IT Security News Blast 04-23-2018

SunTrust Bank Breach

Is your organization a HITRUST org?
There are many reasons for adopting a complete framework such as the HITRUST CSF, especially if you are in healthcare. According to a recent FortiGuard Labs Report, healthcare is experiencing attacks at twice the rate of other business sectors. Why is this? We start with hospitals, clinics and add internet-based consulting and remote healthcare providers using the latest cloud implementations.  Then add mergers and acquisitions and IoMT (Internet of Medical Things) and you see why very fast.

HIPAA Compliance Gap Between Compliance Officers, Regulators
Healthcare compliance pros said that compliance with the HIPAA Security and Privacy rules is their highest priority, while the regulators at the HHS Office of the Inspector General (OIG) and the Department of Justice (DOJ) are focused on corrupt arrangements with referral sources and false claims, which represent virtually all the major enforcement actions and penalties.

Medicine pumps & Pacemaker threat as Dr’s simulate hacked overdose
Dr. Kwai couldn’t understand the reason behind patient experiencing cardiac arrest and that’s when Tully explained that the whole bag of Cardizen had been emptied to make her realize that the medicine pump was compromised. The issue was diagnosed as calcium channel block overdose. In order to treat the patient, insulin was immediately ordered. After the simulation, Kwai explained about the experience: “Being alerted that the entire bag was empty kind of made me think of a pump malfunction, maybe.

Telehealth Market Will Change The Healthcare IT Industry
The 2017 finding from Centers for Medicare and Medicaid Services (CMS), stated that telehealth and telemedicine payments increased by 28% and claims increased by 33% in 2016, over the year 2015. However, lack of trained professionals in remote areas, privacy and information security concerns, and low availability of telecommunication bandwidth are the major factors adversely affecting growth of the telehealth market.

SunTrust Employee May Have Stolen Information About 1.5 Million Clients
SunTrust Banks Inc. STI -0.28% said an employee may have stolen the information of about 1.5 million customers and provided it to a “criminal third party,” the latest example of a potential breach that underscores the vulnerability of consumers’ private data. The Atlanta-based bank on Friday said the employee, who no longer works at SunTrust, attempted to access client information, although it has “not identified significant fraudulent activity” around the accounts involved.

Cybersecurity conference exposed attendee info via a garbage app because of course it did
As the RSA Conference winds down today in San Francisco organizers have been forced to acknowledge that all has not been right with their own house. Specifically, a security engineer looking into the RSA Conference Mobile App discovered that at least some user information was exposed to anyone who knew where to look. […] The RSA Conference responded and quickly resolved the vulnerability, but, shall we say, the response didn’t really cop to the fact that organizers baked a vulnerability into their app.

Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
[Booz] Allen vice president Anil Markose said, “You walk the show floor here [at the RSA Conference] and see, these products are getting more complicated. So the technical chops to use them,” are something companies must have, either on their own teams or through service providers. […] To address the shortage of skilled staff, respondents say their business prioritizes turning to tools and software (56%), training non-cyber employees (52%), and asking employees to work longer hours (45% percent).

Why DoD is starting a new cyber cell on the Korean Peninsula
The small team, known as a cyber operations-integrated planning elements (CO-IPE), will help better coordinate offensive and defensive cyber tools with traditional military operations. While U.S. Cyber Command is standing up cyber planning cells locally at all the combatant command headquarters, a Cyber Command spokesman said U.S. Forces Korea is the only sub-unified command with a team. “Given North Korea’s activities, the decision to establish a CO-IPE at the sub-unified level was well-advised,” the spokesman said.

World War 3: Britain ‘WILL’ be the victim of ‘serious CYBER ATTACK’ from Russia, says GCHQ
Senior representatives from utility, transport and internet firms in addition to the NHS are believed to have attended intelligence briefings at the National Cyber Security Centre (NCSC) on the specific methods being used by Russia to target Britain’s national infrastructure, following the nerve agent attack on Sergei Skripal in Salisbury last month. […] “Absolute protection is neither possible nor desirable; it’s about having more resilience in the systems we care about the most, those where loss of service would have the most impact on our way of life.

Cyber Pioneers in EU’s North Open Hacker-Proof Digital Highway
Finns who cross the Baltic Sea to visit the former Soviet nation will soon be able to pick up their doctor’s prescription at any local pharmacy without worrying about prying eyes. […] What makes applications like these possible is the first secure international data highway in the world dedicated especially to the needs of ordinary citizens. Based on open-source code, the so-called X-road has plenty of other potential applications, from the sharing of driver license data and death certificates to company data on the trade register.

Two years for teen ‘cyber terrorist’ who targeted US officials
A teenager who tricked his way into obtaining the email and phone accounts of senior US intelligence officials has been sentenced. Kane Gamble, 18, targeted CIA, FBI and US Department of Justice databases from his bedroom in Leicestershire. The Old Bailey was told Gamble, who has admitted a number of charges, damaged the “effectiveness” of the wider law enforcement community. He will serve two years at a youth detention centre.

A cybersecurity power struggle is brewing at the National Security Council
The arrival of newly appointed national security adviser John Bolton has prompted an attempted power grab by a member of the National Security Council, four current officials with knowledge of the matter told CyberScoop. This effort is causing anxiety across senior levels of government about the future of the cybersecurity coordinator role at the White House — a position that oversees a wide array of programs, including the management and coordination of defensive and offensive cyber-operations.

Democratic House IT scandal illustrates the hazards of reckless cybersecurity policy
According to congressional documents, the House Democrats clownishly exploited a loophole in hiring procedures that exempts potential hires from background checks if another member of Congress vouches for them. This allowed individuals with questionable backgrounds, such as Imran Awan and his brothers, Abid Awan and Jamal Awan, into the ranks of the House of Representatives staff. Those IT aides later made unauthorized access to congressional data.

Facebook removes 1.5 billion users from protection of EU privacy law
Prior to the change, Facebook users not only in the European Union, but worldwide—outside of the United States and Canada—were subject to Irish laws as they had signed a contract with Facebook Ireland Limited. Irish data laws will now only apply strictly to EU users. By eliminating the link to Irish data-protection law, Facebook is removing 1.5 billion users from the EU’s new General Data Protection Regulation, which goes into effect next month. The United States, for example, does not enshrine an affirmative right of individuals to access data held by private companies.

California secretly listened to cellphone calls from the air
Since 2009, the Anaheim Police Department has used the Dirtbox, a military-grade, Stingray-type device that can be mounted on light aircraft. While airborne, it mimics a cellphone tower in order to indiscriminately intercept and record thousands of cell phone calls. […] The ACLU noted that Anaheim police have been very cagey about the use of the devices, saying “the secretive use of this equipment outside of Anaheim means the police not only deprived its own residents of the opportunity to debate or choose whether to be subjected to cell phone surveillance.”

Localblox exposes personal data of millions of Facebook & LinkedIn users
It seems like data breaches season is far from over for Facebook since another one has occurred now in which 48 million personal profiles were exploited for the creation of a database by a local firm. Reportedly, a Bellevue, Wash-based data firm Localblox has managed to create a database using personal profiles of Facebook users and other social networking websites namely Twitter, LinkedIn, and Zillow, etc., without the consent or knowledge of the users.

IoT Security Concerns Peaking – With No End In Sight
A lot of the manufacturing behind IoT devices today feels like the Gold Rush… everyone wants to get there in a hurry,” said John Cook, senior director of product management at Symantec, speaking at RSAC. “You effectively have people staking out a claim in the area without further thought to security.” IoT smart home devices make up a particularly lucrative market, with consumer IoT spending set to reach $62 billion in 2018, making it the fourth largest industry segment, according to market research firm IDC. However many of these devices are built with little to no security in mind.

Cybercrime Economy Generates $1.5 Trillion a Year
The $1.5 trillion that cybercriminals generate each year includes $860 billion in illicit online markets, $500B in theft of trade secrets and intellectual property, $160B in data trading, $1.6B in crimeware-as-a-service, and $1B in ransomware. Evidence indicates cybercrime often generates more revenue than legitimate companies: large multi-national operations can earn more than $1B; smaller ones typically make between $30k-$50K.—threats/cybercrime-economy-generates-$15-trillion-a-year/d/d-id/1331613

Cryptomining, not ransomware, the top malware threat so far this year
In the first three months of 2018, Comodo said it “detected 28.9 million cryptominer incidents out of a total of 300 million malware incidents, amounting to a 10 percent share. The number of unique cryptominer variants grew from 93,750 in January to 127,000 in March. At the same time, the data shows this criminal attention came at the expense of ransomware activity, with new variants falling from 124,320 in January to 71,540 in March, a 42 percent decrease.”



Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.