IT Security News Blast 01-16-2018

Worst Healthcare Breaches of 2017

The Worst Healthcare Cybersecurity Breaches of 2017
A Department of Health and Human Services (HHS) Healthcare Industry Cybersecurity Task Force report to Congress in June found that digital security is in “critical condition.” According to the Protenus Breach
Barometer, at least 1 breach occurs in the healthcare sector every day. Until now, healthcare has “benefited from relative obscurity while no one was paying attention,” said Joshua Corman, a member of the task force and chief security officer at the software company PTC. “WannaCry shattered that obscurity.”
http://www.hcanews.com/news/the-worst-healthcare-cybersecurity-breaches-of-2017?p=1

 

‘Hacking Incident’ Impacts Nearly 280,000 Medicaid Patients
“On Nov. 7, 2017, we learned an unauthorized third party had gained access to folders on the OSUCHS computer network,” the notification letter says. “These folders stored Medicaid patient billing information. On Nov. 8th, we took immediate action to remove the folders from the computer network and terminated the third-party access. We also launched a thorough investigation, including hiring an independent data security firm. The firm assisted us in determining whether the folders had been compromised.”
https://www.databreachtoday.com/hacking-incident-impacts-nearly-280000-medicaid-patients-a-10587

 

Cyber security is not an option: Five industries most vulnerable to attacks online
·       Healthcare
·       Financial Services
·       Government agencies
·       Businesses
·       Transportation
http://www.firstpost.com/tech/business/cyber-security-is-not-an-option-five-industries-most-vulnerable-to-attacks-online-4302797.html

 

Ten trends that will change business cyber security protection in 2018
·       The Cyber Cold War Escalates
·       The Rise of Mass Social Engineering
·       Infrastructure as a Priority Target
·       The Dawn of Criminal AI and Machine Learning
·       The Financial Trojan Gold Rush
·       Supply Chain Attacks Become Mainstream
https://www.itproportal.com/features/ten-trends-that-will-change-business-cyber-security-protection-in-2018/

 

Cyber Breaches: Who Is To Blame?
Just as with the 2008 financial crisis, mega breaches come down to two root causes:
1. The systems designed are so complex that even owners rarely know how they actually work.
2. Incentives are so misaligned that results almost always ensure owners bear a minuscule cost in comparison to greater society, resulting in society picking up the majority of the debt.
https://www.forbes.com/sites/forbestechcouncil/2018/01/11/cyber-breaches-who-is-to-blame/#612f09792c33

 

Think you are in control? Think again! New Data Protection Regulations Are Here
The next couple of years will be revolutionary in terms of highlighting and guarding consumer data. With the General Data Protection Regulation (GDPR) being enforced in May 2018, organizations are becoming more and more aware of their responsibility to safeguard consumer data and implement the dedicated processes and tools necessary to adhere to regulators’ requirements. There is no doubt that GDPR is all about giving back the control and the ownership of the data to the consumers, but it did not come from nowhere. DPD has been the steady and avalanching advocate of consumer data protection for years.
https://www.nice.com/engage/blog/Think-you-are-in-control-Think-again-New-Data-Protection-Regulations-Are-Here-2325

 

How to respond to Russia’s attacks on democracy
[The] Kremlin’s activities extend beyond just interfering in elections and encompass a comprehensive, asymmetric toolkit that exacerbates existing social divisions in our societies and aims to undermine democratic governments and institutions. Moscow, as a declining power, has opted for low-cost methods such as information warfare, hacking, political support for extremist groups, economic coercion, and illicit finance in an effort to undermine its perceived enemies in the West and create the perception that democracy is an inherently corrupt system.
http://www.homelandsecuritynewswire.com/dr20180115-how-to-respond-to-russias-attacks-on-democracy

 

Pawn Storm readied attacks against U.S. senators, political and Olympic targets
The cybergang has been attacking political organizations in France, Germany, Montenegro, Turkey, Ukraine, and the United States since 2015 and continued doing so in 2017 with various credential-stealing phishing attacks using the same methods, which haven’t shown much technical innovation over time, according to Trend Micro researchers.
https://www.scmagazine.com/pawn-storm-aims-at-political-targets/article/736975/

 

IoT security needs a white knight
Such is the scope of the problem that Frost and Sullivan IoT research director Dilip Sarangan argues for governmental intervention. Sarangan says that, because the responsibility for IoT security is diffused across device manufacturers, network providers, software developers and many others, it’s difficult for the industry to make progress on all-encompassing standards.
https://www.networkworld.com/article/3247774/internet-of-things/iot-security-needs-a-white-knight.html

 

The Stuxnet Computer Worm and Industrial Control System Security (Defense, Security and Strategies) [Book]
This book examines the discovery of the Stuxnet worm which has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented.
http://www.tobem.com/cyberwar/tag/iran/

 

France to vet takeovers of firms in data and artificial intelligence
Bruno Le Maire said he wanted the two sectors to be added to a 2014 decree requiring foreign companies to get permission from the French state before taking control of firms in the energy, telecoms, transport, water and the health industries. […] “I‘m thinking of everything dealing with personal data. Do we really want investors to market our data? I‘m thinking about artificial intelligence, a very sensitive sector that we want more investment in,” he added.
https://www.reuters.com/article/us-france-economy-trade/france-to-vet-takeovers-of-firms-in-data-and-artificial-intelligence-idUSKBN1F118H

 

Physical & cyber convergence: why supply chain communication will be key
However, this increased connectivity has created some confusion regarding where the responsibility lies if a data breach occurs. Is it with the equipment manufacturer; the installer; or the end user utilising the technology? In response to this increasingly converged landscape and the explosion of data, new legislation has been drafted, the EU General Data Protection Regulation (GDPR), to overhaul how businesses process and handle data. As the gap between physical security and cybersecurity diminishes, it is clear businesses must now consider physical and cybersecurity in combination to effectively secure personal data.
https://www.itproportal.com/features/physical-cyber-convergence-why-supply-chain-communication-will-be-key/

 

Secret Evidence and the Threat of More Warrantless Surveillance
In theory, if the government were using this surveillance data to investigate and imprison people in the US, defense attorneys would be able to find out and judges able to evaluate whether the surveillance was constitutional. That transparency would mean the public and Congress would be informed about the impact of this monitoring on people facing something as serious as the loss of their liberty. In reality, this is not the case.
https://www.hrw.org/news/2018/01/11/secret-evidence-and-threat-more-warrantless-surveillance

 

New Report: Export controls, human security and cyber-surveillance technology
In order to provide context for these debates, the report outlines the existing relationship between human rights, international humanitarian law (IHL), terrorism and dual-use export controls and details the origins of the discussion about applying export controls to cyber-surveillance technology and describes the measures that have been adopted to date within the Wassenaar Arrangement and the EU.
https://moderndiplomacy.eu/2018/01/15/new-report-export-controls-human-security-cyber-surveillance-technology/

 

Lenovo spotted and fixed a backdoor in RackSwitch and BladeCenter networking switches
The backdoor was intentionally inserted by Nortel that added it at the request of a BSSBU OEM customer. “An authentication bypass mechanism known as “HP Backdoor” was discovered during a Lenovo security audit in the Telnet and Serial Console management interfaces, as well as the SSH and Web management interfaces under certain limited and unlikely conditions.” states the security advisory.
http://securityaffairs.co/wordpress/67729/hacking/lenovo-backdoor-networking-switches.html

 

Cisco’s new tool will detect malware in encrypted traffic
Given that organizations need to comply with certain data regulations (such as US-CERT prohibits organizations from implementing traffic interception software that compromises TLS security). Therefore, detection of encrypted malicious traffic became a grave issue for companies. According to the blog post by Scott Harrell, Senior Vice President and General Manager at Cisco “ETA uses network visibility and multi-layer machine learning to look for observable differences between benign and malware traffic.”
https://www.hackread.com/cisco-tool-detect-malware-in-encrypted-traffic/

 

Spectre and Meltdown patches causing trouble as realistic attacks get closer
The Meltdown protection is revealing bugs or otherwise undesirable behavior in various drivers, and Intel is currently recommending that people cease installing a microcode update it issued to help tackle the Spectre problem. This comes as researchers are digging into the papers describing the issues and getting closer to weaponizing the research to turn it into a practical attack. With the bad guys sure to be doing the same, real-world attacks using this research are sure to follow soon.
https://arstechnica.com/gadgets/2018/01/spectre-and-meltdown-patches-causing-trouble-as-realistic-attacks-get-closer/

 

Salted Hash Ep 14: Are mass transit systems the next big target? [Video]
“Depending on the threat actors, [transit systems] are a pretty juicy target. You’re talking about being able to do a lot of damage with probably very little effort,” Engelbrecht said, because security by design wasn’t something in the forethought when these systems were being developed.
https://www.csoonline.com/article/3247660/security/salted-hash-ep-14-are-mass-transit-systems-the-next-big-target.html

 

New Mirai Okiru Botnet targets devices running widely-used ARC Processors
Dubbed Okiru, the new Mirai variant, first spotted by @unixfreaxjp from MalwareMustDie team and notified by independent researcher Odisseus, is a new piece of ELF malware that targets ARC-based embedded devices running Linux operating system. […] ARC (Argonaut RISC Core) embedded processor is the world’s second-most-popular CPU core that’s being shipped in more than 2 billion products every year, including cameras, mobile, utility meters, televisions, flash drives, automotive and the Internet of Things.
https://thehackernews.com/2018/01/mirai-okiru-arc-botnet.html

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.