IT Security News Blast 05-04-2018

Twitter Passwords Leaked

Twitter to All Users: Change Your Password Now!
Twitter just asked all 300+ million users to reset their passwords, citing the exposure of user passwords via a bug that stored passwords in plain text — without protecting them with any sort of encryption technology that would mask a Twitter user’s true password. The social media giant says it has fixed the bug and that so far its investigation hasn’t turned up any signs of a breach or that anyone misused the information. But if you have a Twitter account, please change your account password now.
https://krebsonsecurity.com/2018/05/twitter-to-all-users-change-your-password-now/

Healthcare Industry Takes Brunt of Ransomware Attacks
“The attacks and threats of 2017 are a reminder of the ingenuity and destructive capabilities of threat actors,” Cylance Head of Security Research Aditya Kapoor stated. “All indicators point to a perfect storm with the explosion in the number and types of endpoints requiring protection, the rise in the diversity of attack types, and the ease with which they can be accessed and weaponized.” The report noted that the rise of ransomware-as-a-service has opened ransomware up for anyone to use.
https://healthitsecurity.com/news/healthcare-industry-takes-brunt-of-ransomware-attacks

Why healthcare firms need a cybersecurity health check
Firstly, hospitals hold highly personal and sensitive information that could be held to ransom. Also, medical records, research data or drug trial information can be sold through the dark web. Another vulnerability is that hospitals cannot afford to lose access to their systems because of the effects on patient safety. While to many other businesses, having the IT system unavailable has effects that are primarily financial, for hospitals the consequences could even cost lives. […] And healthcare is one of the biggest sectors of economic activity globally, so opportunities to extort money are significant.
https://www.tahawultech.com/securityadvisorme/features/why-healthcare-firms-need-a-cybersecurity-health-check/

Recent Trends to Bring Evolution in the Global Cyber Insurance Market
For instance, recently, BDI Global has launched a specialized cyber risk insurance program called SafeHealth. In July 2017, ISO has introduced cyber insurance program with enhanced rating and coverage options. In August this year, Pioneer Special Risk has launched a new suite of cyber solutions that provides allied healthcare entities with protection against a range of digital exposures. In June 2017, Wingman Insurance has introduced Wingman Cyber Insurance online platform that enables businesses to acquire cyber insurance coverage across all countries.
https://www.newsguards.com/2018/05/03/recent-trends-bring-evolution-global-cyber-insurance-market/

Hacking threat comes into focus for municipal finance
Colorado’s Department of Transportation was recovering from a February attack that froze 2,000 computers when the system became re-infected. The hack, considered a variation of the SamSam ransomware that struck Atlanta, locked computer files and demanded a ransom for their safe return. […] The issue has become so commonplace that municipalities are being advised to describe the risks in bond offering documents.
https://www.bondbuyer.com/news/hacking-threat-comes-into-focus-for-municipal-finance

Lawmakers seek enhanced small business cyber protection
The lawmakers maintain the SBA should work with existing professional certification organizations and the private sector to develop a low-cost, vendor-neutral certification program for small business employees who act as their company’s designated cybersecurity expert; and establish a cybersecurity cooperative creating a large pool of willing buyers for various cybersecurity products and services.
https://financialregnews.com/lawmakers-seek-enhanced-small-business-cyber-protection/

Three decisions Cyber Command’s new leader will have to make
Now that this force is slated to reach a key staffing milestone, known as full operational capability, there have been indications that the structure of this force could change. Rogers noted during recent testimony that he’d like to “retool” the teams, noting that their structure is based on an evaluation that’s almost eight years old. “The thought was the cyber forces we created would be permanently aligned. I argue it’s not going to get us where we need to be,” he said. Nakasone, during his confirmation hearings, appeared to agree with this view.
https://www.fifthdomain.com/dod/cybercom/2018/05/03/three-decisions-cyber-commands-new-leader-will-have-to-make/

Navy secretary, other US officials increasingly sounding alarm over Chinese smartphone maker Huawei
Due to security concerns, the federal government has moved to restrict Huawei’s operations in the United States and the Pentagon this week ordered military exchanges to stop selling electronics made by Huawei and its Chinese competitor, ZTE. “It’s not just the South China Sea,” Navy Secretary Richard Spencer told the Senate Appropriations Committee last month. “It’s across the full spectrum that China is coming at us.”
https://www.militarytimes.com/news/your-military/2018/05/03/navy-secretary-other-us-officials-increasingly-sounding-alarm-over-chinese-smartphone-maker-huawei/

What Is Absent From the U.S. Cyber Command ‘Vision’
Although the document never says so explicitly, it clearly contemplates Cyber Command conducting many cyber activities below the threshold of armed conflict as well. At the same time, the vision is silent on a number of important points—after all, it is a short, high-level document. In this piece, we have highlighted some of these gaps to identify critical stumbling blocks and necessary areas of research. We categorized our comments below following the basic building blocks of any good strategy: ends, ways and means.
https://lawfareblog.com/what-absent-us-cyber-command-vision

Cyber Warfare: The Threat From Nation States
The announcement – which is the first time two nations have come together to show solidarity in this area –  saw the National Cyber Security Centre (NCSC), US Department of Homeland Security and the FBI warn businesses and citizens that Russia is exploiting network infrastructure devices such as routers around the world. The aim: To lay the groundwork for future attacks on critical infrastructure such as power stations and energy grids.
https://www.forbes.com/sites/kateoflahertyuk/2018/05/03/cyber-warfare-the-threat-from-nation-states/#21da0d861c78

What a cyberwar looks like — and what it doesn’t
In order to take the threat of cyber war seriously, we should recognize that not all detrimental activity online should be called “cyberwar” just as not all actions between states are defined as “war.” A reasonable definition must take into account specific forms of aggression and intended results — “cyberwar” is not crime, it is not espionage, it is not propaganda and it is not terrorism.
https://www.cnbc.com/2018/05/03/what-a-cyberwar-looks-like-commentary.html

Security Integrators Need to Care More About Cyber Security
The threat is very real, especially now that so many devices are connected to the Internet, including security cameras, communications equipment, access control, fire systems, intrusion detection solutions, lighting systems, heating, air conditioning and ventilation systems, televisions and more. Security integrators would be wise to start caring more about data breaches.
https://www.commercialintegrator.com/security/access_control/security-integrators-cyber-security/

Cyberespionage Group Abuses LoJack Theft Recovery Software
In 2014, security researchers from Kaspersky Lab published a paper showing how Absolute’s Computrace technology could be abused to serve as a backdoor. They pointed out that its small Windows software agent could easily be modified to make it connect to a rogue server. […] It seems that four years later, cyberespionage groups are taking advantage of this powerful functionality that’s present on many devices and is both persistent and stealthy.
https://securityboulevard.com/2018/05/cyberespionage-group-abuses-lojack-theft-recovery-software/

Is The Dodd-Frank Of Privacy Coming?
This [GDPR] regulatory regime coming into effect in an era of national retrenchment, where the rules-based system of global trade and harmonization are frayed, will likely lead to greater tensions across the Atlantic. Indeed, the prospect of an information security and privacy arbitrage, where companies seek out data privacy havens, may yield a race to the bottom. This zero-sum approach will be harmful for people, markets and regulators, especially as they all grapple with complex cyber threats that do not respect board rooms or borders.
https://www.forbes.com/sites/dantedisparte/2018/05/03/is-the-dodd-frank-of-privacy-coming/#21bd4e964f72

Digital transformation puts data privacy, regulation at risk
The 15 Global Fraud Survey conducted by Ernst & Young (EY) with theme, “Integrity in the Spotlight: the Future of compliance,” has found that open and connected business models are likely to result in increased exposure to cyber threats and ransomware. “Increased global connectivity means that anyone with access to company data, anywhere in the world, can exploit weaknesses in data security. Companies’ critical digital and physical assets are therefore at greater risk of theft, damage and manipulation by insiders than ever before,” Andrew Gordon, Global leader, Fraud Investigation & Dispute Services, EY, said.
http://www.businessdayonline.com/digital-transformation-puts-data-privacy-regulation-risk/

Phishing alert: GDPR-themed scam wants you to hand over passwords, credit card details
A GDPR-related phishing scam uncovered by researchers at cyber security firm Redscan is doing just this in an effort to steal data with emails claiming to be from Airbnb. The attackers appear to be targeting business email addresses, which suggests the messages are sent to emails scraped from the web. The phishing message addresses the user as an Airbnb host and claims they’re not able to accept new bookings or send messages to prospective guests until a new privacy policy is accepted.
https://www.zdnet.com/article/phishing-alert-gdpr-themed-scam-wants-you-to-hand-over-passwords-credit-card-details/

4 Critical Applications and How to Protect Them
Here are four of the most complex and vulnerable critical applications:
·       Financial Apps
·       Medical Apps
·       Messaging Systems
·       Legacy Systems
https://www.darkreading.com/partner-perspectives/f5/4-critical-applications-and-how-to-protect-them/a/d-id/1331698

Hackers protest Georgia’s SB 315 anti-hacking bill by allegedly hacking Georgia sites
According to The Augusta Chronicle, the hacking group first took credit for hacking the City of Augusta and defacing the website of Calvary Baptist Church of Augusta. The City of Augusta denied it was hacked. Shortly thereafter, the hackers claimed to have targeted Georgia Southern University and the sites for two Augusta restaurants: Blue Sky Kitchen and Soy Noodle House. The hackers, purportedly mostly from Georgia, are protesting SB 315 and attempting to “draw attention” to the “unintended consequence of that bill.”
https://www.csoonline.com/article/3269535/security/hackers-protest-georgias-sb-315-anti-hacking-bill-by-allegedly-hacking-georgia-sites.html

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.