IT Security News Blast 7-31-2017

Security-as-a-Service an answer to rising network security costs

According to CIO, predictions suggest that by 2020, 85 per cent of large enterprises will use a cloud access security broker solution — up from just five per cent in 2015. Sixty-seven per cent of mid-market businesses surveyed said they planned to use cloud-based security services to manage or co-manage their security, with eight out of 10 IT and security executives saying they preferred SECaaS to MSSPs. What’s more, 90 per cent of those asked said they have either a need or plan to invest in network security-as-a-service over the next 12 months.

http://www.banklesstimes.com/2017/07/27/security-as-a-service-an-answer-to-rising-network-security-costs/

 Global Healthcare Cyber Security Market 2017: Detailed Analysis Covering Major Industry Factors

Charts, graphs, statistics, and tables have been included wherever required to present the information in a clear manner. This study is also presented on geography wise. Every region key factors are provided which is attracting this market towards growth. The report also elaborates on the opportunities the emerging markets of North America, Europe, Middle East & Africa, Asia Pacific and Latin America offer. The research report also analyzes the market hierarchy carrying out a SWOT analysis of the key players operating in the global Healthcare Cyber Security market.

https://www.medgadget.com/2017/07/global-healthcare-cyber-security-market-2017-detailed-analysis-covering-major-industry-factors.html

 It took DEF CON hackers minutes to pwn these US voting machines

“Without question, our voting systems are weak and susceptible. Thanks to the contributions of the hacker community today, we’ve uncovered even more about exactly how,” said Jake Braun, who sold DEF CON founder Jeff Moss on the idea earlier this year. “The scary thing is we also know that our foreign adversaries – including Russia, North Korea, Iran – possess the capabilities to hack them too, in the process undermining principles of democracy and threatening our national security.”

https://www.theregister.co.uk/2017/07/29/us_voting_machines_hacking/

 How A Coffee Machine Infected Factory Computers with Ransomware

A few months ago researchers exposed life threatening vulnerabilities in IIoT (Industrial Internet of Things) devices specifically Industrial robots. In their findings, robots could be hacked, but in this case, we are about to discuss a smart coffee machine or an Internet connected coffee machine. The incident took place in June 2017 and was shared by a chemical engineer on Reddit who goes by the handle of “C10H15N1.” He works as a PLC (Programmable Logic Controllers) expert in a company that has multiple petrochemical factories making chemicals in Europe.

https://www.hackread.com/how-a-coffee-machine-infected-factory-computers-with-ransomware/

 Wind farms and factory robots at risk from hackers, experts say

“What if we wanted to ransomware a wind farm? I’m not talking encrypting data, I’m talking about paralysing wind farm operations in such a way they are no longer able to produce electricity,” he told an audience in Las Vegas. Mr Staggs estimates that disabling a wind farm for just one day could cost the energy provider up to $700,000. “If the electric utility decides not to comply . . . the attacker is able to cause damage to the turbines.”

https://www.ft.com/content/81c01028-73a6-11e7-aca6-c6bd07df1a3c

 Throw Out the Playbooks to Win at Incident Response

Unlike athletes in organized sports, hackers play by their own set of rules, and threat tactics are ever-evolving. This means playbooks, by definition, leave gaps in security because they rely on established criteria. Additionally, playbooks place a heavy workload on security teams, creating even more vulnerabilities for enterprises.

https://www.darkreading.com/vulnerabilities—threats/throw-out-the-playbooks-to-win-at-incident-response/a/d-id/1329450

 Future infantry might not need humans

The advent of artificial intelligence in combat will radically change the nature of the infantry, experts said. “We’re standing on the cusp of a fundamental change in the history of warfare,” MacFarland said. Many of the experts see the role of the infantryman morphing into that of a kind of battlefield coordinator. The individual soldier or Marine leader will receive vast amounts of data via heads-up displays much like a fighter pilot but use that information to command multiple direct and indirect fire systems and recon the battlefield with individual drones.

https://www.militarytimes.com/news/your-army/2017/07/30/future-infantry-might-not-need-humans/

 ShadowBrokers Remain an Enigma

“What we’ve seen in the last year is them publishing tools and documents that undermine the U.S. government and how legitimate they are in the intelligence community,” Suiche said, pointing to the group’s tendency to jab at the NSA’s operational security its failure to protect it’s exploits, and it’s overall insider problem. “The ShadowBrokers’ leaks were way more significant than the Snowden releases,” Suiche said. “But there was more of a story with Snowden.”

https://threatpost.com/shadowbrokers-remain-an-enigma/127072/

 How to write an IT security engineer job description

IT security engineer is a relatively new job title, with the responsibilities and scope still in flux. Its focus is on quality control within the IT infrastructure. This includes designing, building and defending scalable, secure, and robust systems; working on operational data center systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect those networks.

http://www.csoonline.com/article/3211324/it-careers/how-to-write-an-it-security-engineer-job-description.html

 Most companies fail to measure cybersecurity effectiveness

“It’s really astonishing to have the results come in and see just how many people are failing at measuring the effectiveness of their cybersecurity and performance against best practices,” said Joe Carson, Chief Security Scientist at Thycotic. “This report needed to be conducted to bring to light the reality of what is truly taking place so that companies can remedy their errors and protect their businesses.”

https://www.helpnetsecurity.com/2017/07/27/measure-cybersecurity-effectiveness/

 Demand for automotive cybersecurity pros outpaces supply

“Hacking cars is hard. It requires specialized equipment and knowledge, not to mention the car. That’s part of the reason [manufacturers] jumped into this. It’s a good way to access talent they would otherwise be unable to hire.” The gap between the number of needed and trained researchers will only grow, said Ellis, as car manufacturers move toward driverless cars. For now, the industry is struggling to meet the needed security experts to work on automobiles specifically.

http://thehill.com/policy/cybersecurity/344539-demand-of-automotive-cyberseuriy-pros-outpaces-supply

 Researchers Release Free Tool to Analyze ICS Malware

ESET researchers Robert Lipovsky and Anton Cherepanov wrote an IDAPython script for IDA Pro that allows researchers and security team members to reverse-engineer binaries that employ the OPC Data Access industrial communications protocol, namely the CrashOverride/Industroyer malware that turned out the lights in Kiev in 2016, as well as Havex, a remote access Trojan used for cyber espionage against industrial control system environments.

https://www.darkreading.com/attacks-breaches/researchers-release-free-tool-to-analyze-ics-malware/d/d-id/1329484

 House Republican: US just as focused on data security as Europe

Rep. Will Hurd (R-Texas) said Sunday that Europe can’t pretend to be more idealistic on privacy issues than the U.S. while many of its nations try to enact laws limiting encryption. […] Europe likes to act like they take privacy more severely than we do. That is patently false,” he told The Hill at the DEF CON cybersecurity conference in Las Vegas. “This notion we don’t take this seriously in the U.S. is wrong.“

http://thehill.com/policy/technology/344526-house-republican-us-just-as-focused-on-data-security-as-europe

 New U.S. Cyber-Security Legislation May Help Reassert Fourth Amendment

Senators Mike Lee (R-UT) and Patrick Leahy (D-VT) have introduced the Senate version of a bill to modernize the Electronic Communications Privacy Act. The new bill, which would modernize the original ECPA to require warrants for access to electronic communications such as email, also adds a requirement for a warrant for location information. The original House bill, the Email Privacy Act, did not cover location information.

http://www.eweek.com/security/new-u.s.-cyber-security-legislation-may-help-reassert-fourth-amendment

 Politicians’ social media pages can be 1st Amendment forums, judge says

“The suppression of critical commentary regarding elected officials is the quintessential form of viewpoint discrimination against which the First Amendment guards,” US District Judge James Cacheris wrote Tuesday in a suit brought by a constituent against Phyllis Randall, the chairwoman of the Loudoun County Board of Supervisors in Virginia.

https://arstechnica.com/tech-policy/2017/07/politician-dinged-for-blocking-critical-constituent-from-facebook-page/

 Apple has removed all major VPN apps from Chinese App Store

In their blog post, ExpressVPN wrote that: “We’re disappointed in this development, as it represents the most drastic measure the Chinese government has taken to block the use of VPNs to date, and we are troubled to see Apple aiding China’s censorship efforts. ExpressVPN strongly condemns these measures, which threaten free speech and civil liberties.”

https://www.hackread.com/apple-removed-vpn-apps-chinese-app-store/

 Dark web doesn’t exist, says Tor’s Dingledine. And folks use network for privacy, not crime

In fact, he said, only three per cent of Tor users connect to hidden services, suggesting the vast majority of folks on the network are using it to anonymously browse public websites for completely legit purposes. In other words, netizens – from journalists to activists to normal peeps – use Tor to mask their identities from website owners, and it’s not just underworld villains.

https://www.theregister.co.uk/2017/07/29/tor_dark_web/

 DHS cyber shakeup faces new hurdles

Officials at DHS called for reorganizing their cyber and infrastructure protection duties during the Obama administration. However, the issue was a source of tension between the executive branch and Congress last year, as lawmakers grew frustrated over an internal reorganization proposal leaked to the media that suggested DHS was moving forward without involving Congress.

http://thehill.com/policy/cybersecurity/344414-dhs-cyber-shakeup-faces-new-hurdles

 Creating a Common Language Of Cybersecurity

The Office of the Director of National Intelligence is developing a set of common definitions to unify descriptions of cyberthreats used by different elements of the intelligence community. The effort seeks to bridge differences among various segments of the community when it comes to assessing these threats and reporting them to government organizations and industry.

https://www.afcea.org/content/creating-common-language-cybersecurity

 Broadcom chip bug opened 1 billion phones to a Wi-Fi-hopping worm attack

“This research is an attempt to demonstrate what such an attack, and such a bug, will look like,” the researcher wrote in a detailed blog post. “Broadpwn is a fully remote attack against Broadcom’s BCM43xx family of Wi-Fi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit.”

https://arstechnica.com/information-technology/2017/07/broadcom-chip-bug-opened-1-billion-phones-to-a-wi-fi-hopping-worm-attack/

 Microsoft won’t patch SMBv1 flaw that only an idiot would expose

After it landed, Twitter user @JennaMagius detailed what happens in a longish Twitter-thread, saying that the bug offers an easy vector to hose big web servers with small computers (all the way down to a Raspberry Pi). However, it only works if the target machine has SMBv1 exposed to the Internet, and for that reason, Microsoft doesn’t see it as demanding an immediate patch.

https://www.theregister.co.uk/2017/07/30/slow_loris_smbv1_attack/

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.