IT Security News Blast 04-11-2018

Healthcare Cybersecurity News

Healthcare Industry Rife with Error and Misuse, Verizon Data Breach Report Finds
In all, the healthcare industry is rife with error and misuse. In fact, it is the only industry that has more internal actors behind breaches than external. In addition to these problem areas, ransomware is endemic in the industry—it accounts for 85 percent of all malware in healthcare.
·       In total, there were 750 incidents and 536 with confirmed data disclosed
·       The top three patterns include: miscellaneous errors, crimeware and privilege misuse, which represent 63 percent of all incidents within healthcare
·       Breach threat actors: 56 percent internal; 43 percent external; 4 percent partner; and 2 percent multiple parties
·       Breach actor motives:  75 percent financial; 13 percent fun; 5 percent convenience
·       Data compromised: 79 percent medical; 37 percent personal; 4 percent payment
https://www.healthcare-informatics.com/news-item/cybersecurity/healthcare-industry-rife-error-and-misuse-verizon-breach-report-finds

8 ways a supply chain raises cyber security risks [Slideshow]
“We strongly recommend a blend of security technology and employee/partner awareness and education, including a threat response protocol,” they caution. “Healthcare IT teams must create, enforce and frequently review a risk management system and governance framework related to the transfer of resources to and from any entity outside a network’s trusted circle to minimize the risk of supply chain attacks.”
https://www.healthdatamanagement.com/list/8-ways-a-supply-chain-raises-cyber-security-risks#slide-2

How to minimize healthcare supply chain threats
To help those in charge of healthcare institutions’ cybersecurity efforts, the researchers pointed out the common cyberattack vectors across critical systems inside hospitals and applied the industry-standard DREAD (Damage Potential, Reproducibility, Exploitability, Affected Users, and Discoverability) threat model to calculate the risk ratings for these vectors. They also offered advice on how to prepare adequate defenses, based on the HITRUST Common Security Framework (CSF).
https://www.helpnetsecurity.com/2018/04/10/healthcare-supply-chain-threats/

Colorado has spent more than $1 million bailing out from ransomware attack
The recovery has been slow and costly. It took about two weeks for systems administrators to contain the ransomware infection, and another two weeks after that until CDOT’s operations were brought back online, Simmons said. Rebuilding CDOT’s computer systems also required more than just experts from the IT office. The state also leaned on cybersecurity consultants and federal agencies to repair the damage.
https://statescoop.com/colorado-has-spent-more-than-1-million-bailing-out-from-ransomware-attack

Want to terrify a city with an emergency broadcast? All you need is a laptop and $30
Dubbed SirenJack, the vulnerability would allow an attacker to remotely activate emergency alert systems manufactured by a company called ATI Systems. Bastille said it privately contacted ATI about the flaw and allowed the company a 90-day period to patch the flaw before disclosing. ATI did not have a statement on the matter at the time of publication. The company has said it is working on a patch for the flaw and has said it is on standby to help cities concerned over the vulnerability.
https://www.theregister.co.uk/2018/04/11/awooga_sirenjack_lets_hackers_channel_their_inner_hawaii_ema/

Hartford Financial Offers Solution to Combat Cyberattacks
CyberChoice First Response helps businesses combat cyberattack challenges like data privacy and network security, media, ransomware and business interruption with complete opportunity of customization. The product would also enable the company to track down and respond to cyber threats. Provision of coverage for pre-claim expenses, recognition of internal expenses incurred due to a breach, 24/7 cyber incident hotline assistance, protection against system failure and administrative error are some of the major features of the product.
https://www.zacks.com/stock/news/298662/hartford-financial-offers-solution-to-combat-cyberattacks

Top cyber threats for retailers in 2018
Verizon’s 2018 Data Breach Investigations Report (DBIR) shows that ransomware is the most common type of malware, found in 39% of malware-related data breaches – double that of last year’s DBIR– and accounts for over 700 incidents. What’s more, Verizon’s analysis show that attacks are now moving into business critical systems, which encrypt file servers or databases, inflicting more damage and commanding bigger ransom requests.
https://retailleader.com/top-cyber-threats-retailers-2018

Enterprise cloud adoption outstrips cybersecurity capabilities
The report, titled “Head in the Cloud: Misconceptions Hindering Enterprise Cloud Adoption,” claims that 64 percent of US enterprise players believe the pace of SaaS application adoption is “outpacing their cybersecurity capabilities.” In total, 61 percent of enterprise IT staff cite data privacy as a primary concern for the growing adoption of SaaS. With data breaches now so commonplace, the idea of sensitive, corporate information being leaked from non-secure cloud environments causes IT staff to break out in a cold sweat.
https://www.zdnet.com/article/enterprise-cloud-adoption-outstrips-cybersecurity-capabilities/

The Opportunity to Create Safer Schools and Campuses with Physical and Cybersecurity Solutions
As more and more schools make the digital transformation necessary to help students and faculty succeed in today’s digital marketplace, the need for a variety of security options is only growing. For schools and universities, finding a balance between secure facilities and constructive atmospheres can be difficult, forcing security personnel to make tough decisions on where to prioritize resources when facing down a variety of threats.
https://www.csoonline.com/article/3268149/security/the-opportunity-to-create-safer-schools-and-campuses-with-physical-and-cybersecurity-solutions.html

What We Know And Don’t Know About Election Hacking
We know that Russian hackers in 2016 worked to compromise state voting systems and the companies that provide voting software and machines to states. That could blossom into more concrete attacks this year. As I wrote earlier this week, the worst-case scenario is that on Election Day 2018, votes are altered or fabricated and Americans are disenfranchised. It can be tough to track all the small stories about electoral hacking. It’s a dense issue, given that the story has been unfurling for a year and a half across all 50 states. So, as the 2018 midterms approach and election officials continue to work on fixing what went wrong in 2016, it’s worth reminding ourselves what we know and what we don’t know.
https://fivethirtyeight.com/features/what-we-know-and-dont-know-about-election-hacking/

Secretary of State’s Office Using Help from National Guard on Elections Cyber Security [Podcast]
On this West Virginia Morning, after Russian-backed hackers probed election-related systems in at least 21 states in 2016, election officials, whose focus traditionally on making sure polling places run smoothly and efficiently, now have to focus on protecting their computer systems. Although West Virginia wasn’t targeted in 2016, the secretary of state’s office is teaming up with the National Guard to take precautions. Dave Mistich takes a look at the partnership, which is paving the way for secure elections in the digital age.
http://wvpublic.org/post/secretary-states-office-using-help-national-guard-elections-cyber-security

States to Game Out Election Threats in Homeland Security Drills
The program, running for the sixth time, involves three days of simulations. Seven states are taking part, according to Jeanette Manfra, assistant secretary of Homeland Security. This year, amid continued threats of Russian interference in American elections, some of those states will see how prepared they are for hackers targeting their election systems in drills that don’t actually attempt to breach their computers. “We are making it as realistic as possible, and nation-state threats are our priority,” Manfra told reporters Tuesday at the U.S. Secret Service headquarters in Washington, where the simulation’s “control center’’ is located.
https://www.bloomberg.com/news/articles/2018-04-10/states-game-election-cyber-threats-in-homeland-security-drills

The Internet has serious health problems, Mozilla Foundation report finds
The Internet Health Report, which evolved from a prototype launched in January of 2017, is not a medical chart for the Internet packed with metrics. Edited by Solana Larsen and written by Mozilla Foundation research fellows, the report is an evaluation of “what’s helping and what’s hurting the Internet,” and it focuses on five broad areas of concern—personal privacy and security, decentralization, openness, “digital inclusion,” and general Web literacy. And Facebook’s part in the health of the Internet is writ large across the report.
https://arstechnica.com/information-technology/2018/04/mozilla-foundation-report-details-decline-in-health-of-internet/

TRANSCOM chief calls on Congress for national cybersecurity standard
McDew said the war games showed how vulnerable TRANSCOM is because of its heavy reliance on commercial companies. Ninety percent of TRANSCOM’s ability to take troops to war uses private industry, McDew said during a Senate Armed Service Committee hearing April 10. Now he is calling on Congress and the Defense Department to do something to shore up the gap. “We put cyber standards in every one of our contracts,” McDew said. “They’re not as stringent as we want them to be, but we are trying to work with industry to bring them along. If we push them too fast and too hard without the help of Congress and a national standard, I’m not sure they’ll stick with us.”
https://federalnewsradio.com/defense/2018/04/transcom-chief-calls-on-congress-for-national-cybersecurity-standard/

The value of 20/20 hindsight in cybersecurity
On March 27, 2018, US-CERT publicly disclosed widespread cyber-attacks on domestic energy and other infrastructure locations.  These attacks had been occurring since at least March 2016 and had successfully compromised a number of locations including some nuclear facilities, water, and aviation locations. […] The US-CERT announcement should be the wake-up call to not just monitor and track the information frequently associated with IOCs, but also to include a simple and consolidated method to search for these following an announcement like this.
https://www.csoonline.com/article/3268285/data-protection/the-value-of-20-20-hindsight-in-cybersecurity.html

Yep, Russian trolls hit Reddit, too—on /r/funny and elsewhere
Reddit is the latest among a slew of tech companies that have identified troll and/or bot-laden social media accounts likely connected to Russia’s Internet Research Agency, which seemingly attempted to manipulate the American voting public and affect the outcome of the 2016 presidential election. The site provided a full list of all of those accounts to Congress (and now the public), saying that the list would stay “visible for now,” but it would be removed eventually. “We still have a lot of room to improve, and we intend to remain vigilant,” Reddit CEO Steve Huffman, also known as “spez,” wrote.
https://arstechnica.com/tech-policy/2018/04/reddit-identifies-nearly-1000-suspicious-russia-connected-accounts/

Death in paradise: ‘Cyber attack’ takes out national government’s IT
The nation in question is Sint Maarten, an independent country within the Kingdom of the Netherlands. It is otherwise known as the southern “Dutch bit” of the Caribbean island Saint Martin and has an area of a mere 34km2. (The northern “French bit”, the république of Saint-Martin, measures 53 km2.) Sint Maarten has a population of just over 42,000 and tourism dominates its economy.
https://www.theregister.co.uk/2018/04/10/cyber_attack_takes_out_national_government_for_a_week/

Cyber-Criminals Could Earn CEO-Level Salary: Report
The study, Into the Web of Profit, claimed that even “mid-level” hackers could earn as much as $900,000 annually – more than double the US presidential salary. Those at the “entry-level” of their black hat trade can expect to make over $40,000, more than a UK university graduate. The research highlights one of the problems facing the IT industry in recruiting those with the right skills – that there will be a significant minority potentially prepared to seek employment on the other side of the law.
https://www.infosecurity-magazine.com/news/cybercriminals-could-earn-ceolevel/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.