IT Security News Blast 04-02-2018

Atlanta Recovering from Cyber Attack

Putting patient data on phones introduces new privacy and security concerns
It’s first and foremost the patient’s responsibility to keep the data secure and private. Health systems and vendors alike are encouraging patients to understand the risks and take precautions. “The patient who downloads this information absolutely must secure their device to protect their own records,” said John Kravitz, chief information officer at Danville, Pa.-based Geisinger, one of the first health systems to link its records with Apple’s Health app.
http://www.modernhealthcare.com/article/20180331/NEWS/180339968

Important Cybersecurity practices for Healthcare Organizations
With the increasing sophistication of attacks on health groups, IT professions need to be alert. It is essential to understand the importance of adapting the best possible cybersecurity practices to protect healthcare organizations in the face of increasingly advanced cyber-threats. As cybersecurity needs to be prioritized to protect patient data, the following may prove useful[.]
https://healthcare.cioreview.com/news/important-cybersecurity-practices-for-healthcare-organizations-nid-25915-cid-31.html

Why Is Shadow IT So Common in Healthcare?
“Shadow IT departments are very common for academic medical centers due to the federated model of support for academics, research and patient care,” says Cris Ewell, CISO at University of Washington Medicine. Shadow IT deployments are common issues in many departments, including radiology, lab, finance, health information management, he says. In academic medical centers, those issues also extents to the university school of medicine and research IT departments, Ewell notes.
https://www.govinfosecurity.com/is-shadow-so-common-in-healthcare-a-10752

Boards need to tackle cyber-risks on an enterprise-wide level
Cyber security can no longer be viewed as an IT-only issue. While the chief information officer (CIO) or the chief information security officer (CISO) continues to play a crucial role in anticipating, identifying and managing cyber risks, the chief financial officer (CFO) and board need to lead the discussion and embed an enterprise-wide risk appetite.
https://www.livemint.com/Technology/U4McCx2hrwKPCbGfWvcPYJ/Boards-need-to-tackle-cyberrisks-on-an-enterprisewide-leve.html

Financial cyber survey
Marcin Swiety, Global Head of Luxoft’s Information Security practice, says: “IT departments in banks are being pulled in two directions. Banks want to focus on digital innovation, but IT professionals feel unable to escape from the ever-present cyber threat. Budget cuts are leaving smaller teams with fewer spare hours in the day. Unable to plan ahead, they spend their days firefighting problems and upgrading legacy systems.”
http://www.professionalsecurity.co.uk/news/commercial-security/financial-cyber-survey/

NYC to launch free cybersecurity tools for residents
New York City residents can download a smartphone app that will alert users when it detects suspicious activity on their devices. “The app, which will be available free to all New Yorkers this summer, will help minimize these risks by identifying malicious attacks and warning users of attempts to compromise their device,” according to a press release accompanying the announcement.
http://thehill.com/policy/cybersecurity/381036-nyc-to-launch-free-cyber-security-tools-to-protect-residents-from

With paper and phones, Atlanta struggles to recover from cyber attack
Police and other public servants have spent the past week trying to piece together their digital work lives, recreating audit spreadsheets and conducting business on mobile phones in response to one of the most devastating “ransomware” virus attacks to hit an American city. […] “It’s extraordinarily frustrating,” said Councilman Howard Shook, whose office lost 16 years of digital records.
https://www.reuters.com/article/us-usa-cyber-atlanta/with-paper-and-phones-atlanta-struggles-to-recover-from-cyber-attack-idUSKBN1H70R0

State senator proposes Pennsylvania commission to defend against municipal cyber attacks
With several recent cyber attacks on government agencies, the Chairman of the Pennsylvania Senate Committee on Communications and Technology, Senator Ryan Aument (R-Lancaster County), proposes a way to fight back. Aument said “a commission on cyber security, to get the experts around the table to take a look at our systems, to look at the various state agencies, to look at state government, and to look at our municipal government.”
http://fox43.com/2018/03/29/state-senator-proposes-pennsylvania-commission-to-defend-against-municipal-cyber-attacks/

Higher cyber security services demand around elections, says McAfee boss
He said the targets could be far more subtle than ballot count tampering, and could result in issues like incorrect voting instructions on election day. “Very simple things, even websites for example being manipulated locally to send people to the wrong polling places – those are the kind of things we’ll be looking out for. “It’s something we do in different countries where we may or may not have closer relationships with law enforcement and it totally depends on the needs of a given locale.”
http://www.dailymail.co.uk/wires/pa/article-5566781/Higher-cyber-security-services-demand-elections-says-McAfee-boss.html

An exclusive look behind the scenes of the U.S. military’s cyber defense
At U.S. Cyber Command, cyber protection teams defend the Pentagon’s networks from adversaries like Russia, China, North Korea and Iran, and fight thousands of non-state actors like terrorist groups and professional hackers. Special correspondent Mike Cerre got exclusive access to a new generation of cyber warriors.
https://www.pbs.org/newshour/show/an-exclusive-look-behind-the-scenes-of-the-u-s-militarys-cyber-defense

John Bolton, cyber warrior
John Bolton has spent years imploring the U.S. to go on the attack in cyberspace — a stance that some digital warfare experts caution could set the nation up for a conflict it would be better off avoiding. President Donald Trump’s incoming national security adviser has made this point in a series of op-eds, speeches and appearances on panels and television, arguing that America should deploy its “muscular cyber capabilities” to strike back against digital adversaries like China, Russia, Iran and North Korea.
https://www.politico.com/story/2018/04/01/john-bolton-cyber-hawk-russia-451937

The FBI Used Classified Hacking Tools in Ordinary Criminal Investigations
The FBI’s Remote Operations Unit (ROU), tasked with hacking into computers and phones, is one of the Bureau’s most elusive departments. […] Indeed, it’s important to remember that as well as a law enforcement agency, the FBI also acts as an intelligence body, gathering information that may be used to protect the country, rather than bring formal charges against suspects. But that line can be crossed with approval of the Deputy Attorney General to use the more sensitive techniques in ordinary investigations, the report adds.
https://motherboard.vice.com/en_us/article/7xdxg9/fbi-hacking-investigations-classified-remote-operations-unit

Here’s What’s Amazing About The Facebook Cambridge Analytica Story
American’s are finally, finally coming to understand the power of Big Data. The widespread media coverage on Russian interference in our elections and their misuse of Facebook and other social media platforms to influence 126 million Americans has served as a continuing education of the American public about how seemingly innocuous, personal details may be used against them.  The Facebook articles drove the point home.
https://www.forbes.com/sites/jodywestby/2018/03/27/what-is-amazing-about-the-facebook-cambridge-analytica-story/#67fb25827d34

Cambridge Analytica and the Perils of Psychographics
“[Armed] with swaths of misappropriated data, Cambridge Analytica created ‘psychographic profiles’ on every American adult, which it claims helped it have significant influence on the outcome of the 2016 presidential election.” The suit takes for granted that C.A. engaged in psychographic targeting, and argues that psychographic methods bypass “individuals’ cognitive defenses by appealing directly to their emotions, using increasingly segmented and sub-grouped personality type designation and precisely targeted messaging based on those designations.”
https://www.newyorker.com/news/news-desk/cambridge-analytica-and-the-perils-of-psychographics

Trump admin wants to track 14 million US visitors’ social media history
Should the State Department get its way, your application to enter the country may soon hinge on coughing up five years of your online history. The Trump administration’s proposal, published at the Federal Register on Friday, would expand this request, which is currently required to apply for an immigrant visa. […] But should this current iteration go into effect, an estimated 14 million non-immigrant visa applicants per year would be asked to list any “identifiers” used on a variety of popular social media sites.
https://arstechnica.com/tech-policy/2018/03/trump-admin-wants-to-track-14-million-us-visitors-social-media-history/

Cisco critical flaw: At least 8.5 million switches open to attack, so patch now
Perhaps the most serious issue Cisco has released a patch for is critical bug CVE-2018-0171 affecting Smart Install, a Cisco client for quickly deploying new switches for Cisco IOS Software and Cisco IOS XE Software. A remote unauthenticated attacker can exploit a flaw in the client to reload an affected device and cause a denial of service or execute arbitrary code. […] “During a short scan of the internet, we detected 250,000 vulnerable devices and 8.5 million devices that have a vulnerable port open.”
http://www.zdnet.com/article/cisco-critical-flaw-at-least-8-5-million-switches-open-to-attack-so-patch-now/

Talos details vulnerabilities in Allen-Bradley MicroLogix 1400 Programmable Logic Controllers
The products in question are all variants of the Allen-Bradley Micrologix 1400 Series B and, according to Talos, are intended to be used with a variety of industrial control systems handling critical infrastructure. The vulnerabilities spanned four variants of the Allen-Bradley Micrologix 1400, the:
·       Series B FRN 21.003
·       Series B FRN 21.002
·       Series B FRN 21.0
·       Series B FRN 15
https://www.scmagazine.com/talos-details-vulnerabilities-in-allen-bradley-micrologix-1400-programmable-logic-controllers/article/755096/

Are there too many cybersecurity companies?
But it signals that there is too much noise in the market. CISOs don’t want to manage 80 products — they want to have a holistic solution involving fewer vendors. […] In 2018, I expect CISOs to reduce the number of security vendors at their companies by at least 20 percent, leading to one quarter of these specialized companies going out of business or being acquired for $50 million or less.
https://www.helpnetsecurity.com/2018/03/30/too-many-cybersecurity-companies/

Hackers take over power billing records of Indian state; demand ransom
The AMR system (automatic meter reading system) of Uttar Haryana Bijli Vitran Nigam (UHBVN) (Haryana power utilities) in Panchkula, India became a victim of cyber-attack by unknown hackers last week. The New Indian Express (TNIE) reports that hackers stole billing data from UHBVN computer systems and are demanding 1 Crore Indian rupee ($153,800) in Bitcoin from the state government for decrypting the files and restoring access to the AMR system.
https://www.hackread.com/hackers-demand-ransom-indian-power-billing-records/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.