IT Security News Blast 04-26-2018

Defending Healthcare Against Orangeworm

5 Ways Healthcare Can Defend Itself Against Orangeworm
Orangeworm entered health systems through their imaging suites, including x-ray, CT scan, and magnetic resonance imaging (MRI) machines. What’s unsettling is that cybersecurity experts and healthcare leaders have known for years that these technologies were outdated and vulnerable, but still they remain at risk. […] Cut them off from everything else. Make sure that these machines can’t connect with other networks and devices, as they are insecure and likely will be for some time.
http://www.hcanews.com/news/5-ways-healthcare-can-defend-itself-from-orangeworm

Defending Hospitals against Life-Threatening Cyber Attacks
When new technologies bypass regular processes for purchase and risk assessment, they aren’t checked for vulnerabilities, so they introduce even more opportunities for attack. Of course, hospital administrators should balance these concerns against the improvements in patient care that new systems can bring. Our research suggests that hospitals need stronger processes and procedures for managing all these devices.
https://www.scientificamerican.com/article/defending-hospitals-against-life-threatening-cyber-attacks/

House seeks feedback on cyber challenges posed by legacy systems
“While healthcare cybersecurity is a complex, nuanced challenge with many different contributing factors, the use of legacy technologies, which are typically more insecure than their modern counterparts, continues to be a root cause of many incidents,” states the RFI. […] “The healthcare sector and medical technologies face the same challenge that has vexed the information technology (IT) industry for decades; digital technologies age faster and less gracefully than their physical counterparts,” the panel’s document notes.
https://www.healthdatamanagement.com/news/house-seeks-feedback-on-cyber-challenges-posed-by-legacy-systems

Seven main UK banks targeted by co-ordinated cyber attack
According to people briefed on the operation at two of the affected banks, the seven banks involved are: Santander, Tesco Bank, RBS, Lloyds, HSBC, Clydesdale and Yorkshire Banking Group and Barclays. None of the banks publicly confirmed they had been targeted but one of the people briefed on the operation said there had been close collaboration between the different banking groups and the NCA following the attacks.
https://www.ft.com/content/2e582594-48ab-11e8-8ee8-cae73aab7ccb

Cyber-attack website Webstresser taken down
The operation, which involved the UK’s National Crime Agency, blocked Webstresser.org – which allows criminals to buy attacks on businesses. The site was used by a British suspect to attack high street banks last year, causing hundreds of thousands of pounds of damage. Six suspected members of the gang behind the site have been arrested, with computers seized in the UK, Holland and elsewhere.
http://www.bbc.com/news/uk-43893420

Asset managers seek cyber insurance amid threat of GDPR fines
“In the past this may have been trading platforms or information on investment strategies used for key clients,” said Rounds. “GDPR means the number one crown jewel for the asset management sector is now personal data, such as employment data or information held by sales and marketing.” With asset managers and custodian banks generating hundreds of millions of pounds in revenues each year, a data breach resulting from a cyber attack could have a significant impact on profits.
https://www.fnlondon.com/articles/asset-managers-seek-cyber-insurance-amid-threat-of-gdpr-fines-20180425

Future cyber warfare: protecting the grid
[Energy] generation and distribution assets, which impact all other critical infrastructure, will be prime, if not the prime, targets. Russia’s 2015 attack on Ukraine’s electrical grid in conjunction with its military operations in the east provides ample warning. It was not a standalone attack. Rather, it disrupted Ukrainian defensive efforts to gain a relative advantage. Nor was the effort sustained. Rather, it served as a warning of cross-domain (cyber to physical) threats the Russians can pose.
https://www.realcleardefense.com/articles/2018/04/12/future_warfare_protecting_the_grid_113317.html

Defense Bill Would Send Military Reinforcements to DHS’ Cyber Mission
Military cyber pros would help the Homeland Security Department ensure the cybersecurity of critical infrastructure, such as energy plants, hospitals and airports, under the House version of a major defense policy bill released Wednesday. The military assistance would be limited to 50 cyber troops per year, according to the National Defense Authorization Act draft. The provision was included in a draft released by the House Armed Services Committee’s emerging threats panel, which oversees most military cyber priorities. The committee will mark up the draft Thursday morning.
https://www.nextgov.com/policy/2018/04/defense-bill-would-send-military-reinforcements-dhs-cyber-mission/147738/

Russia likely targeted all 50 states in 2016, but has yet to try again, DHS cyber chief says
On Tuesday, during a hearing of the Senate Homeland Security Committee, Sen. Margaret Hassan, D-N.H., noted to Manfra that six states have already held primaries for the 2018 season and dozens more primaries will be held in the coming weeks. “Has DHS detected any cyber activity targeting election infrastructure by Russia or any other actors during this election season?” Hassan asked Manfra. “We have not at this time,” Manfra responded.
http://abcnews.go.com/US/russia-targeted-50-states-2016-dhs-cyber-chief/story?id=54695520

Managing a distributed workforce: How to maintain cybersecurity when everyone works remotely
I think there are a couple of things that are kind of the basics. You should enable multi-factor authentication on wherever these applications supported so that users don’t just need their password, but they also need access to a mobile phone or some other kind of authentication mechanism in case their password happens to be one of the many that’s part of the latest compromise of password data that we read about all the time.
https://www.techrepublic.com/article/managing-a-distributed-workforce-how-to-maintain-cybersecurity-when-everyone-works-remotely/

CEOs are taking more responsibility for cybersecurity protection
“We’re seeing CEOs taking this seriously. They have become aware they must focus on this.” In fact, “This is the first time I’ve seen a positive report in that CEOs are getting more involved,” Bissell said. “They shouldn’t rest, but they are making headway.” Greater involvement may be working. The average number of cyberattacks per company has more than doubled from a year ago, but organizations are demonstrating far more success in detecting and blocking them, the Accenture survey found.
https://www.fierceceo.com/technology/ceos-are-taking-more-responsibility-for-company-s-cyber-security-protection

Recent IoT Research Says Broadband Households Care More About Cybersecurity Than Ever Before
This swift change in tone is due largely to a recently released whitepaper from IoT research firm Parks Associates, titled “Residential Security and Encryption: Setting the Standard, Protecting Consumers.” The whitepaper revealed that 64% of U.S. broadband households are concerned about security and privacy when using their connected devices. Parks Associates also found that the majority of homeowners assume security integrators are addressing their cybersecurity concerns.
https://www.cepro.com/article/iot_research_broadband_households_cybersecurity

Government surveillance of social media is rife. Guess who’s selling your data?
If you are tweeting or posting about a “security threat”, law enforcement can fish you out of the ocean of the world’s 2.6-billion social media users. Using special surveillance software, they can gather posts from platforms to identify you, and walk right up to your front door. Governments buy this data from surveillance companies, who in turn buy it from social media companies. But security threats are what governments decide them to be. These include certain protesters, non-profits and journalists.
https://www.dailymaverick.co.za/article/2018-04-25-government-surveillance-of-social-media-is-rife-guess-whos-selling-your-data/

China’s Ever-Expanding Surveillance State
China’s authoritarian regime is taking systematic steps to expand its surveillance of people and communication channels within the country, and the tentacles of the apparatus are slowly extending far beyond China’s borders. A series of revelations and activist arrests over the past month provide insight on this project and what it means for the future of China and the world.
https://thediplomat.com/2018/04/chinas-ever-expanding-surveillance-state/

The Israeli App That Promises To Protect All Your Data From Facebook
In 2017, Haaretz singled out 57 cyber privacy startups based in Israel that are dedicated to protecting social media users’ private information from abuse by the platforms they use and trust. These new companies include such diverse products as SaferVPN, which gives internet users an anonymous IP address to safeguard information from hackers, and Kimpi, an app that alerts parents when their children receive threats on social media. Financial investment in online privacy has more than tripled in recent years to $13.5M according to the outlet, making it a fast-growing part of Israel’s technology sector.
https://forward.com/life/tech/399724/the-israeli-app-that-promises-to-protect-all-your-data-from-facebook/

New DNS Encryption Tools Accelerate Privacy Online
Brand new Domain Naming Service (DNS) Cloudflare is gaining firm ground among internet users. Unlike many other DNS providers, Cloudflare positions itself as strictly privacy-oriented service. According to CUJO AI data, it has acquired nearly 4% of the total DNS market since its launch on April 1st and now stands as the fifth most popular DNS provider. Moreover, Google and Apple announced that they will start encrypting DNS traffic. What does that mean for the internet privacy?
https://www.telecompaper.com/industry-resources/new-dns-encryption-tools-accelerate-privacy-online–1241779

Data and privacy breach notification plans: What you need to know
“You’re not going to have time to do a lot of legal research in a cyber crisis, especially if your systems are locked up by a ransomware attack,” says Michael Bahar, global co-lead of the cybersecurity and data privacy practice at Eversheds Sutherland. As increasing numbers of U.S. and global jurisdictions bring new or revised breach legislation and regulations online, research will only become more time-consuming, complex, and stressful—and time is of the essence during a breach.
https://www.csoonline.com/article/3269250/regulation/data-and-privacy-breach-notification-plans-what-you-need-to-know.html

NewsJacker 4-24-2018 [Video]
Mike Hamilton discusses the shift to cryptocurrency mining, what’s up with all these pipeline companies being disrupted, how the CISO can transcend the checkbox/scapegoat gerbil wheel, and an intro to CI Security.
https://criticalinformatics.com/resources/blog/newsjacker-ci-security/

Trump’s cell phone use is security “nightmare” waiting to happen, lawmakers say
“Given the apparent lack of progress the Administration has made since initial reports in 2016 of the President’s poor operational security, it appears the only thing standing between the Office of the President and the next national security nightmare is a combination of President Trump’s personal restraint and sheer luck. Our national security should not depend on whether the President clicks on a malicious link on Twitter or his text application, or the fortuity of foreign agencies not knowing his personal cell number.”
https://arstechnica.com/tech-policy/2018/04/trumps-cell-phone-use-is-security-nightmare-waiting-to-happen-lawmakers-say/

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.