IT Security News Blast 1-4-2017

How Advanced Analytics Can Shore Up Defenses Against Data Theft

Along with insufficient threat detection, traditional tools can contribute to “alert fatigue” by excessively warning about activities that may not be indicative of a real security incident. This requires skilled security analysts to identify and investigate these alerts when there is already a shortage of these skilled professionals. Hospital CISOs and CIOs already operate under tight budgets without needing to hire additional cybersecurity guards. Healthcare security pros need to pick up where those traditional security tools end and realize that it’s the data that is ultimately at risk.

Survey Results: A Look Ahead for Healthcare IT in 2017

These are some of the conclusions from “2017: The Year Ahead in Health IT,” a new survey of healthcare organizations from Healthcare IT News. We polled 95 healthcare executives in October 2016. Asked which technologies they are planning to upgrade in 2017, 52 percent of survey respondents said security, 51 percent analytics, 44 percent patient engagement, 44 percent population health, 31 percent EHRs, 24 percent remote patient monitoring, and 22 percent revenue cycle management.

Dot conned: Cyber crime’s war on family offices

Complacency could be one of the biggest threats to family offices, as they deal with the ever-present, if largely hidden, danger posed by cyber-crime. Research shows the family office community is especially vulnerable to these attacks. […] ‘Business Email Compromise’ scams are also rampant. At a gathering, Campden Wealth heard from a family that had been attacked, where emails masquerading as instructions from the chief executive to transfer funds had been given. Vigilant staff noticed the orders were out of the ordinary. Nevertheless, the company had been penetrated and time and money had to be invested to take remedial action.

A Big Cyberattack Is Inevitable In 2017

Hospitals are prime targets and have suffered particularly at the hands of ransomware attacks. As they are full of critical patient records, life-saving medical equipment, patient devices and staff computers, hospitals’ cyber defenses have failed to keep pace. This resulted in many organizations forced to pay up in order to recover their data. For instance, the Hollywood Presbyterian Medical Center in Los Angeles had to pay the equivalent of $17,000 in Bitcoin after its computers were taken offline by hackers for over a week.

Obama’s Disclosure About Russian Hacking Is A Cybersecurity Gold Mine

Recent advances in automation, however, have contributed to significantly closing the gap between detection and remediation of new threats. Specifically, the practice of “automated indicator sharing” allows for real-time machine-to-machine sharing of threat intelligence ? precisely the type of data contained in the joint D.H.S. and F.B.I. report. The sharing of trusted and structured data enables organizations to, for example, automatically block traffic associated with a newly identified attack vector.

Donald Trump’s Attitude Toward Hacking Raises Concerns Among Cybersecurity Experts

And his attitude could point to a shift in cybersecurity policy from the innovative approaches of President Barack Obama and his predecessor George W. Bush, according to Ari Schwartz, who served as the top cybersecurity adviser on the National Security Council in 2015. “We’re not going back to the world of couriers and letter-writing; we’re going to continue to do things online,” Schwartz told The Washington Post. “There are ways to do it where you can manage risk, and that’s really what the goal should be here — to get to the point where we can have the efficiencies and the benefits and still be secure.”

The State of Crypto Law: 2016 in Review

This year was one of the busiest in recent memory when it comes to cryptography law in the United States and around the world. But for all the Sturm und Drang, surprisingly little actually changed in the U.S. In this post, we’ll run down the list of things that happened, how they could have gone wrong (but didn’t), how they could yet go wrong (especially in the U.K.), and what we might see in 2017.

Cyber Security Takes on New Urgency for Groups Targeted by Trump

“To prepare for life under Trump we’ll have to do more than download Signal and learn PGP,” admonished an organizer at the New Inquiry, referring to some common encryption practices among activist journalists. “We’ll have to learn how to scheme in the shadows, pass notes, and encrypt our offline communications as securely as we do our emails.” To that end, ad-hoc workshops, “cryptoparties” and online guides to digital security have multiplied across the country — and beyond — as journalists scramble to fortify their data.

Researcher: Subcontractor leaks data on military health care professionals

According to Chris Vickery, security researcher at MacKeeper, the server is operated by Potomac Healthcare Solutions, which provides its services through management consulting firm Booz Allen Hamilton. In a blog post, Vickery wrote that the server revealed the names, work locations, Social Security numbers, salaries and assigned units of military health care personnel deployed within the United States Special Operations Command (SOCOM).

New China Cybersecurity law comes with data protection fangs

One of the new provisions calls for personal data and “important data” gather and produced by “key information infrastructure operators” (KILO) during operations in China must be kept within the country’s border. While there is provision for the potential of such data to leave the country, a security assessment must be conducted pursuant to the measures jointly formulated by the National Cyberspace Administration and State Council unless other PRC laws permit the overseas transfer.

The GRU-Ukraine Artillery Hack That May Never Have Happened

Major media outlets including the The Washington Post, CNN, NBC News, and PBS Newshour ran the story without fact-checking a single detail. Motherboard, Forbes, SC Magazine, and other media did the same. Only VOA and Bloomberg took the time to question Crowdstrike’s claims and do some of their own investigating. With the release of its Danger Close report, Crowdstrike has acted as irresponsibly as the Washington Post did when the paper ran a story claiming that Russian hackers had breached a Vermont utility.

Blockchain will revise banking reality

“Business-to-business payments are full of inefficiencies,” points out Mougayar. He sees blockchain technology disrupting this sphere sooner than consumer payments. “Blockchain is a new set of rails,” he says. “And it is going to be a more efficient set of rails than the multitude of proprietary solutions and spaghetti kind of integrations that we have today. We now have a chance to rethink all of this.”

The Biggest Security Threats Coming in 2017

  • Consumer Drones Get Weaponized
  • Another iPhone Encryption Clash
  • Russian Hackers Run Amok
  • A Growing Rift Between the President and the Intelligence Community
  • DDoS Attacks Will Crash the Internet Again (And Again, And Again)
  • Ransomware Expands Its Targets

Latest iMessage Hack Crashes iPhone within Minutes

The new iMessage hack lets the attackers disable the Message app through sending an extensive contact record. This record file is pretty huge so as soon as the user taps on the recorded message, it immediately over-burdens the OS and terminates the app. The problem is that iPad and iPhone users who use iOS8 to iOS10.2.1 versions cannot do anything to prevent this assault. The most disturbing part of the hack is that it is very difficult to prevent or avoid unless the recipient of the message is aware of what is to be done.

Exposed MongoDB installs being erased, held for ransom

Currently, as of Monday morning, Gevers says he’s discovered 196 instances of a MongoDB installation exposed to the public that’s been erased and held for ransom. […] In each observed attack, the message remains the same – pay up or lose your data. It’s possible the attacker is finding open MongoDB installs via basic scanning or Shodan, Gevers said. It’s also possible they’re finding MongoDB installs that are vulnerable to various exploits, including one that allows remote authenticated users to obtain internal system privileges.

Criminals phish credit card numbers with ‘Twitter verification’ scam

Criminals are using the promise of verified accounts on social media to lure users into a credit card phishing scheme. According to research by Proofpoint, attackers are placing legitimate ads targeting brand managers and influencers with a link to a phishing site purporting to offer account verification. Usually, account verification on social networks such as Twitter, involves multiple verification steps for “accounts of public interest”.

Bear Hunting: History and Attribution of Russian Intelligence Operations [Video]

In this CrowdCast, CrowdStrike experts Adam Meyers, VP of Intelligence, and Dmitri Alperovitch, Co-Founder & CTO, will provide a detailed overview of the history of Russian intelligence influence operations going back decades and provide a deep dive overview of various BEAR (including FANCY BEAR AND COZY BEAR) intrusion sets and their tactics, techniques and procedures (TTPs). They will also discuss the considerable attribution evidence that CrowdStrike has collected from a variety of investigations into their operations and lay out the case for the Russian government connection to these hacks.

Vermont Grid ‘Hack’ Latest Tumble Down Attribution Rabbit Hole

As it turns out, a laptop at Burlington Electric Department was infected with the Neutrino Exploit Kit. There was no targeted attack. There was no attempt to access the grid, and no one tried to shut off the lights in the dead of winter. A Burlington Electric employee, like thousands of other Neutrino victims, was popped somewhere along the line with commodity malware. […] It was an unfortunate rush to judgment, and one that is going to continue because too many elected officials and decision-makers aren’t schooled in cyber.

Quantum computers ready to leap out of the lab in 2017

The team plans to achieve this using a ‘chaotic’ quantum algorithm that produces what looks like a random output. If the algorithm is run on a quantum computer made of relatively few qubits, a classical machine can predict its output. But once the quantum machine gets close to about 50 qubits, even the largest classical supercomputers will fail to keep pace, the team predicts. The results of the calculation will not have any uses, but they will demonstrate that there are tasks at which quantum computers are unbeatable — an important psychological threshold that will attract the attention of potential customers, Martinis says. “We think it will be a seminal experiment.”

White Hat Hacker Launches Public Support Site

A community platform to create cybersecurity awareness has been launched by security researcher Claudio Guarnieri, who has given it the name “Security Without Borders,” Motherboard reports. Announcing this at Chaos Communication Congress hacking festival in Hamburg on December 28, Guarnieri says the website’s goal is to allow white hat hackers to help targets and potential victims.