IT Security News Blast 02-19-2018

Indian Bank Hack

India bank hack ‘similar’ to $81 million Bangladesh central bank heist
The unknown hackers disabled the City printer connected to global payments platform SWIFT on Feb. 6, preventing the bank from receiving acknowledgement messages for three fraudulent payment instruction sent that evening until the next morning. “Nobody suspected that it was an attack and thought it was a systemic network failure,” N. Kamakodi told Reuters by phone. “The system department people, everybody assembled, analyzed the problem, rebooted, they closed shop only around 10-10.30 in the night.”
https://www.reuters.com/article/us-city-union-bank-swift/india-bank-hack-similar-to-81-million-bangladesh-central-bank-heist-idUSKCN1G319K?feedType=RSS&feedName=internetNews

Hackers stole $6 million in Russia bank attack via SWIFT system
The hackers took control of a computer at one of the country’s banks and then used the payment transfer facility to move millions of roubles to their accounts, a central bank spokesman confirmed following the publication. The central bank said it had been sent information about “one successful attack on the workplace of a SWIFT system operator” without naming the institution involved. “The volume of unsanctioned operations as a result of this attack amounted to 339.5 million roubles,” it said.
http://www.dw.com/en/hackers-stole-6-million-in-russia-bank-attack-via-swift-system/a-42616207

US Estimates Cyber Attacks Cost Up to $109b in 2016
The CEA’s estimate represents between 0.31% and 0.58% of the 2016 US GDP. For comparison, the report cites a Center for Strategic and International Studies report that estimated the cost of malicious cyber activities against US entities at $107 billion in 2013, 0.64% of GDP that year.
https://financialtribune.com/articles/world-economy/82173/us-estimates-cyber-attacks-cost-up-to-109b-in-2016

Penn Medicine CISO: 3 Strategies every security team should have
Information Security leaders need to use this new level of awareness as an opportunity to implement some of the fundamental security controls that are no-brainers to an outsider, but require an extraordinary amount of coordination, support, and understanding from the business.
·       Patch management.
·       Cloud Security.
·       Email Protection.
http://www.healthcareitnews.com/blog/penn-medicine-ciso-3-strategies-every-security-team-should-have

Government to implement tighter controls on healthcare providers accessing Medicare card numbers
The changes will require health professionals to undertake identity checks when patients initially present at a health service to reduce the potential for individuals to fraudulently claim benefits using another person’s Medicare details. Healthcare providers will also need to gain patient consent before accessing Medicare details, and they will have to provide patients with information on how to request a list of people who have sought access to their Medicare card numbers.
http://www.healthcareit.com.au/article/government-implement-tighter-controls-healthcare-providers-accessing-medicare-card-numbers

Trump infrastructure rush risks cybersecurity disaster
Trump has touted his $200 billion infrastructure plan as a mechanism to generate more than a trillion dollars in investment. The Trump proposal includes a $100 billion incentive program rewarding proposals “incorporat[ing] new and evolving technologies.” There is no requirement to evaluate the cybersecurity of any new technology used.
https://www.axios.com/trump-infrastructure-rush-risks-cy-1518705674-2713f6f4-84be-42bb-9dab-674ece19752e.html

State elections officials fret over cybersecurity threats
State officials have been scrambling to address vulnerabilities in their systems, particularly since the fall, when the Department of Homeland Security disclosed the attempts on the 21 states. Though it is not believed there were further attacks, experts say Russian operatives may have been laying the groundwork for a more aggressive effort in 2018. Hackers “got close enough to the line” in 2016 and it “could be different or worse the next time around,” said Bob Kolasky, a senior DHS official who oversees infrastructure protection.
https://www.washingtonpost.com/politics/state-elections-officials-fret-over-cybersecurity-threats/2018/02/17/1f850f46-1331-11e8-9065-e55346f6de81_story.html?utm_term=.ff28625522cf

A cybersecurity expert explains how to fight Russian election meddling
I spoke with Touhill about what the United States can do to try to stop Russia from interfering in US politics and elections in 2018 and beyond. While the federal government certainly has a major role to play — in deterring future interference, in supporting state and local election officials, and in boosting national security efforts — he noted that the technology companies Russians use as a conduit in their disinformation campaign have a responsibility as well. So do everyday Americans, in using good judgment when they’re reading news sources: “If it sounds phony, it probably is,” he said.
https://www.vox.com/policy-and-politics/2018/2/18/17023728/russian-interference-election-2018-stop

US’s greatest vulnerability is underestimating the cyber threats from our adversaries, foreign policy expert Ian Bremmer says
“We’re vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea — no one in the U.S. cybersecurity services believed the North Koreans could actually do that,” Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.
https://www.cnbc.com/2018/02/17/munich-security-conference-ian-bremmer-on-cybersecurity-threats.html

How Vladimir Putin mastered the cyber disinformation war
Today, Kremlin-backed cyber campaigns have an unorthodox chain of command. It is one in which non-state actors — primarily businessmen with personal ties to important figures in the Kremlin — call the shots, not, as in western cyber operations, the electronic and signals intelligence gathering wings of the army and government agencies. The façade has been carefully maintained. High-ranking generals and diplomats appointed by Mr Putin have pursued agreements with the west on limiting cyber warfare, while Russian hackers have systematically attacked western websites, particularly in Europe.
https://www.ft.com/content/8fe0148c-14af-11e8-9e9c-25c814761640

US sets up dedicated office for energy infrastructure cybersecurity
The US government is setting up a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER) at the US Department of Energy. The CESER office will focus on energy infrastructure security and enable more coordinated preparedness and response to natural and man-made threats.
https://www.helpnetsecurity.com/2018/02/19/energy-infrastructure-cybersecurity/

Saudi foreign minister calls Iran most dangerous nation for cyberattacks
Though the minister did not offer specific examples for his claim, security experts have pointed to what they see as Iran’s increasingly sophisticated cyber-espionage capabilities. The accusation was not surprising, given the mounting animosity between the Sunni monarchy and the Shia Islamic republic.
https://www.cnbc.com/2018/02/18/iran-most-dangerous-nation-for-cyber-attacks-says-saudi-foreign-minister.html

Smart meters could leave British homes vulnerable to cyber attacks, experts have warned
In some foreign countries hackers have already attacked smart meter networks to defraud customers. The cyber criminals are able to artificially inflate meter readings, making bills higher. They then try to intercept payments, and if they simply skim off the difference between the real reading and the false reading, energy companies will think the bill has been paid normally.
http://www.telegraph.co.uk/news/2018/02/18/smart-meters-could-leave-british-homes-vulnerable-cyber-attacks/

32 lawsuits filed against Intel over Spectre and Meltdown flaws
Additionally, three further shareholder lawsuits were filed, claiming that Intel’s board and corporate officers committed breach of duty in connection to the disclosure of the security flaws and failed to act in relation to alleged insider trading. In November last year, Intel CEO Brian Krzanich sold all the Intel stock he was allowed to sell. This stock sale has provoked speculation about insider trading, though Intel maintains that Krzanich’s actions were unrelated to the security issues.
https://arstechnica.com/gadgets/2018/02/32-class-action-suits-filed-against-intel-over-spectre-and-meltdown-flaws/

Australia’s new insta-pay scheme has insta-lookup of any user’s phone number
If a user provides the wrong phone number, they can see the name of the owner of that number (and then make a reasonable guess about their gender). With many online services now accepting phone numbers as a user ID, Reg columnist Mark Pesce has noted that PayID therefore has all sorts of interesting possibilities.
https://www.theregister.co.uk/2018/02/19/payid_accidental_reverse_telephone_number_lookup/

Hacker erase 1 terabyte of data from spyware developers server
Now, according to Motherboard, Retina-X has once again suffered a data breach in which a hacker going by the online handle of Precise Buffalo on Mastodon  server has targeted Retina-X and completely erased 1 terabyte of data from its cloud server including photos customers stole from unsuspecting users including kids who installed Retina-X’s Phonesheriff application on their smartphone.
https://www.hackread.com/hacker-erase-1-terabyte-of-data-from-spyware-developers-server/

 

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.