same community cut corners and make hasty product-launch decisions that have dramatic financial consequences for consumers and their business brethren.

https://www.forbes.com/sites/forbestechcouncil/2017/06/23/how-corporate-citizens-can-do-their-part-in-the-fight-against-iot-cyberattacks/#4d864c296781

UK Parliament Cuts Email Access After Cyberattack

“Earlier this morning we discovered unusual activity and evidence of an attempted cyberattack on our computer network,” it read. “Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts. “We have been working closely with the National Cyber Security Centre to identify the method of the attack and have made changes to prevent the attackers gaining access.” A House of Commons spokeswoman said that officials had taken “the necessary steps to protect our systems.

http://www.securityweek.com/uk-parliament-cuts-email-access-after-cyberattack

SLO County saw spike in Election Day cyber threats, days after meeting with FBI

On Election Day, the efforts paid off: County staff watched as foreign parties apparently associated with IP addresses from European and Central American countries attempted to break into its cyber infrastructure, said County Clerk Tommy Gong. Though the county did not, and has not since, suffered any breach, it has stepped up coordination with the feds and a vast network of small governments to combat what will only be an increasing and ever-persistent threat. “This, unfortunately, is the new norm,” Gong said.

http://www.sanluisobispo.com/news/local/article157998989.html

Espionage suspect totally thought messages to Chinese intel were deleted

As Mallory explained the device to the agents, he showed the secret messaging app he had been instructed to use. Unfortunately for Mallory, the FBI affidavit reports, “When doing this, Mallory expressed surprise at seeing some secure message history. Prior to the demonstration, he had told the agents that he believed the communication system was designed to delete all previous history.” The message history included one from him that said, “I can also come in the middle of June, I can bring the remainder of the documents I have at that time.”

https://arstechnica.com/tech-policy/2017/06/former-intelligence-employee-caught-selling-top-secret-docs-to-chinese/

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.