IT Security News Blast 7-21-2017

Cisco predicts a major increase in cyberattacks designed to destroy systems

Cisco researchers are predicting more and larger cyberattacks that have the goal of destroying their targets systems, instead of financial gain or stealing information. Cisco offered this forecast in its 2017 Midyear Cybersecurity Report where it cited the destructive nature of the NotPetya attacks, that appeared to be traditional ransomware, but were in fact something designed to wipe a target’s system […] A type of attack Cisco labeled “destruction of service” (DeOS). “There are signs that new types of attacks—more sinister and destructive than campaigns of the past—are in development. Adversaries are devising high-impact, well planned attacks that are designed to prevent any organization, big or small, from operating,” the report stated.

https://www.scmagazine.com/cisco-predicts-a-major-increase-in-cyberattacks-designed-to-destroy-systems/article/676306/

 Cyber-terrorism: the next logical threat to come from IS

As IS looses territory in the Middle East we have seen an upsurge in IS attacks focussing on softer and less protected targets in the West, such bars and bridges; the flexibility the organisation has demonstrated in the past suggest it is unlikely to ignore cyber for long and several prominent terrorism authorities argue “It is no longer a matter of if cyber-terror will emerge, but when”.  States have demonstrated that they can bring down power stations (Stuxnet in Iran or BlackEnergy in Ukraine), so non-state actors have a template to follow. Given both the significant funds still available to IS even now, and the ease by which hacking tools are available to purchase on the dark web, a combination of cyber-crime and jihadism is a likely future threat.

https://www.scmagazine.com/cyber-terrorism-the-next-logical-threat-to-come-from-is/article/676298/

 Children especially vulnerable to cybersecurity attacks in health care

Cyberattacks in the health care industry can impact individual patients by disrupting continuity of care and compromising their personal data such as names, social security numbers and home addresses. Public health can be affected as well as if entire systems are shut down and data are held for ransom. […] Small pediatric practices may be especially vulnerable to cyber threats if they have limited financial resources to keep up with recommended security upgrades. “We live with the reality that it is not a question of whether our systems will be attacked or hacked but when and how bad it will be,” Dr. Harper said.

http://www.aappublications.org/news/2017/07/20/HIT072017

 Healthcare cybersecurity is due for a checkup

The report also notes that, at the organizational level, cybersecurity is often viewed as a siloed “IT” problem, and not something that requires high-level attention. Until a healthcare organization experiences a data breach, information security professionals may have trouble convincing the organization that cyber-attacks pose risks to patient care, or that proactive measures can protect the organization against long-term reputational damage. […] The tension between the cost of preparedness and an organization’s limited resources can also be problematic, particularly in smaller organizations.

http://www.nhbr.com/July-21-2017/Healthcare-cybersecurity-is-due-for-a-checkup/

 Hackers Steal $32 Million in Ethereum From 3 Multisig Wallets

If you have stored funds at Parity Technologies, a smart contract coding firm, multi-signature wallet then it is the right time to move them to normal wallets. Parity has issued security alert of “critical” nature to make customers aware of an exploitable vulnerability in its multi-signature wallet software. Reportedly, the vulnerability has been identified in the software’s versions 1.5 and above. As a result, their wallet software became the target of malicious objectives of threat actors as hackers stole 150,000 eth Ethereumers (equivalent to $32 million) from Parity. Etherscan.io has confirmed the data loss.

https://www.hackread.com/hackers-steal-32-million-in-ethereum-from-3-multisig-wallets/

 Sentenced Russian Hacker a ‘Key Resource’ For Cyber Underworld

Assistant U.S. Attorney Steven Grimberg, who prosecuted Vartanyan and Belorossov, said that, while Vartanyan was not the author of the Citadel malware, “He was the person the author of it went to to make it better anytime there was a glitch in the program, or the author wanted some code written to make it more pernicious. … He was the technical expertise behind the software.” […] Those communications were forwarded by the suspected author to Vartanyan, Grimberg said. The investigation and the hunt for Citadel’s author continues, the federal prosecutor said.

http://www.dailyreportonline.com/id=1202793433059/Sentenced-Russian-Hacker-a-Key-Resource-For-Cyber-Underworld?slreturn=20170620211429

 Global cyber sting shuts down dark web bazaars

A global cyber crime investigation led by US and European officials has shut down Alphabay and Hansa Market, illegal marketplaces on the so-called dark web that conducted transactions worth tens of millions of dollars a month in recreational drugs, stolen credit card numbers, and weapons. The move is the biggest international strike against online marketplaces that deal in illegal goods — Alphabay was the largest in the world and Hansa Market the third-largest. […] “They managed to catch the biggest fish in the sea,” says Nicolas Christin, a professor at Carnegie Mellon University who studies the marketplaces.

https://www.ft.com/content/4657c79e-6d5f-11e7-bfeb-33fe0c5b7eaa

 IRS warns tax pros of account takeovers by cyber criminals

The IRS noted that account takeovers occur when a thief manages to steal or guess the username and password of a tax professional. That allows a cybercriminal to access the tax professional’s computers or other online accounts. Thieves can then use the credentials to gain access to a tax professional’s IRS e-Services account to steal their Electronic Filing Identification Number or their tax software account to get their hands on taxpayer information.

https://www.information-management.com/news/irs-warns-tax-pros-of-account-takeovers-by-cyber-criminals

 Trump Preparing Aggressive Response to Cyber Attacks

The Trump administration is preparing to conduct aggressive action against foreign nations that hit the United States with cyber attacks, a White House policymaker said Thursday. Tom Bossert, assistant to the president for homeland security and counterterrorism, said China, Russia, Iran, and North Korea have not been deterred from conducting cyber attacks using the internet. “They are right now not paying enough—they’re not paying anything,” Bossert said, noting that sub rosa cyber actions, whether stealing data or destroying computer systems, are “a very cheap exercise from them and a very high reward.”

http://freebeacon.com/national-security/trump-preparing-aggressive-response-cyber-attacks/

 Moscow in talks with U.S. to create cyber working group: RIA report

Moscow and Washington are in talks to create a joint cyber security working group, Russia’s RIA news agency reported on Thursday, citing Andrey Krutskikh, a special presidential envoy on cyber security.”The talks are underway … different proposals are being exchanged, nobody denies the necessity of holding the talks and of having such contacts,” Krutskikh said, according to RIA.

http://www.reuters.com/article/us-russia-us-cyber-envoy-idUSKBN1A51MM

 Tillerson cuts high-profile cyberdiplomacy office in State Dept. reorg

On the heels of the resignation of State Department Cyber Coordinator Chris Painter—the top diplomat for negotiations on setting norms for nations’ behavior in “cyberspace”—a State Department spokesperson confirmed that Secretary of State Rex Tillerson is moving toward shutting down the department’s Office for the Coordination of Cyber Issues. […] As the head of the office, Chris Painter—a career Department of Justice employee who was detailed to the State Department for the post six years ago—took part in multiple multinational negotiations resulting in agreements to halt economic electronic espionage against other countries’ companies.  Among these was an agreement reached by the Group of 20 leading world economic powers (G20) in November of 2015.

https://arstechnica.com/tech-policy/2017/07/state-department-moves-to-downgrade-cyber-diplomacy-office/

 Obama produced plan to counter potential Election Day cyberattack: report

Former President Obama’s administration reportedly crafted a plan last year to combat a potential cyber hack on Election Day. The plan, reported by Time, included ideas such as sending “armed federal law enforcement agents” to polling places. “In almost all potential cases of malicious cyber activity impacting election infrastructure, state, local, tribal, and territorial governments” would be primarily in charge of responding, said the 15-page plan, obtained by the magazine.

http://thehill.com/policy/cybersecurity/342878-obama-produced-plan-to-counter-potential-election-day-cyberattack-report

 Cybersecurity is too important to be bogged down in government bureaucracy

Any interference in our election system is primarily a national security issue, which demands the work of tech companies and public agencies to pool information, resources and talent to protect our democracy’s most vital asset: our citizens. Mr. Donilon correctly cited the importance of information-sharing between entities, yet this strategy must be extended down to our citizens, by these entities, in their daily lives as parents, employees, employers and students.

https://www.washingtonpost.com/opinions/cybersecurity-is-too-important-to-be-bogged-down-in-government-bureaucracy/2017/07/20/9e19a76c-6bd5-11e7-abbc-a53480672286_story.html?utm_term=.c54d6b0d56e3

 FirstNet teams triage cybersecurity, rural coverage as they build out network

When it comes to building a cybersecurity system, nothing can be perfect — but it can be bulletproof. That’s the goal for the teams at AT&T and FirstNet, as they plan out security for the country’s first high-speed, nationwide wireless broadband network dedicated to public safety. “We are going to great lengths to ensure that this network is as secure as possible because as you say, this could obviously be a target for attack,” said Chris Sambar, senior vice president at AT&T, during a July 20 hearing of the Senate Subcommittee on Communications, Technology, Innovation, and the Internet.

https://federalnewsradio.com/technology-main/2017/07/firstnet-teams-triage-cybersecurity-rural-coverage-as-they-build-out-first-responder-network/

 FCC says it cannot provide more proof of claimed cyberattack

The FCC claimed at the time that the website did not crash because of the large amount of traffic Oliver generated, but was instead the result of a Distributed Denial of Service Attack. An FCC official cited an “analysis” that lead the agency to that conclusion. Tech website Gizmodo filed a Freedom of Information Act request seeking the FCC analysis of the attack. But in their response, the agency said there was no “written” analysis of the May 8 attack. “The analysis referred to stemmed from real time observation and feedback by Commission IT staff and did not result in written documentation,” the FCC said.

http://thehill.com/policy/technology/342971-fcc-says-it-has-no-documentation-of-cyberattack-that-it-claims-happened

 Cybersecurity Stocks Near Buy Points Are Selling Off Today: Here’s Why

Shares of Check Point Software Technologies (CHKP) shares plunged Thursday after the security software provider reported second-quarter earnings before the market open that topped expectations, but its third-quarter outlook fell short of forecasts. […] The company also sees revenue in the third quarter in the range of $430 million to $465 million. The midpoint of the company’s outlook is $447.5 million, short of the consensus of $463 million.

https://www.investors.com/news/technology/check-point-software-earnings-top-views-as-cybersecurity-stocks-fall/

 Judge: Glassdoor reviews aren’t “political,” so feds can grab user identities

Federal investigators sent a subpoena asking for the identities of more than 100 anonymous users of the business-review site Glassdoor, who apparently posted reviews of a company that’s under investigation for potential fraud related to its contracting practices. The government later scaled back its demand to just eight users. Prosecutors believe these eight Glassdoor users are “third-party witnesses to certain business practices relevant to [the] investigation.” The name of the company under investigation is redacted from all public briefs.

https://arstechnica.com/tech-policy/2017/07/judge-glassdoor-reviews-arent-political-so-feds-can-grab-user-identities/

 Privacy and The Digital World

What we choose to reveal and what we chose to hide is a personal choice, not something that’s being forced upon you. Privacy is like empowerment. It is like you have all the control over who knows what about you and when. While the outcome of it is all acceptable by you or not. How digital age is impacting our personal privacy is a big question mark and a matter of great concern. Anybody who is found to be taking unnecessary interests in someone’s under cover private details like media sources and new seeking individuals would be charged as guilty of invading one’s privacy. There may be four different types of privacy invasions being recognized which a briefly explained as follows.

https://www.hackread.com/privacy-digital-world/

 Apple Patches BroadPwn Bug in iOS 10.3.3

Apple released iOS 10.3.3 Wednesday, which serves as a cumulative update that includes patches for multiple vulnerabilities including the high-profile BroadPwn bug that allowed an attacker to seize control of a targeted iOS device. BroadPwn was revealed earlier this month as a flaw in Broadcom Wi-Fi chipsets used in Apple and Android devices. Apple said the vulnerability affected the iPhone 5 to iPhone 7, the fourth-generation iPad and later versions, and the iPod Touch 6th generation.

https://threatpost.com/apple-patches-broadpwn-bug-in-ios-10-3-3/126955/

 No one still thinks iOS is invulnerable to malware, right? Well, knock it off

The study found that since iOS has become more popular as a platform, especially for enterprise executives and government agency officials, the rate of attacks and incidents of malware have increased. According to the report, the percentage of enterprise iOS devices that have malicious apps installed today has more than tripled since Q3 2016. In comparison, the rate of Android malware infections has stayed relatively flat.

https://www.theregister.co.uk/2017/07/20/ios_security_skycure/

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.