IT Security News Blast 02-14-2018

Industrial Cybersecurity

Industrial cyber security improving, but needs work
“There is also growing use of managed security services to complement their on-site capability and provide secure file transfers and software updates, as well as continuous monitoring,” he said. However, he said that although there is a high level of awareness of the need for good cyber security in industrial operations, in many cases cyber security fundamentals are not yet in place.
http://www.computerweekly.com/news/252434956/Industrial-cyber-security-improving-but-needs-work

Lazarus Group Attacks Banks, Bitcoin Users in New Campaign
The attack campaign uses spear-phishing emails impersonating job recruiters, a tactic previously seen from the group – widely believed by researchers to operate out of North Korea – last year. From April through October 2017, researchers at McAfee Advanced Threat Research (ATR) saw Lazarus Group using job descriptions to target a range of organizations in English and Korean, gain access to their environments, and then steal sensitive data or money.
https://www.darkreading.com/vulnerabilities—threats/lazarus-group-attacks-banks-bitcoin-users-in-new-campaign/d/d-id/1331053

Cyber security awareness top priority in financial sector
[The] study found that that two-thirds of CISOs do not report to the CEO, and that the top cyber chain of command is more likely to be the CIO, followed by chief risk officer (CRO) and then COO. Only 8% said they report to the CEO. FS-ISAC recommends training employees should be prioritised for all CISOs, regardless of reporting structure because employees serve as the first line of defence.
http://www.computerweekly.com/news/252434929/Cyber-security-awareness-top-priority-in-financial-sector

Protecting the cybersecurity of small businesses and their consumers
Thirty-two thousand dollars—that’s the average cost of a cyber attack to a small business, according to a recent survey from the National Small Business Association. According to a report from Verizon, 71 percent of all cyber attacks are directed at businesses with fewer than 100 employees. It is startups and mom and pop shops that are the most susceptible to cyber abuse.
http://thehill.com/blogs/congress-blog/politics/373642-protecting-the-cybersecurity-of-small-businesses-and-their

How IoT, Edge Computing Can Impact HIT Infrastructure in 2018
“The reason why a lot of the security conversations are going take place is because the evolving threat and vulnerabilities that are taking place in security are just not going to end,” he continued. “Between the legacy security threats that are still out there, I think you’re going see a changing faith in compliance over the next years.”
https://hitinfrastructure.com/news/how-iot-edge-computing-can-impact-hit-infrastructure-in-2018

Clearwater CEO Bob Chaput shares expertise on insuring hospital cyber risks through captives
BOH announced its newest episode designed to help hospital and health system leaders better understand how captive insurance proves to be critical in the ongoing effort to manage and reduce cyber risk. Chaput, along with Rebecca Cady, Vice President and Chief Risk Officer for Children’s National Health System, share their compelling expertise on ways health systems and hospitals can improve cyber risk management, transfer cyber risk, and better identify, manage and avoid cyber risk.
https://www.dotmed.com/news/story/41564

The US witnesses significant number of healthcare breaches in 2017
The most targeted and vulnerable industry was healthcare, which recorded 328 leaks (nearly 60% of all leaks in 2017) at an estimated cost of almost US$1.2 billion and put the personal information of both patients and health care companies in jeopardy.
http://www.healthcareglobal.com/technology/us-witnesses-significant-number-healthcare-breaches-2017

Russia, Iran and North Korea Bolder in Cyber Realm
The Russian government is likely to build on the wide range of operations it is already conducting, including disruption of Ukrainian energy-distribution networks, hack-and-leak influence operations, distributed denial-of-service attacks and false flag operations. In the next year, Russian intelligence and security services will continue to probe U.S. and allied critical infrastructures as well as target the United States, NATO and allies for insights into U.S. policy.
https://www.afcea.org/content/russia-iran-and-north-korea-bolder-cyber-realm

Can Ancient Chinese Military Strategy Bring Success in Cyber Conflict?
Another axiom of Sun Tzu is, “Do not rely on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.” Sienkiewicz will arm attendees with the necessary strategic awareness and the most appropriate battle tactics to win the ongoing fight against cybercrime. He achieves this by relating each chapter of The Art of War to cyber conflict.
http://www.datacenterknowledge.com/data-center-world/can-ancient-chinese-military-strategy-bring-success-cyber-conflict

Cybersecurity is ‘greatest concern’ at Senate threats hearing
“This is a dangerous trend,” he said. “This campaign of innuendo and misinformation should alarm us all, Republican and Democrat alike.” Coats also described threats from foreign propaganda online, pointing out that it’s a low-cost and low-risk avenue for attackers. He told the committee that Russian operatives viewed the propaganda campaign during the 2016 election as a success, and warned it would continue. “There is no doubt that Russia sees the 2018 elections as a target,” Coats said.
https://www.cnet.com/news/cybersecurity-is-senate-threats-hearings-greatest-concern/

Dissidents Have Been Abandoned and Besieged Online
From these experiences, one lesson in particular stands outs: human rights defenders and journalists are a canary in the coal mine for the attacks used to steal military secrets, coerce perceived foreign adversaries, and undermine critical infrastructure. Despite this chilling predicament, those at-risk populations are afforded substantially less opportunities to protect themselves and are often relegated to the margins of conversations about cyber security. This inequity is to the detriment of everyone, and must change if we want to improve the Internet for all communities.
https://motherboard.vice.com/en_us/article/bj5jvw/dissidents-abandoned-human-rights-iranian-surveillance-and-hacking

Security check firm that cleared Edward Snowden agrees $30m fraud settlement
The US justice department said on Wednesday that the settlement with USIS and its parent company, Altegrity Inc, will resolve claims that the firm failed to perform quality control reviews in connection with its background investigations. The justice department said the settlement is part of a broader deal struck as part of the bankruptcy proceedings for Altegrity, which filed for Chapter 11 in February.
https://www.theguardian.com/us-news/2015/aug/20/firm-vetted-edward-snowden-settles-us-justice-department-30m

Using AI, machine learning to understand extent of online hate
The Anti-Defamation League’s (ADL) Center for Technology and Society announced preliminary results from an innovative project that uses artificial intelligence, machine learning, and social science to study what is and what isn’t hate speech online. The project’s goal is to help the tech industry better understand the growing amount of hate online.
http://www.homelandsecuritynewswire.com/dr20180209-using-ai-machine-learning-to-understand-extent-of-online-hate

Social media spying is turning us into a stalking society
Bugging and GPS-tracking used to be so expensive that they were only used by governments and private investigators, but a quick Amazon search offers up a hidden car-tracking device for US$27 (£19). In the related items: a spy cam disguised as a USB charger, $52. These items are marketed as a “real-time teen-driving coach”, nanny cams or parental control software, but there is nothing to stop them being used for nefarious purposes.
https://www.theguardian.com/commentisfree/2018/feb/13/social-media-spying-stalking

Critical Telegram flaw under attack disguised malware as benign images
The flaw, which resided in the Windows version of the messaging app, allowed attackers to disguise the names of attached files, researchers from security firm Kaspersky Lab said in a blog post. By using the text-formatting standard known as Unicode, attackers were able to cause characters in file names to appear from right to left, instead of the left-to-right order that’s normal for most Western languages.
https://arstechnica.com/information-technology/2018/02/telegram-app-purged-of-critical-flaw-attackers-were-actively-exploiting/

Thinking about a Career Move in Cybersecurity?
The labor crunch has intensified over the past year, with more than 200 cybersecurity startups raising venture capital — much of that intended for new hires. VC funding shows no signs of slowing down in 2018 or in the foreseeable future. There’s also a sound argument that every IT position should also be a cybersecurity position — and that all IT workers should have some level of responsibility for protecting and defending apps, data, devices, infrastructure, and people. If so, then the workforce shortage is even worse than the data suggests.
https://www.darkreading.com/operations/thinking-about-a-career-move-in-cybersecurity/a/d-id/1330944?piddl_msgid=330720#msg_330720

Two Nasty Outlook Bugs Fixed in Microsoft’s Feb. Patch Tuesday Update
Two notable vulnerabilities target Outlook. CVE-2018-0852, rated critical, is a remote code execution vulnerability that could give an attacker control of a targeted system if they are logged into their Windows PC with administrator user rights, Microsoft said. “Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Outlook software,” wrote Microsoft in its security bulletin.
https://threatpost.com/two-nasty-outlook-bugs-fixed-in-microsofts-feb-patch-tuesday-update/129931/

Millions of Android Phones Hacked to Mine Monero Coins
In their campaign, Android devices are being targeted quite frequently and in a majority of cases, the sole reason behind devices getting infected is that users ignore installing security apps and do not web filtering on their cell phones. That’s why hackers have easily managed to hijack probably millions of Android devices within a few months only for mining Monero coins in the newly discovered drive-by cryptomining campaign.
https://www.hackread.com/millions-of-android-devices-hacked-to-mine-monero-coins/

Salon to ad blockers: Can we use your browser to mine cryptocurrency?
Salon explains what’s going on in a new FAQ. “How does Salon make money by using my processing power?” the FAQ says. “We intend to use a small percentage of your spare processing power to contribute to the advancement of technological discovery, evolution, and innovation. For our beta program, we’ll start by applying your processing power to help support the evolution and growth of blockchain technology and cryptocurrencies.”
https://arstechnica.com/information-technology/2018/02/salon-to-ad-blockers-can-we-use-your-browser-to-mine-cryptocurrency/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.