IT Security News Blast 1-13-2017

Healthcare Industry Vulnerabilities Give Rise to Cyber Crime

Cybercriminals are drawn to and attack the healthcare industry for many reasons, but primarily because they allocate a bulk of their resources to patient care and innovation, which often leaves information security underfunded. However, by becoming educated about BEC scams and the tools available to mitigate this threat, healthcare organizations can drastically reduce email fraud and associated financial losses.

‘Hacktivists’ Increasingly Target Local And State Government Computers

“Some take this as being harmless and think it’s another form of protest,” said Doug Robinson, executive director of the National Association of State Chief Information Officers (NASCIO). “But it can be highly disruptive. It’s criminal trespassing.” Robinson said he has seen a “significant growth” in the number and severity of hacktivist attacks on state and local governments in the past five years. For the public, it can mean being unable to log on to government websites to get information or conduct business. And for taxpayers, it can mean having to pick up the tab for staff time and additional technology needed to combat such attacks.

Cyber security attacks to be aware of for the near future

By analysing current security trends, we can try to gauge what the cyber security attacks of the future will look like. Here are three predictions for 2017:

(1) Attackers will undermine data integrity

(2) Artificial intelligence will fuel crime

(3) Machine learning will empower defenders

Bringing boards up to cyber speed

The exponential growth of cyber risk has impacted roles for the CISO and the CEO, among others, but it has also left board members a little in the dark when it comes to understanding the risks associated with cybersecurity. The National Association of Corporate Directors, NACD, who represents 88 percent of the Fortune 1000, recently released a Cyber-Risk Oversight Handbook. In an effort to set  standards for corporate board leadership, they surveyed corporate board members and found that only 11 percent of today’s directors have a high understanding of cyber risks.

Build an effective cyberattack recovery playbook by following this NIST guide

“There has been widespread recognition that some cybersecurity events cannot be stopped and solely focusing on preventing cyber events from occurring is a flawed approach.” That attitude among NIST experts started gaining traction two years ago when the Federal Government’s Office of Management and Budget published the agency’s Cybersecurity Strategy and Implementation Plan (CSIP). The following quote, in particular, captured the attention of NIST personnel: “CSIP identified significant inconsistencies in cyber-event response capabilities among federal agencies. The CSIP stated that agencies must improve their response capabilities.”

Re-engineer Cybersecurity Processes Or Face Digital Transformation Failure, Says New Report

This survey also found that security transformation doesn’t only affect the technology choices enterprises make to combat cyber-thieves. The aftershocks are rippling throughout large companies and causing them to rethink how they organize internal stakeholders, assess risk and prioritize future investments. In short, many firms are redefining their approach to cybersecurity with a renewed focus on prevention, incident response and data protection.

Cybersecurity standards and guidelines — are you just checking the boxes?

Some oversight organizations, including the FTC and the California Attorney General, require that organizations they oversee to achieve “reasonable” security. While they don’t provide specific guidance as to what is “reasonable,” adherence to an appropriate standard can demonstrate a reasonable attempt to achieve a secure operation. Additionally, cyber-insurance companies will typically require that a company follow an appropriate standard, in a documented fashion, before they will issue a policy. In the event of a claim, they will review compliance with the standard as part of their basis for deciding to pay out against the claim.

Ransomware Rising On The Plant Floor

RSA’s Stacey says ransomware attacks on industrial systems have the potential to be lucrative for attackers. In hospitals or other critical operations, ransomware attacks locking organizations out of their data can be catastrophic and result in the loss of life, he says. “ICS falls into that [category]. Very few people want to destroy a dam … to a certain degree, the equipment that opens it is not that valuable. But if you take that data away, the [victim] is willing to pay for it,” he says. “ICS [ransomware] has the potential to be catastrophic.”

Amazon customers targeted in phishing scam

The con starts when the victim attempts to check out. A message appears stating the product is no longer available, but then the vendor will email the target saying the item is available and can be purchased by clicking on an imitation Amazon link included in the email. The link leads to a fake, but quite real looking, Amazon payment screen where all of the victim’s Amazon login, payment and personal information is asked for.

Russia, China — and the US — are biggest geopolitical cybersecurity threats

The U.S. and the four other major English speaking countries — the UK, Canada, Australia and New Zealand — also make the top threats list. That doesn’t necessarily mean that New Zealand is a major global cyber-threat, however. But these five countries are a major global force. “We wanted to include them because they are at the pinnacle of cyber capabilities both in espionage and destructive acts,” Condra said. “And the U.S. has an overwhelming advantage over any adversary. And we didn’t want to create the perception of bias.”

Giuliani announces he’ll be Trump’s czar for the cyber thing

Giuliani’s bona fides for this role apparently spring from his time as chair of the “Cybersecurity, Privacy and Crisis Management Practice” at the New York law firm Greenberg Traurig, a position he assumed a year ago. However, it’s not clear that Giuliani has ever had any direct experience in cybersecurity law or policy. Giuliani previously was a partner in a Houston-based international law firm Bracewell (formerly Bracewell & Giuliani) for over 10 years, and he ran his own security consulting firm based on his mayoral experience and credibility from New York City’s measures taken after the September 11, 2001 terror attack. But Giuliani is really counting on private industry to provide all the answers.

DHS should have a cybersecurity unit, says panel chairman

“DHS needs focus and resources, and they are doing a decent job, but could be doing a lot better with the help of Congress,” said U.S. Rep. Michael McCaul (R-Texas) in comments to reporters at the National Press Club. “It’s not a Republican or Democratic issue.” […] More generally, McCaul said the DHS – as a civilian agency — needs to work more urgently to assist the private sector in defending the nation’s critical infrastructure, including communications, the electric grid and nuclear energy.

The Top Cyber Security Risks In Asia-Pacific In 2017

Cybercriminals will continue to innovate through ransomware

Website defacements will be old school – website ransoms will be the new tactic

DDoS attacks will present a threat to Singapore’s Smart Nation

Closed groups on social media will be the main platform for organizing cyber campaigns

Start-ups and e-commerce sites involving financial transactions will be highly targeted

Organizations will seek a strategic focus on threat actors and their capabilities

Advanced persistent threats will become advanced phishing threats

Companies will continue to seek clarity on the implications of China’s new cyber security laws

Hamas Compromised Dozens of IDF Soldiers’ Phones Using Seductive Female Images

The operation against these hackers lasted for months after receiving reports about suspicious online activities of some of the Israeli soldiers. Through the operation, a large number of accounts owned by Hamas’ operatives on social media platforms including Facebook was identified. These accounts were operated using stolen identities or fake information and the sole purpose was to lure IDF soldiers through seductive profiles to obtain confidential information. Both reservist and regular soldiers fall prey to Hamas’ trap.

NSA to share raw intercepted data with other intel agencies

The National Security Agency (NSA) was granted expanded powers to exchange information gathered in its global surveillance operations. The intelligence organization will now be allowed to share raw data with the federal government’s 16 other intelligence agencies, according to a report on Thursday in the New York Times. The Obama administration’s order stipulates that communications intercepted by the NSA can be shared before privacy protections are applied. Previously, the NSA was restricted in what it could do with the data collected as part of its surveillance activities.

Hack reveals data company Cellebrite works with everyone from US cops to Russia

On Thursday, Vice Motherboard reported that an unnamed source provided the site with 900GB of data hacked from Cellebrite, the well-known mobile phone data extraction company. Among other products, Cellebrite’s UFED system offers “in-depth physical, file system, password, and logical extractions of evidentiary data,” and is often the go-to product for law enforcement to pull data from seized phones and other devices. […] In addition, the trove of materials contains “customer support tickets” showing that the Israeli company sells its services to countries with questionable human rights records, including Turkey, Russia, and the United Arab Emirates.

Quantum Computing Is Real, and D-Wave Just Open-Sourced It

“D-Wave is driving the hardware forward,” says D-Wave International president Bo Ewald. “But we need more smart people thinking about applications, and another set thinking about software tools.” That’s where the company’s new software tool Qbsolv comes in. Qbsolv is designed to help developers program D-Wave machines without needing a background in quantum physics. A few of D-Wave’s partners are already using the tool, but today the company released Qbsolv as open source, meaning anyone will be able to freely share and modify the software.

Russia waging disinformation war against Sweden: Report

Researchers from the Swedish Institute of International Affairs, Sweden’s leading foreign policy institute, have written that Russia has been using fake news, false documents, and disinformation as part of a coordinated campaign to influence public opinion and decision-making in Sweden. The Russian meddling in Swedish politics, and the methods used by Russian intelligence agencies to influence the tone of Swedish public discourse and direction of Swedish public policies, are similar to the methods and goals of the Putin government in interfering in the U.S. 2016 presidential election in support of Donald Trump.