IT Security News Blast 03-21-2018

Improving Cyber Response in Healthcare

Improving Cybersecurity Response in Healthcare Organizations
“Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important,” IBM Resilient VP of Product Management and Co-Founder Ted Julian said in a statement. “A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall Cyber Resilience.”
https://healthitsecurity.com/news/improving-cybersecurity-response-in-healthcare-organizations

NH-ISAC Accelerates Cyber Threat Sharing for Healthcare Industry
“Sharing threat intelligence among member firms is one of the most essential services of any ISAC. The NH-ISAC Board is pleased with the opportunity to work with the ThreatStream platform to enhance threat intelligence sharing for the healthcare sector,” Jim Routh, NH-ISAC board member, said in a statement.
https://www.healthcare-informatics.com/news-item/cybersecurity/nh-isac-accelerates-cyber-threat-detection-and-sharing-healthcare-industry

AHIMA Continues Push for Balance in Patient Data Access, Security
“AHIMA’s members consistently work to find the balance between two important priorities in healthcare – access to information and the privacy of health records. Today, urging support of these bills, we are working to achieve both.” AHIMA also urged Congress to consider Protecting Jessica Grubb’s Legacy Act (SB 1850), which aims to protect the confidentiality of substance use disorder patient records.
https://healthitsecurity.com/news/ahima-continues-push-for-balance-in-patient-data-access-security

Hackers steal banking & personal data of 800,000 Orbitz customers
In a statement to media, the company said that the breach was identified on March 1st, 2018 after an in-depth investigation conducted by Orbitz. The breach took place between 1st October 2017 to December 2017 when hackers accessed a legacy travel booking platform and stole two years worth of data from January 2016 and December 2017. Moreover, personal data of those customers who made certain purchases between January 1 and June 22, 2016, may have also been accessed by hackers.
https://www.hackread.com/hackers-steal-banking-personal-data-of-orbitz-users/

1 in 5 Michigan state staffers fail phishing test but that’s OK apparently
Network security for the US State of Michigan has been rated as “moderately sufficient” in an audit of its Department of Technology, Management, and Budget (DTMB). […] The lackluster findings echo an audit of the US Department of Homeland Security released earlier this month and underscore how it is that government agencies continue to be victimized by hackers, state-sponsored or otherwise.
https://www.theregister.co.uk/2018/03/19/it_security_in_us_state_of_michigan_deemed_soso/

Perry Told to Do More on Grid Cybersecurity After Russian Hacks
“We don’t need rhetoric at this point, we need action,” said Sen. Maria Cantwell, D-Wash., the top Democrat on the committee. “I want DOE and the administration to be more aggressive, and I hope we will get an assessment of where we are with our grid as a milestone to what we need to do moving forward.” She warned that “establishing a new DOE cyber office with marginal increases is not a substitute for the meaningful action that we need.”
https://www.rollcall.com/news/policy/perry-told-grid-cybersecurity-russian-hacks

Facebook’s high-profile head of security Alex Stamos is said to be leaving in August after clashing with other execs over Russia
This isn’t the first time Stamos has clashed with employers over their approach to security matters. He was previously the chief information security officer at Yahoo, before leaving to come to Facebook in 2015. He quit after then-CEO Marissa Mayer agreed to scan customer emails for US intelligence officials, Reuters reported in 2016.
http://www.businessinsider.com/alex-stamos-is-leaving-facebook-2018-3

Changing Cyber Law by Creating a Common Vernacular
This challenge of finding a common vernacular has inspired the latest and soon-to-be-launched (ISC)2 lexicon project. “We have produced an official (ISC)2 lexicon,” says McCumber. “It is not be as big as the NIST 220-page glossary of security terms, but it aims to enable everyone to easily speak the same language.” This lexicon addresses defining terms as simple as “threat,” for example. Is a threat man-made versus organic, hostile versus unhostile, structured versus unstructured?
https://www.law.com/legaltechnews/2018/03/19/changing-cyber-law-by-creating-a-common-vernacular/?slreturn=20180220192831

Commentary: It’s Time for a Cyber Secret Service
As is true with most policies predating the digital era, however, Secret Service protection only extends to the physical world; candidates and their campaigns are responsible for securing themselves in the digital realm. With the 2020 presidential campaign season approaching, the U.S. should establish a Cyber Secret Service to protect the platforms of future national candidates from digital attack or manipulation.
http://fortune.com/2018/03/20/cyber-secret-service-russia-2020-presidential-election/

House approves legislation to authorize Homeland Security cyber teams
“By fostering new collaboration between the government and private sector, we can harness our talent and maximize our efforts to stay one step ahead of our enemies,” McCaul said. “This innovative approach serves as a force multiplier to enhance our cybersecurity workforce. Being able to utilize a greater number of experts will strengthen efforts to protect our cyber networks.”
http://thehill.com/policy/cybersecurity/379194-house-approves-legislation-to-authorize-homeland-security-cyber-teams

Panel Calls for Tougher Response to Russian Cyber Tampering
[Those] attacks designed to sway elections to parties and candidates Moscow favors, undermine confidence in governments and elections from Japan to Europe. “Russia is becoming a rogue nation,” due in part to Moscow’s refusal to go after those criminals who have stolen “billions and billions of dollars” in recent years from private businesses and financial institutions, Carlin said. “The United States is under attack,” James Miller, who co-chaired the Defense Science Board’s recent task force on cyber deterrence said. The attacks “are virtually certain to escalate.”
https://news.usni.org/2018/03/20/panel-calls-tougher-response-russian-cyber-tampering

The NSA Worked to “Track Down” Bitcoin Users, Snowden Documents Reveal
The documents indicate that “tracking down” bitcoin users went well beyond closely examining bitcoin’s public transaction ledger, known as the Blockchain, where users are typically referred to through anonymous identifiers; the tracking may also have involved gathering intimate details of these users’ computers. The NSA collected some bitcoin users’ password information, internet activity, and a type of unique device identification number known as a MAC address, a March 29, 2013 NSA memo suggested.
https://theintercept.com/2018/03/20/the-nsa-worked-to-track-down-bitcoin-users-snowden-documents-reveal/

Cybersecurity experts say device makers have ‘duty to keep users safe’ from hacking
The reports suggest using a kitemark-style system to guarantee security to users from hacking. This would also act as a promise that the software will be updated regularly as and when threats change. They also recommend that governments impose regulations on manufacturers to ensure legal compliance with modern cyber security standards. The authors also say good cyber security practices, or cyber hygiene, should also be taught from primary school.
https://phys.org/news/2018-03-cybersecurity-experts-device-makers-duty.html

School Uses Game-Based Initiative to Find Future Cybersecurity Talent
The scheme uses several game-like stages to assess whether students aged between 14 and 18 might have the talent to become cyber security professionals. Alex Holmes, deputy director of cyber security at the Department for Digital, Culture, Media and Sport, said that to ensure the UK becomes the “world’s leading digital economy”, it also must be secure. Holmes said cyber attackers can try to cause harm to the UK as a whole using various methods, such as attempting to sabotage the nation’s energy supply or transport infrastructure, and that the best way to prevent such attacks is to have the appropriate protection in place.
https://www.hstoday.us/subject-matter-areas/cybersecurity/school-uses-game-based-initiative-find-future-cybersecurity-talent/

FBI raids home of spy sat techie over leak of secret comms source code on Facebook
According to the FBI’s court filings earlier this month, “the Facebook page had a picture on the page … that appeared to depict computer code for a government computer system that Weed had designed. The computer code depicted in the Facebook post is related to the design, construction and use of a communications intelligence device and system used by United States government assets to communicate intelligence activities.” Staggeringly, Weed is also accused of earlier nicking $340,000 in radio spying equipment as well as taking classified computer code home.
https://www.theregister.co.uk/2018/03/20/fbi_nro_contractor_raided/

Facebook’s Cambridge Analytica scandal, explained [Updated]
The larger concern for Facebook is that the Cambridge leak could be seen as just one example of a broader pattern of lax handling of confidential user data. Facebook offers users privacy controls that are supposed to limit who has access to their data—and Facebook has promised the Federal Trade Commission that it will ensure those settings are honored. But recent reports indicate that Facebook’s privacy measures haven’t been effective. That could damage users’ faith in Facebook’s privacy promises. And it is already attracting scrutiny from government regulators, both in the United States and Europe, who want to know why Facebook didn’t do a better job of protecting customers’ private information.
https://arstechnica.com/tech-policy/2018/03/facebooks-cambridge-analytica-scandal-explained/

Social media accounts of Cambridge Analytica whistleblower suspended
According to Wylie, Facebook was exploited to access millions of profiles and models were created to exploit whatever information the company could obtain. However, now, in an unprecedented move, Facebook has suspended the social media accounts of Wylie including his Facebook and Instagram account without stating any obvious reason. In a series of tweets, Wylie said that “Downside to @facebook also banning me on @instagram is missing out on my daily dose of well-curated food pics and thirst traps.”
https://www.hackread.com/social-media-accounts-of-cambridge-analytica-whistleblower-suspended/

AMD promises firmware fixes for security processor bugs
AMD’s response today agrees that all four bug families are real and are found in the various components identified by CTS. The company says that it is developing firmware updates for the three PSP flaws. These fixes, to be made available in “coming weeks,” will be installed through system firmware updates. The firmware updates will also mitigate, in some unspecified way, the Chimera issue, with AMD saying that it’s working with ASMedia, the third-party hardware company that developed Promontory for AMD, to develop suitable protections.
https://arstechnica.com/gadgets/2018/03/amd-promises-firmware-fixes-for-security-processor-bugs/

Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party Plugins
A Mar.15 report from SafeBreach details the research of Dor Azouri, who looked at five notable text editors that offer the benefits of extensibility. By loading plugins for Sublime, Vim, Emacs, Gedit, and pico/nano– the most popular editors with third-party plugins for the UNIX environments, Azouri successfully leveraged each text editor for privilege escalation through simulated attacks.
https://threatpost.com/researchers-show-how-popular-text-editors-can-be-attacked-via-third-party-plugins/130559/

Microsoft launches $250,000 bug bounty for Spectre/Meltdown-like flaws
The program contains four bounty tiers with Tier 1 being the discovery of any new categories of speculative execution attacks paying up to $250,000. Tier 2 would pay up to $200,000 for any Azure speculative execution mitigation bypass; Tier 3 for unearthing Windows speculative execution mitigation bypass a bounty up to $200,000 will be paid and Tier 4 will pay up to $25,000 for those locating an instance of a known speculative execution vulnerability (such as CVE-2017-5753) in Windows 10 or Microsoft Edge.
https://www.scmagazine.com/microsoft-launches-250000-bug-bounty-for-spectremeltdown-like-flaws/article/752204/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.