IT Security News Blast 8-2-2017

Bank cybersecurity may need a new mindset

“Our chief information security officer is ultimately responsible for the security of the bank’s information and our customers’ information, [but] he works in partnership with our IT staff, lines of business, vendors, and customers to make sure that we mitigate risks efficiently and effectively,” Selnick said. “It is essential to design security in from the start of every project, even before implementation starts — security needs to be a partner from the moment the business starts to define its needs for any new system or process.”

https://www.americanbanker.com/news/bank-cybersecurity-may-need-a-new-mindset

 Only 36% of Global Financial Organizations are Confident about their Obama’s cyber czar: ‘We’re making the security problem harder’

[Individuals] and organizations have become so reliant on digital technologies that disruptions once considered a mere nuisance now can trigger critical stoppages in business and government and people’s lives that have an enormous impact. […[ “When you combine those trends, you get a pretty grim picture of the direction of the threat,” Daniel added. “Cyberspace is the only environment where there is more of it on a daily basis. Land, sea and air are not expanding on a daily basis but cyberspace is.” 

http://www.healthcareitnews.com/news/obamas-cyber-czar-were-making-security-problem-harder

 Report: 71% of SMBs are not prepared for cybersecurity risks

With the threat landscape growing, 94% of IT decision makers said they plan to increase their annual IT security budget in 2017 compared to 2016. “Small- to medium-sized businesses face just as many threats as larger ones, but are often at a disadvantage because of their lack of resources,” said Charlie Tomeo, vice president of worldwide business sales at Webroot. “Given the recent spate of ransomware attacks, it is crucial for these companies to shore up their security.”

http://www.techrepublic.com/article/report-71-of-smbs-are-not-prepared-for-cybersecurity-risks/

 HITRUST Launches Community Extension Program For Healthcare Providers

The program is available to all types of healthcare organizations and is designed to support collaboration with local peers on cybersecurity best practices. The initiative also provides support for HITRUST’s CSF and cyber threat sharing and response programs. The program is no cost to attendees and will feature town hall events in 50 cities with more added based on demand over the next 12 months. CSF Assessors will also take part in the program by leading the town hall meetings. HITRUST is working to expand the number of cyber assessors nationally – the current roster is just over 65.

https://civsourceonline.com/2017/08/01/hitrust-launches-community-extension-program-for-healthcare-providers/

 How a coffee machine brewed up ransomware, and other startling findings in the HIMSS cybersecurity report

“So long story short, the coffee machines are supposed to be connected to their own isolated WiFi network, however, the person installing the coffee machine connected the machine to the Internal control room network,” the anonymous Reddit poster wrote. “And then when he didn’t get internet access remembered to also connect it to the isolated WiFi network.” 

http://www.healthcareitnews.com/news/how-coffee-machine-brewed-ransomware-and-other-startling-findings-himss-cybersecurity-report

 What is the Army doing to secure and defend its cyber terrain?

“We’ll essentially take marching orders from ARCYBER,” Brig. Gen. Patrick Burden, commander of Program Executive Office for Enterprise Information Solutions, said at the annual C4ISRNET Conference regarding defensive cyber. He said they are delivering defensive cyber capabilities to the Army through the defensive cyber program office responding to operational needs that are out there today.

https://www.armytimes.com/dod/army/2017/08/01/what-is-the-army-doing-to-secure-and-defend-its-cyber-terrain/

 Researchers discover burstiness and strong memory combination in cyber intrusions

“The likely mechanism of the burstiness in intrusion detection is reminiscent of the integrate-and-fire, or similar threshold phenomenon: the analysts’ knowledge about a new malware accumulates to the point until it becomes actionable and enables analysts to recognize a particular type of intrusion that was previously difficult or impossible to find. At that point, the analysts are able to rapidly recognize a number of pre-existing intrusions within a network under their care and produce multiple reports in rapid succession,” Kott says.

http://mil-embedded.com/news/researchers-discover-burstiness-and-strong-memory-combination-in-cyber-intrusions/

 Senators offer bill to boost security of internet-connected devices

Sens. Mark Warner (D-Va.), Steve Daines (R-Mont.), Cory Gardner (R-Colo.) and Ron Wyden (D-Ore.) introduced the “Internet of Things Cybersecurity Improvement Act of 2017.” “While I’m tremendously excited about the innovation and productivity that Internet-of-Things devices will unleash, I have long been concerned that too many Internet-connected devices are being sold without appropriate safeguards and protections in place,” said Warner in a statement announcing the bill.

http://thehill.com/policy/cybersecurity/344786-bipartisan-sens-propose

 More political headbanging on encryption threatens privacy

The UK’s Home Secretary has yet again cranked up the pressure on messaging giants over use of end-to-end encryption to secure communications sent via popular services like WhatsApp — implying she would prefer tech companies voluntarily re-engineer their security systems so that decrypted data can be handed over to terror-fighting intelligence agencies on demand.

https://techcrunch.com/2017/08/01/more-political-headbanging-on-encryption-threatens-privacy/

 Former FTC lawyer: Expect fewer data breach and privacy cases under Ohlhausen

“I think you’ll see a drop off in cases,” former FTC attorney Whitney Merrill told CyberScoop after a presentation she co-hosted at the DEF CON hacker convention in Las Vegas last week. “We can’t deny that’s true.” New Chairwoman Maureen Ohlhausen, a Republican, told a lawyers at conference earlier this year that under her leadership the agency will focus on “objective, concrete harms such as monetary injury” and eschew “speculative injury, or … subjective types of harm.” Most data breaches fall into that latter category. The agency pursues those cases as part of its mission to fight identity theft.

https://www.cyberscoop.com/former-ftc-lawyer-expect-fewer-data-breach-privacy-cases-ohlhausen/

 Stage set for cyber war

Nation states have become the target now. Not persons. In the recent past generally, the hardware people happily install old Windows operating system without any caveat — of course. What happened to them? Why are they so scared? The recent consecutive ransomware attacks that affected thousands of individuals and organizations worldwide suddenly changed the whole postulated sequences of possible events and our mindset. First ‘WannaCry’and then ‘GoldenEye’ has changed it permanently.

http://www.tehelka.com/2017/08/stage-set-for-cyber-war/

 62% of cybersecurity experts believe AI will be weaponized in next year

“While AI may be the best hope for slowing the tide of cyberattacks and breaches, it may also create more advanced attacker tactics in the short-term,” the post said. While the majority of those surveyed said that they felt there was a high possibility that AI would be used offensively, 32% said that there wasn’t a possibility of that happening, and 6% said they didn’t know. It was noted, however, that the potential use of AI as an offensive weapon wouldn’t slow the use of AI as a defensive tool.

http://www.techrepublic.com/article/62-of-cybersecurity-experts-believe-ai-will-be-weaponized-in-next-year/

 “E-mail prankster” phishes White House officials; hilarity ensues

Over the past few weeks, a self-described “e-mail prankster” has posed as members of President Donald Trump’s administration in a series of e-mails to White House officials, publishing responses to Twitter for comedic effect. Among the targets were Trump’s top homeland security advisor Tom Bossert—who volunteered his personal e-mail address to the prankster because Bossert believed he was interacting with Jared Kushner. In the e-mail, the faux Kushner invited Bossert for a “soirée” with food better than the two had eaten together on their Iraq visit.

https://arstechnica.com/gadgets/2017/08/e-mail-prankster-phishes-white-house-officials-hilarity-ensues/

 Cyberattack on industrial control systems can put a whole nation at risk

At the 2017 Global Cybersecurity Summit, a panel of experts discussed Ukraine’s vulnerability to cyberattacks. Brack echoed the sentiments expressed at the Summit, explaining that Kiev is a hotbed for industrial vulnerabilities and cyberattacks. “Most people consider it testbed attacks,” Brack said in reference to the most recent cyberattacks in the Ukraine. By saying “testbed,” Brack explained that Ukraine could be the trial run for attacks that could be used on other democracies. This notion is particularly unnerving with the US relying so much on critical infrastructure, Patterson stated.

http://www.techrepublic.com/article/cyberattack-on-industrial-control-systems-can-put-a-whole-nation-at-risk/

 SecureWorks uncovers female ‘honey pot’ cyber espionage campaign

Counter Threat Unit (CTU), discovered Mia Ash is a fake female “honey pot” persona and believes it has been created and is being run Cobalt Gypsy, a.k.a. OilRig.  Cobalt Gypsy is often called OilRig because they have been historically known to target oil and gas, technology, engineering, aerospace and telecommunications companies in the Middle East. The Mia Ash campaign has been designed to obtain the high- level network credentials of male employees of specific target organisations in Saudi Arabia, India, U.S, and Iraq. 

http://www.itp.net/613977-secureworks-uncovers-female-honey-pot%E2%80%9D-cyber-espionage-campaign

 Baltimore police commissioner orders cops not to stage body cam footage

The memorandum, first revealed by the Baltimore Sun, comes as Baltimore prosecutors are dropping at least 41 drug and gun cases connected to three Baltimore Police Department officers shown in a body cam video in which one of them is seen planting drug evidence. That officer, who apparently did not realize his body cam was recording, has been suspended. The other two have been assigned to administrative duty.

https://arstechnica.com/tech-policy/2017/08/baltimore-police-commissioner-orders-cops-not-to-stage-body-cam-footage/

 It’s 2017 and Hayes AT modem commands can hack luxury cars

The first vulnerability is a stack-based buffer overflow that ICS-CERT says is only exploitable by an attacker with physical access to the car. Old-timers will get nostalgic and weepy at this point: the vulnerability is exposed by the modem’s AT command set. As detailed in this DEFCON presentation (PDF), the commands are AT+STKPROF, AT+XAPP, AT+XLOG and AT+FNS. […] The second – which is remotely exploitable if you can get a 2G connection – lets an attacker “access and control memory” for “remote code execution on the baseband radio processor of the TCU.”

https://www.theregister.co.uk/2017/08/01/telematics_vulnerabilities_in_bmw_infiniti_ford_nissan/

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.