IT Security News Blast 10-25-2017

Super-rich fear their financial details will be exposed following Bermuda cyber hack
Appleby, a firm based in Bermuda with offices in many tax havens, said it was in the process of warning clients that they may be implicated in a massive leak of sensitive information. It is understood the leak involves some of Britain’s wealthiest people, who were instructing lawyers and public relations companies in an effort to protect their reputations.
http://www.telegraph.co.uk/news/2017/10/24/super-rich-fear-financial-details-will-exposed-following-bermuda/

 

The Need for Global Cyber Security Standards
Pinto addressed the fact that, currently, every country across the globe has a different standard for cyber security, even though we’re facing a significant universal problem. Unfortunately, when every country has different standards in place, we begin to place ourselves in a difficult position. Consequently, concerns are beginning to grow among financial market regulators and participants about the risks that cyber attacks might pose to the financial system.
https://www.commstrader.com/news/marketplace/need-global-cyber-security-standards/

 

Banking smart cards vulnerable to cryptographic attack
Now it’s been revealed that many Gemalto smartcards are capable of being cloned by skilled cyber criminals, enabling them to bypass security protections, such as data encryption and two-factor authentication. Cyber crooks are able to access the private part of these keys by tapping into the public counterpart, and this process can be conducted within just a few minutes.
https://www.computing.co.uk/ctg/news/3019702/widely-used-smart-cards-targeted-by-cryptographic-attack

 

Equifax breach drives legislative push on data privacy
Rep. David Cicilline (D-R.I.) is the latest member of Congress to offer a legislative answer to the growing problem of consumer data breaches. His Consumer Privacy Protection Act, introduced Oct. 19, orders companies to notify consumers if sensitive information has been compromised in a data breach. The bill widens the scope of sensitive information, including not just Social Security and credit card numbers, but also digital photographs and geographical and biometric data.
https://fcw.com/articles/2017/10/23/data-breach-legislation-berliner.aspx

 

NC health system’s network disrupted by new WannaCry strain
FirstHealth of the Carolinas blamed a new strain of the WannaCry virus for system disruptions that began Oct. 17 and continued throughout last week. On identifying the threat, FirstHealth shut down its network and did a security check of more than 4,000 devices and more than 100 locations connected to the network.
http://www.healthcaredive.com/news/nc-health-systems-network-disrupted-by-new-wannacry-strain/507950/

 

Hospital loses $10m to cyberattack, but broker’s recommendation saves the day
The hospital has estimated costs relating to the cyberattack have already reached almost $10 million. The broker’s recommendation was timely and necessary. “Hospitals are targets, and if they are hit they’re going to get hit hard,” said Reggie Dejean, specialty insurance director at Lawley, an independent agency in Buffalo, New York. “These aren’t fender-bender [type claims], these are head-ons when you have large clients like this.
http://www.insurancebusinessmag.com/us/news/cyber/hospitals-loses-10m-to-cyberattack-but-brokers-recommendation-saves-the-day-82640.aspx

 

Health Care Focus: information exchanges getting mixed reviews
When the exchanges were created, their goal was to allow “information to follow a patient where and when it is needed, across organizational, vendor and geographic boundaries,” notes the Office of the National Coordinator for Health Information Technology, or ONC, a federal agency that supports states with grants, awards and guidelines. However, Paul Kempen, an anesthesiologist at the Weirton Medical Center in West Virginia, doesn’t see it happening that way. One of his big complaints is that various state systems don’t “talk to each other.”
http://djcoregon.com/news/2017/10/24/health-care-focus-information-exchanges-getting-mixed-reviews/

 

Defending the Oil and Gas Sector From Cyber-Attacks
State-sponsored actors in particular have a history of targeting the ONG sector for political purposes, and often have the ample resources needed to achieve their objectives. In contrast, jihadist actors typically seek to disrupt economies and carry out attacks for adversarial and ideological gain. When compared to other groups of adversaries, jihadists tend to possess fewer skills and resources for carrying out disruptive cyber attacks on well-defended ONG companies.
https://oilvoice.com/Opinion/9557/Defending-the-Oil-and-Gas-Sector-From-CyberAttacks

 

James Mattis Voices Concerns Over Cyber Language in Fiscal 2018 Defense Policy Bill
Defense Secretary James Mattis has asked Congress to remove a language in the proposed fiscal 2018 National Defense Authorization Act that would pressure the U.S. to notify foreign governments of cyber attacks in the event that the Defense Department has decided to counter such breaches, Reuters reported Thursday. “The nature of cyber attacks is ever evolving, and we need to maintain our ability to take decisive action against this increasingly dangerous threat,” Mattis wrote in a Tuesday letter to Congress.
http://www.executivegov.com/2017/10/james-mattis-voices-concerns-over-cyber-language-in-fiscal-2018-defense-policy-bill/

 

New Cyber Attacks Are Hitting Airports and Metro Systems in Ukraine
Cyber attacks hit Ukraine’s Odessa airport and the metro system in Kiev on Tuesday, with the state-run Computer Emergency Response Team (CERT) saying a new wave of hacks was hitting the country and asking transport networks to be on particular alert. […] “We ask the owners of telecommunication systems, other information resources, transport infrastructure first of all, as well as ordinary internet users, to comply with stricter cyber security requirements,” CERT-Ukraine said in a statement.
http://fortune.com/2017/10/24/ukraine-odessa-kiev-airport-metro-cyber-attacks/

 

North Korea cyber attack capabilities: What could Kim Jong-un do?
NORTH KOREA is capable of unleashing a chaotic attack on Australia or the United States without launching a single missile. Instead the secretive nation could potentially unleash chaos with a cyber attack targeting critical infrastructure such as an electricity grid. […] [The] possibility of Pyongyang shutting down Sydney’s electricity grid through cyber power remained highly unlikely but protecting key infrastructure against such an attack was something the government should be prepared for.
http://www.news.com.au/technology/online/hacking/north-korea-cyber-attack-capabilities-what-could-kim-jongun-do/news-story/1d7d7dbcd0ee18201eee6101160e7c0f

 

There’s a difference between the right and wrong approach to surveillance reform
It’s a supreme act of cowardice when senators choose to unnecessarily hide behind closed doors to debate issues of national importance. That cowardice was on full display today as the Senate Intelligence Committee, despite objections, held a closed session vote on a bill to reauthorize warrantless surveillance under Section 702 of the Foreign Intelligence Surveillance Act (FISA), which is set to expire at the end of this year. The committee is expected to vote on a bill to extend the law for eight years without any substantial reforms.
http://thehill.com/opinion/technology/356940-theres-a-difference-between-the-right-and-wrong-approach-to-surveillance

 

Senators push bill requiring warrant for U.S. data under spy law
The effort, led by Democrat Ron Wyden and Republican Rand Paul, would require a warrant for queries of data belonging to any American collected under the program. The bill’s introduction is likely to add uncertainty to how Congress will renew a controversial portion of a spying law due to expire on Dec. 31. […] It would renew Section 702 for four years with additional transparency and oversight provisions, such as allowing individuals to more easily raise legal challenges against the law and expand the oversight jurisdiction of the Privacy and Civil Liberties Oversight Board, a government privacy watchdog.
https://uk.reuters.com/article/uk-usa-cyber-surveillance-congress/senators-push-bill-requiring-warrant-for-u-s-data-under-spy-law-idUKKBN1CT18W

 

Edward Snowden urges public to always question justification for invasions of privacy
Speaking today via video link at the Cyber Threat Summit at the Helix in DCU Mr Snowden urged those in attendace and the wider public to always question powerful institutions and established authority. He said the the public should not lose sight of the fact that the number of people dying in terrorism-related incidents was greater in the 1960s than it was today. “People like to think of the law as establishing how governments work but the law only has that effect insofar as the government abides by the law.
http://www.irishexaminer.com/breakingnews/ireland/edward-snowden-urges-public-to-always-question-justificationfor-invasions-ofprivacy-811196.html

 

Trump’s DOJ Subpoenaed Twitter For Information On Legal And Privacy Bloggers
The Trump administration’s Department of Justice issued a subpoena to Twitter for information on five accounts in May of this year. Most of the accounts in question belong to bloggers, attorneys and authors interested in law and privacy issues. Five users are cited in the May 17 request. The subpoena reads: Please provider subscriber and transactional information, from account creation date to present, for the following Twitter account(s): The five users then cited are: @popehat, @PogoWasRight, @associatesmind, @dawg8u and @abtnatural.
https://lawnewz.com/crazy/trumps-doj-subpoenaed-twitter-for-information-on-legal-and-privacy-bloggers/

 

Political ads on Twitter will now be labeled with lots of spending data
In light of recent Russia-related disclosures, American politicians have begun weighing in on the lack of transparency in the world of politically motivated online ads. On Tuesday, Twitter chose to get ahead of potential political and legal action by announcing plans to open its advertising disclosure process in a big way. […]  Political ads received a specific focus, and new rules will apply to any ads that fall under the FEC’s definition of political or “electioneering” ads. The interesting stuff here is how much data Twitter will force any political advertisers to disclose, including the following: exactly how much money a single advertiser has spent, other ad campaigns run by the same organization, and all targeting demographics (gender, age, geography).
https://arstechnica.com/tech-policy/2017/10/political-ads-on-twitter-will-now-be-labeled-with-lots-of-spending-data/

 

After quietly infecting a million devices, Reaper botnet set to be worse than Mirai
Not only has the botnet gained in size in the past month — it’s growing in capability. New exploits have been added to the botnet’s arsenal regularly in recent days, said Netlab. Check Point said 33 devices are vulnerable to attack so far. Researchers have also noted that several known, easy-to-exploit vulnerabilities have not been added to the botnet, raising questions about why some exploits have been added and not others. But what’s thrown researchers is that nobody can figure out what the botnet is for.
http://www.zdnet.com/article/reaper-botnet-could-be-worse-than-mirai-cyberattack/

 

Legislative Efforts in the Wake of Maritime Cyberattacks
The specter of potentially crippling attacks against shipping has caused legislators to scramble to find ways to improve cybersecurity at ports and along the supply chain, which contributes to much of the high-tech security issues onboard ships. Most notably, in May, Congress passed the Intelligence Authorization Act for Fiscal Year 2017, which requires the Department of Homeland Security to report on cybersecurity threats to U.S. maritime concerns and entities conducting operations in U.S. seaports.
https://maritime-executive.com/editorials/legislative-efforts-in-the-wake-of-maritime-cyberattacks

 

Fifth annual survey by Raytheon, Forcepoint and NCSA finds young adults’ interest in cybersecurity careers stagnant
The fifth annual study, Securing Our Future: Cybersecurity and the Millennial Workforce, captures alarming trends among millennials including riskier online behaviors today than in 2013, despite the known consequences. Additionally, the survey showed the dominant share (43 percent) of survey respondents believe the final outcome of the 2016 U.S. presidential election was influenced by cyber attacks. These findings echo national sentiments as a recent string of large-scale data breaches has shaken the public’s confidence in the security of critical information and infrastructure.
http://markets.businessinsider.com/news/stocks/Fifth-annual-survey-by-Raytheon-Forcepoint-and-NCSA-finds-young-adults-interest-in-cybersecurity-careers-stagnant-1001790701

 

Whois Maintainer Accidentally Makes Password Hashes Available For Download
APNIC was alerted to the problem on Oct. 12 when it said a security researcher from eBay’s Red Team reported that the downloadable Whois data was being republished on a third party website. The company said the issue was resolved on Monday. “Although password details are hashed, there is a possibility that passwords could have been derived from the hash if a malicious actor had the right tools,” said Sanjaya Sanjaya, deputy director general, at APNIC wrote in a blog post outlining the mishap.
https://threatpost.com/whois-maintainer-accidentally-makes-password-hashes-available-for-download/128586/

 

FIN7 Spear Phishing Attacks Now Aim At Avoiding Detection
According to their findings, FIN7 is exploiting victims in the retail industry using various phishing techniques and continuously adapting phishing documents to evade detection. After compromising the Point of Sale systems of the targeted company, it steals a massive amount of protected card data. FIN7 is extremely flexible when it comes to adaptability and manages to avoid detection along with affecting a large number of retail companies across the US.
https://www.hackread.com/fin7-spear-phishing-attacks-now-aim-at-avoiding-detection/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>