IT Security News Blast 01-02-2018

Cybersecurity in 2018

If 2017 could be described as ‘cyber-geddon’, what will 2018 bring?
The idea that we could see hackers – perhaps linked to Russia – steal code from America’s National Security Agency, publish it, and then have North Korean hackers repurpose it before using it to take down a significant part of Britain’s National Health Service, would previously have been dismissed as fantasy.
http://www.bbc.com/news/technology-42338716

 

The everyday attacks in modern cyber warfare
The Department of Homeland Security has identified 16 critical parts of our infrastructure that are at risk for a cyber attack — energy, financial services, transportation, water, and defense, to name a few. But Adam Meyers, vice president of Intelligence for cyber security company CrowdStrike, told Axios that the focus on critical infrastructure is misplaced; he argues there are smaller hacks occurring every day “that are laying the groundwork” for even bigger attacks in the future.
https://www.axios.com/the-everyday-attacks-in-modern-cyber-warfare-2518920308.html

 

2017 Was The Year Of Hacks. 2018 Probably Won’t Be Better.
“Unfortunately, with the increased pervasiveness of information technology, there has been no concomitant revolution in how professionals tasked with administering these increasingly multifaceted and complex systems do their jobs,” the authors said. “Indeed, they are fighting this battle with weapons from the last war, and the results have been disastrous.” With that in mind, here’s a look back at some of this year’s other notable data breaches, leaks and hacks:
https://www.huffingtonpost.com/entry/data-breach-hacks_us_5a3a7f56e4b025f99e13cdbe

 

5 Risks Posed by the Increasing Misuse of Technology in Schools
Studies of cyber charters have concluded that students learn very little when enrolled in them. There may be students who have legitimate reasons to learn at home online, but these “schools” should not receive the same tuition as brick-and-mortar schools that have certified teachers, custodians, libraries, the costs of physical maintenance, playgrounds, teams, school nurses and other necessities.
https://www.edsurge.com/news/2017-12-29-5-risks-posed-by-the-increasing-misuse-of-technology-in-schools

 

Cyber criminals go in for the kill; ATM thefts rise in Hyderabad
According to research by Symantec, KPMG, and Honeywell, cyber criminals are about to up their game by attacking the millions of devices now connected to the Internet of Things (IOT) both in offices and homes. A KPMG study says the key motive of the attackers is financial gain followed by fraudulent activity, defamation, disruption, and cyber terrorism.
https://www.deccanchronicle.com/nation/crime/020118/cyber-criminals-go-in-for-the-kill-atm-thefts-rise-in-hyderabad.html

 

Nobody’s Ready for the Killer Robot
Lethal autonomous weapons threaten to become the third revolution in warfare. Once developed, they will permit armed conflict to be fought at a scale greater than ever, and at timescales faster than humans can comprehend. These can be weapons of terror, weapons that despots and terrorists use against innocent populations, and weapons hacked to behave in undesirable ways. We do not have long to act. Once this Pandora’s Box is opened, it will be hard to close.
https://www.bloombergquint.com/opinion/2017/12/30/nobody-s-ready-for-the-killer-robot

 

Air Force, hackers strengthen cyber ops
Hack the Air Force 2.0 is a continuation of the Hack the Air Force event held in June 2017. Initiated by the Defense Digital Service, the event is a by-invitation opportunity for computer experts outside the Air Force to assist in strengthening the service’s defensive cyber posture, by discovering and reporting vulnerabilities in Air Force websites.
http://www.hookelenews.com/air-force-hackers-strengthen-cyber-ops/

 

Is Kim Jong Un Responsible For Bitcoin Price Gains?
TechCrunch speculates that because of massive international sanctions which have been put in place to deter North Korea from developing nuclear weapons, the regime has historically found “side businesses” to gain additional funding. One of these could be cyber-piracy. (See also: How the North Korea Economy Works.) In this scenario, the regime gains access to digital currency holdings, work to pump up the prices of those assets, and then dispose of the coins to continue to finance its activities.
https://www.investopedia.com/news/kim-jong-un-responsible-bitcoin-price-gains/

 

North Korean Hackers Hijack Computers to Mine Cryptocurrencies
North Korea is accelerating its pursuit of cash abroad as the world tightens its stranglehold on its conventional sources of money with sanctions cutting oil supplies and other trade bans. […] The hackers may have seized other computers to mine cryptocurrencies and appear to prefer Monero because the currency is more focused on privacy and easier to hide and launder than bitcoin[.]
https://www.bloomberg.com/news/articles/2018-01-02/north-korean-hackers-hijack-computers-to-mine-cryptocurrencies

 

Should We Believe a Russian Hacker Who Claims He Hit the DNC for a Rogue Operative in the FSB?
Kozlovsky claimed in his TV Rain letter that he worked mainly from home and had few contacts outside his focused work hacking and planting malware in various target accounts. But he said he answered to Dokuchayev in the FSB, with whom he had a longstanding relationship, and Dokuchayev is the one who gave him the order to hack the DNC.
https://www.thedailybeast.com/should-we-believe-a-russian-hacker-who-claims-he-did-the-dnc-for-a-rogue-operative-in-the-fsb

 

Microsoft, DOJ set to go head to head at Supreme Court in 2018
2017 brought us a number of new cases concerning technology and law.  […] But as we look to 2018, we also want to provide a little bit of closure on the five cases that we were closely following a year ago—one is now pending before the Supreme Court. So here goes.
https://arstechnica.com/tech-policy/2018/01/microsoft-doj-set-to-go-head-to-head-at-supreme-court-in-2018/

 

Nation-state hacking in 2017
As a Presidential candidate, Donald Trump famously dismissed allegations that the Russian government broke into email accounts belonging to John Podesta and the Democratic National Committee, saying it could easily have been the work of a “400 lb hacker” or China. The public calling-out of North Korean hacking appears to signal a very different attitude towards attribution.
http://www.homelandsecuritynewswire.com/dr20171229-nationstate-hacking-in-2017

 

Why the 2018 Midterms Are So Vulnerable to Hackers
The first primary of the 2018 midterm elections, in Texas, is barely eight weeks away. It’s time to ask: Will the Russian government deploy “active measures” of the kind it used in 2016? Is it possible that a wave of disinformation on Facebook and Twitter could nudge the results of a tight congressional race in, say, Virginia or Nevada? Will hackers infiltrate low-budget campaigns in Pennsylvania and Nebraska, and leak their e-mails to the public? Will the news media and voters take the bait?
https://www.newyorker.com/news/news-desk/why-the-2018-midterms-are-so-vulnerable-to-hackers

 

Chinese Man Sentenced to Five Years in Prison for Running VPN Service
Police arrested Wu earlier this year for running a website that offered access to a VPN service that helped users bypass the country’s national firewall technology. […] Wu is the second man to go to jail for running an unlicensed VPN service in China after authorities sentenced another man earlier this year to nine months in prison. His prison sentence is viewed as an escalation in China’s crackdown on illegal VPN services.
https://www.bleepingcomputer.com/news/government/chinese-man-sentenced-to-five-years-in-prison-for-running-vpn-service/

 

After “swatting” death in Kansas, 25-year old arrested in Los Angeles
The Wichita police briefer repeatedly put the full blame for what happened on SWAuTistic, saying that “the irresponsible actions of a prankster put people and lives at risk” and that “due to the actions of a prankster, we have an innocent victim.” (Finch’s mother had a different view of the police actions, telling the local paper, “What gives the cops the right to open fire? Why didn’t they give him the same warning they gave us? That cop murdered my son over a false report.”)
https://arstechnica.com/tech-policy/2017/12/after-swatting-death-in-kansas-25-year-old-arrested-in-los-angeles/

 

IOHIDeous
This is the tale of a macOS-only vulnerability in IOHIDFamily that yields kernel r/w and can be exploited by any unprivileged user.
https://siguza.github.io/IOHIDeous/

 

Block Threats Faster: Pattern Recognition in Exploit Kits
There is so much noise you need a means of quickly distilling what in that data actually matters. That’s where pattern recognition comes in. Identifying patterns in TTPs (tactics, tool, and procedures) can tip you off to correlations, which is the fastest path to mitigation because you can categorically identify and block significantly more directly related indicators in a shorter amount of time.
https://www.darkreading.com/threat-intelligence/block-threats-faster-pattern-recognition-in-exploit-kits/a/d-id/1330697

 

Louisiana man busted in ‘Nigerian prince’ scam
Michael Neu of Slidell, La., the alleged middle man in the scheme was snared after an “extensive” 18-month probe, the Slidell Police Department said. Authorities said Neu “participated in hundreds of financial transactions, involving phone and internet scams, designed to con money from victims from across the United States.” Some of those dollars were wired to co-conspirators in Nigeria. The investigation is ongoing and is expected to reach beyond the U.S. borders, according to a release from the police department.
https://www.scmagazine.com/louisiana-man-busted-in-nigerian-prince-scam/article/733758/

 

Forever 21: Hackers breached payment system for 7 months, no encryption on POS devices
For starters, the investigation into the security incident revealed that hackers had access to customers’ payment card data for up to seven months in 2017 – from April 3 to November 18. Attackers had obtained network access and installed malware meant to harvest credit card data. But the real mind-blower is that encryption was not even turned on in some of Forever 21’s POS devices.
https://www.csoonline.com/article/3245069/security/forever-21-hackers-breached-payment-system-for-7-months-no-encryption-on-pos-devices.html

 

17 Things We Should Have Learned in 2017, but Probably Didn’t
Chances are, you make similar resolutions every January 1st. Each year the infosec headlines flood us with new cautionary tales, some trying to teach us the same old lessons. Here are 17 things we should have learned from the horrors of 2017…but probably didn’t[.]
https://www.darkreading.com/attacks-breaches/17-things-we-should-have-learned-in-2017-but-probably-didnt/a/d-id/1330541

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.