IT Security News Blast 01-30-2018

Women in Cybersecurity

Cyber security: British businesses could be fined $23.9 million if they don’t have effective measures in place
Transport, water, energy and health businesses in Britain could be fined as much as £17 million ($23.9 million) if they don’t have the “most robust” safeguards in place to guard against cyber-attacks. In an announcement Sunday, the U.K. government said that a “simple” and straightforward system would be created to make it easy for businesses to report both IT failures and cyber breaches.

Incident Reporting Key to New Cybersecurity Rule
The duty arose from the mandatory clause in the Defense Federal Acquisition Regulation Supplement […] titled, “Safeguarding Covered Defense Information and Cyber Incident Reporting.” […] Naturally, because of the deadline, many focus on the “front half” of the regulation — safeguarding — without much attention to the “other half” — incident reporting.

Why So Few Women Work In Cyber Security (And How We Can Change It)
Women are often still paid less, promoted less, and deal with discrimination and harassment, prompting the pursuit of other career paths. Importantly, this doesn’t just extend to the workplace, but also professional conferences (cons), each of which has its own culture and vary in their degree of inclusivity.

Report: Number of cyber incidents doubled in 2017, yet 93 percent could easily have been prevented
Out of nearly 160,000 reported cyber incidents affecting businesses in 2017, 93 percent could have been prevented by following basic security measures such as regularly updating software, blocking fake email messages, using email authentication, and training employees, a new report claims.

Norway’s Data Breach: Lessons for the US Healthcare Industry
Despite the size of the breach, the healthcare provider acted swiftly to mitigate damage, send out notifications, and activate their incident response plan. Additionally the hospital network worked with vendors and trusted partners to expedite the mitigation of the data breach. While this incident did happen in Norway there are some critical lessons that healthcare organizations in the U.S. can take away from this situation.

With iOS 11.3, Apple looks to unite patients and their healthcare data
Last week, Apple announced the update to the Health app with the iOS 11.3 beta, enabling mobile users to see EMRs on their iPhone. The updated Health Records section within the Health app brings together hospitals, clinics and the existing app to make it easy for users to see available medical data from multiple providers whenever they choose.

Florida practice sues Allscripts after ransomware attack
Surfside Non-Surgical Orthopedics has filed a class-action suit against Allscripts alleging the company didn’t protect against a ransomware attack to its cloud-based applications. The Jan. 18 attack caused clients to lose access to the applications, reported Fierce Healthcare. The Boynton Beach, Florida-based practice alleges that Allscripts knew of issues with its systems, but did not fix the problems despite knowing about the threat, which ultimately led to the access issues this month.

U.S. military personnel aren’t the only ones oversharing on fitness apps
Soldiers using fitness tracking devices inadvertently revealed the locations of U.S. military bases — including classified ones — and the incident has lessons for anyone with a smartphone. […] Fitness tracking companies can pinpoint where people live, how often they sleep, and even when they are engaged in sexual activity based on data collected[.]

Alleged Trump administration docs show military weapons a 5G concern
5G will form both a “defensive perimeter” protecting US information against cyber attacks or involvement by malicious state actors while also enabling the use of data-intensive physical weaponry, the alleged government memo says. It adds that currently, even the US Department of Defense (DoD) is “unprepared for the information age”.

Russian servers linked to DDoS attack on Netherlands financial network: Report
The DDoS attacks that hit ABN Amro, ING and Rabobank over the weekend and on Monday, came from servers in Russia, according to security company ESET. The company adds that this does not automatically mean that the perpetrators are also in Russia, the Telegraaf reports. […] The Ministry of Justice and Security called the attacks on the Dutch institutions very advanced, according to BNR. […] We are now fighting at a very high level”, the Ministry said. The Ministry can’t yet say who is behind these attacks.

African Union accuses China of hacking headquarters
The hack underscores the risk African nations take in allowing Chinese technology companies such prominent roles in developing their telecoms backbones, despite the US placing restrictions on investment by Huawei and ZTE. The two companies have “built most of Africa’s telecoms infrastructure”, according to a McKinsey report on Chinese investment in Africa published last year.

Intel alerted Chinese cloud giants ‘before US govt’ about CPU bugs
Select big customers – including Lenovo and Alibaba – learned of the design blunders some time before Uncle Sam and smaller cloud computing suppliers, The Wall Street Journal reports, citing unnamed people familiar with the matter and some of the companies involved. The disclosure timeline raises the possibility that elements of the Chinese government may have known about the vulnerabilities before US tech giant Intel disclosed then to the American government and the public.

Dutch team infiltrated Russian hacker group, witnessing U.S. election meddling, DNC attack: report
Information collected by the Dutch Joint Sigint Cyber Unit (JSCU) was turned over to the NSA, CIA, and FBI, and helped form the basis for the U.S. special counsel investigation examining claims of Russian meddling during the 2016 presidential election campaign battle between current U.S. President Donald Trump and former Secretary of State Hillary Clinton. The JSCU, comprised of members from the AIVD and MIVD intelligence agencies, kept watch over Cozy Bear from anywhere between 12 to 30 months.

Two new cryptocurrency heists make off with over $400M worth of blockchange
The Japanese cryptocurrency exchange Coincheck has shut down trading and withdrawals from accounts after a reported theft of more than 500 million XEM—the blockchain-based cryptocurrency created by the NEM Foundation. At the time of the theft, 500 million XEM was worth approximately $400 million US. Police were reportedly at Coincheck’s offices.

Phishing Scam: Hackers Steal $150,000 in Ethereum from Experty ICO
Just a week after the biggest hack in the history of cryptocurrency business in which Japan-based Coincheck exchange was hacked to steal $534 million the much-awaited token sale called Initial Coin Offering or ICO by Experty has landed in no man’s land after a hacker tricked the ICO participants with a fake pre-ICO sale announcement and luring those who signed up for the notifications into sending Ethereum funds to wrong wallet address.

Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks
“The source said the Secret Service is warning that thieves appear to be targeting Opteva 500 and 700 series Dielbold ATMs using the Ploutus.D malware in a series of coordinated attacks over the past 10 days, and that there is evidence that further attacks are being planned across the country,” according to the Krebs report. […] Ploutus requires physical access via a USB or CD to deploy the malware in order to steal the ATM ID used to activate and identify an ATM before cashing out, according to Marques.

You publish 20,000 clean patches, but one goes wrong and you’re a PC-crippler forever
Security software maker Malwarebytes has emitted two product updates and apologised to users – after its code turned their machines into near-bricks. […] Irritated users lit up the software slinger’s forums with hundreds of messages about the issue. The company moved to resolve the issue, but its first fix failed and punters kept venting. That led to this Sunday apology, as the company pushed out a second fix.



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.