IT Security News Blast 05-02-2018

California Cybersecurity 2020

SamSam Ransomware Attacks Focus on Victims Who Will Pay Up
Because of the healthcare sector’s reliance on IT systems and the operational importance of patient data and records, the ransomware risk is expected to increase. HHS said it encourages organizations to use data backups and develop contingency and business continuity plans that can ensure resilient operations in the event of a ransomware event.
https://healthitsecurity.com/news/samsam-ransomware-attacks-focus-on-victims-who-will-pay-up

Why You Need A Holistic, Integrative Medical Approach to Cybersecurity
Instead, we need a system that is based on a holistic view of the entire business. This view is designed not to treat pathologies, but to promote health and well-being that allows an organization to maximize performance and thrive in a healthy and safe way. The starting point should not be the pathology but the mission of the business and the activity that supports that mission.
https://www.forbes.com/sites/danwoods/2018/04/30/why-you-need-a-holistic-integrative-medical-approach-to-cybersecurity/#1a07cc3e404e

3 Ways to Maximize Security and Minimize Business Challenges
[Every] network is bespoke – formed from accepted design patterns, business requirements, organic growth and designer preference. Consequently, it’s not feasible to choose security tools with the mindset of, “If I just had this network intrusion detection system (NIDS) and that user behavior analytics (UBA) tool, then I’d be secure for sure.” Why? Because it doesn’t address the unique challenges you need to solve to secure your unique network.
https://www.darkreading.com/partner-perspectives/gigamon/3-ways-to-maximize-security-and-minimize-business-challenges-/a/d-id/1331675

With Vision 2020 plan, California includes cybersecurity in ‘everything’
With an ever-increasing amount of emerging technology on the horizon, Liebert says, taking a security-first approach to both emerging technology and any amount of technology in the state can be an effective way to address changes in the security environment. “Whenever I look at any of these technologies, I make sure that there’s a layer of security really layered throughout it so we don’t have inherit risks that are being brought in,” Liebert says.
https://statescoop.com/with-vision-2020-plan-california-includes-cybersecurity-in-everything

Why Cities Are So Bad at Cybersecurity
Certainly, there are local governments that do a commendable job with cybersecurity. If previous research into government information technology systems and electronic government can be a guide, they are most likely larger, more well-funded and more well-managed governments. However, the data from our more recent survey strongly suggest that at least some, and perhaps even a large fraction of, local governments may be unable to respond to electronic intrusions.
https://www.citylab.com/life/2018/05/why-cities-are-so-bad-at-cybersecurity/559334/

Energy Companies Aren’t Doing Much to Defend Against Soaring Cyber Attacks
“It’s scary,” said Brian Walker, a former head of Marathon Oil Corp.’s global IT and now an independent consultant. Executives making funding decisions “aren’t necessarily millennials who intuitively understand” how cyberthreats reach seemingly disconnected units, he said. “It’s guys my age that are the problem,” according to Walker, who said he’s in his early 50s. “We’ve been 30-years trained in a world that doesn’t work this way anymore.”
https://www.bloomberg.com/news/articles/2018-04-27/-cyber-blindspot-threatens-energy-companies-spending-too-little

Techies! Britain’s defence secretary wants you – for cyber-sniping at Russia
“In this age where there’s so much disinformation, where Britain’s enemies will use Twitter, will use every angle they can do to change the narrative – people who’ve traditionally thought about joining reserve forces, we want them to come in.” The defence secretary also singled out journalists as the type of people who he really wants to see join the military, as well as others “with the ability to really understand about getting messages across”.
https://www.theregister.co.uk/2018/05/01/ukgov_wants_techies_join_the_army/

Russian trolls are pitting Americans against energy industry
The committee’s report focuses on the Internet Research Agency (IRA), a Russian internet troll farm based in St. Petersburg that appears to be at the forefront of Russian cyber-meddling. It claims, “Russia was actively engaged in a concerted effort to disrupt U.S. energy markets and influence domestic energy policy and was exploiting American social media platforms [e.g., Instagram, Facebook and Twitter] in an attempt to carry out this objective.”
http://thehill.com/opinion/energy-environment/385554-russian-trolls-are-pitting-americans-against-energy-industry

For better cybersecurity, be nice to your CFO
“Why should I be collaborative with my CFO? That’s where the money is,” said Rod Turk, acting CIO of the Commerce Department at a May 1 event hosted by the Association of Government Accountants. “And frankly…if you start talking bits and bytes to your CFO, they’re not going to understand. When they don’t understand, guess what? You don’t get the money.”
https://fcw.com/articles/2018/05/01/cfo-cyber-aga.aspx

New APT groups emerge as more nations join the global cyber-arms race
[The] West is still fixated on nuclear capabilities and it is unclear if the likes of the UK or the United States will ever launch a pre-emptive strike on such capabilities as they can be hidden anywhere and are extremely difficult to locate or attribute. If it is really so pointless to try and locate an enemy’s cyber-weapons or to destroy them, are nations just developing and stockpiling their own cyber-weapons to promote deterrence using the principle of MAD (mutually assured destruction)?
https://www.scmagazineuk.com/new-apt-groups-emerge-as-more-nations-join-the-global-cyber-arms-race/article/762291/

Twitter Sold Data To Cambridge Analytica-Linked Company
The news comes a month after Facebook came under fire for leaking user data to Cambridge Analytica through a third-party app. A Twitter spokesperson told Threatpost that enterprise company Global Science Research, owned by the same researcher behind  Cambridge Analytica, had “one-time API access” to a “random sample of public tweets” in 2015.
https://threatpost.com/twitter-sold-data-to-cambridge-analytica-linked-company/131525/

A New Front in Information Warfare
For the United States to succeed in this battle, citizens, not just the government, need to be more discerning about information, experts say. The country’s citizens are not well-versed in state-controlled messages or propaganda commonly used by closed, autocratic societies. Americans must learn to handle digital meddling by adversaries, defend Western democracy and freedoms, and improve the country’s stance in assessing the truth, information warfare experts recommend.
https://www.afcea.org/content/new-front-information-warfare-0

Australia eyes wider spying on its citizens
A leaked letter from Home Affairs Secretary Mike Pezzullo to Defense Department Secretary Greg Moriarty proposes that their respective ministers be empowered to approve monitoring and interception of text messages, emails and bank records to “disrupt and covertly remove cyber threats”, including those relating to terrorism and child exploitation.
http://www.atimes.com/article/australia-eyes-wider-spying-on-its-citizens/

Privacy: Looks Who’s Watching
In today’s world, surveillance is very much considered a double-edged sword. As its use rises, current privacy protections — many of which were written before the advent of cell phones — are simply ill-equipped and ineffective at protecting privacy and personal information. Although most people once thought government surveillance was the biggest threat to individual freedom, private sector surveillance is currently fueling enormous privacy concerns. […] Users must remember that social media and other online platforms that make information sharing “free” are driven by ulterior motives to monetize the information that is shared, Visner explains.
https://www.scmagazine.com/privacy-looks-whos-watching/article/762204/

Microsoft Just Made Hackers’ Lives a Lot Harder – but Has Anybody Noticed?
The rules block executable files from running unless they meet a prevalence, age, or trusted list criteria; use advanced protection against ransomware; block credential stealing from the Windows local security authority subsystem (lsass.exe); block process creations originating from PSExec and WMI commands and block unverified, unsigned processes that run from USB.
https://www.cbronline.com/news/hackers-lives-harder

Facebook building a “simple way to clear your cookies and history”
On Tuesday, Facebook CEO Mark Zuckerberg announced that the company is working on a tool that would allow users a “simple way to clear your cookies and history.” While the company didn’t say so explicitly, this move seems to be in response to the Cambridge Analytica fiasco.
https://arstechnica.com/tech-policy/2018/05/facebook-building-a-simple-way-to-clear-your-cookies-and-history/

Volkswagen Cars Open To Remote Hacking, Researchers Warn
Computest researchers Daan Keuper and Thijs Alkemade, who discovered the flaw, said that under certain conditions the IVI vulnerability could enable attackers to commandeer the on-board microphone to listen in on the conversations of the driver, turn the microphone on and off, and access the system’s complete address book and the conversation history. There is also a possibility of hackers tracking the car through the navigation system at any given time, they said.
https://threatpost.com/volkswagen-cars-open-to-remote-hacking-researchers-warn/131571/

A cryptocurrency platform exposed sensitive data of 25,000 users
Bezop, a cryptocurrency startup exposed highly personal details of more than 25,000 of its investors online which were publicly accessible to anyone with an Internet connection. The platform which is supported by John McAfee left the personal details exposed due to an unprotected MongoDB database. The exposed data included full names, email addresses, physical addresses, wallet information, encrypted passwords, copies driver’s license and passports.
https://www.hackread.com/cryptocurrency-platform-expose-data-of-users/

Slack Releases Open Source Secure Development Lifecycle Tool
After providing some general information about their project, developers using goSDL are instructed to answer some questions for an initial risk assessment. Among other things, developers are asked if they believe the involvement of the security team is necessary, and if their code adds new authentication features or changes existing security controls.
https://www.securityweek.com/slack-releases-open-source-secure-development-lifecycle-tool

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.