IT Security News Blast 11-01-2017

Daily IT News Blast, Hacked Computer

Next IoT Botnet DDoS Attack Could Bring Down the Entire Internet
Right now, Reaper has not yet attempted a massive DDoS attack, so the motives are not yet clear. The consensus appears to be that Reaper is trying to grow to a large enough size where it can do more than just knock parts of the Internet offline – it could potentially use infected devices to take down the whole Internet with an unprecedented DDoS attack.
https://www.cpomagazine.com/2017/10/31/next-iot-botnet-ddos-attack-bring-down-entire-internet/

 

Restoration costs of ransomware attacks triples since 2016
Ransomware has become the new plague to run rampant through the cyber world, rising to the fifth most common malware type and causing the costs of restoring computer systems from such attacks to triple since 2016.
https://www.reinsurancene.ws/restoration-costs-ransomware-attacks-triples-since-2016/

 

What to do when hacked: The secret to managing a cyber crisis
It is safe to assume that cyber security professionals cannot be fully prepared for an attack, unless they have already dealt with managing emotions in the middle of a serious crisis. By working on boosting cross-functional communication prior to being under the pressure of a breach, IT teams can be that much closer to keeping their cool while everything around them seems to be going up in flames.
https://www.computerworld.com.au/article/629348/what-do-when-hacked-secret-managing-cyber-crisis/

 

How the FDA Pushes Medical Device Cybersecurity
Released in late 2016, the guidance for post-market management is a 30-page document that lists specific vulnerabilities that companies should test, how they should go about doing that, threat reporting recommendations, and more. For instance, the document notes that changes to a medical device made solely to boost security—like a patch—are considered enhancements and don’t need to be reported.
http://www.hcanews.com/news/how-the-fda-pushes-medical-device-cybersecurity

 

EHNAC: Risk Assessments, IoT Security Crucial in Attack Mitigation
Hospitals and healthcare organizations need to keep a strong focus on their risk management and risk assessment process and ensure that any third parties or business associates also have proper security and IT risk management protocols in place, according to Electronic Healthcare Network Accreditation Commission (EHNAC) Executive Director Lee Barrett.
https://healthitsecurity.com/news/ehnac-risk-assessments-iot-security-crucial-in-attack-mitigation

 

Latest WannaCry Attack Stresses Healthcare’s Need to Fortify Defenses
The task force discovered a “severe” lack of security specialists, according to Corman, with 85% or more medical organizations—particularly small, medium, and rural hospitals—lacking a single qualified security person on staff. “They have more janitors at these hospitals than they do security people,” he said.
http://www.hcanews.com/news/latest-wannacry-attack-stresses-healthcares-need-to-fortify-defenses

 

What Are Basic, Essential Healthcare Cybersecurity Measures?
OCR also urged covered entities and business associates to regularly train staff members on cybersecurity issues. This can include but is not limited to employee training on phishing emails and when to report a cyber incident and to whom. Employee security awareness was the greatest healthcare data security concern for 80 percent of surveyed health IT executives and professionals, a HIMSS Analytics survey found.
https://healthitsecurity.com/news/what-are-basic-essential-healthcare-cybersecurity-measures

 

Cyber-Attack: What’s at Stake
Spoofing, jamming, phishing, malware and ransom ware are not terms that were associated with the maritime and shipping sector until recently. But reality has changed and so has the game. Physical attacks are passé and it’s the day and age of cyber criminals who are targeting critical infrastructure sectors like maritime and shipping to cause maximum damage.
https://www.maritime-executive.com/features/cyber-attack-whats-at-stake

 

North Korea denies involvement in WannaCry cyber attack
“The moves of the UK government to doggedly associate the DPRK with the cyberattack cannot be interpreted in any other way than a wicked attempt to lure the international community into harboring greater mistrust of the DPRK,” the spokesman said, using the initials of the North’s official name.
http://www.financialexpress.com/world-news/north-korea-denies-involvement-in-wannacry-cyber-attack/913457/

 

Iran’s hacking ability improving: Israeli general
Major General Nadav Padan, who heads the military’s command, control, computer, communications and intelligence (C4I) plus cyber division, told a Reuters Summit that Iran has mounted attacks on Israel with the help of proxies like Lebanese Shi‘ite group Hezbollah. “They are not the state of the art, they are not the strongest superpower in the cyber dimension, but they are getting better and better,” Padan said.
https://www.reuters.com/article/us-cyber-summit-padan/irans-hacking-ability-improving-israeli-general-idUSKBN1D02O0

 

Bipartisan Bill Would Boost States’ Election Cybersecurity
The bill proposed Tuesday by Republican Susan Collins of Maine and Democrat Martin Heinrich of New Mexico would authorize federal grants to states to upgrade their systems and require better sharing of information about efforts to hack state voting systems. The government confirmed that Russians sought to probe the databases of 21 states last year, but delayed for months disclosing which states were targeted.
https://www.bloomberg.com/news/articles/2017-10-31/state-voting-cybersecurity-would-get-boost-in-bipartisan-bill

 

Researchers warn state system to catch voter fraud has 99% false positive rate
A database system that will now be used by Indiana to automatically purge voter registrations that have duplicates in other states is 99 percent more likely to purge legitimate voters, according to a paper published last week by researchers from Stanford University, the University of Pennsylvania, Harvard, Yale, and Microsoft Research. Using the probability of matching birth dates for people with common first, middle, and last names and an audit of poll books from the 2012 US presidential election, the researchers concluded that the system would de-register “about 300 registrations used to cast a seemingly legitimate vote for every one registration used to cast a double vote.”
https://arstechnica.com/information-technology/2017/10/researchers-warn-state-system-to-catch-voter-fraud-has-99-false-positive-rate/

 

Trump Administration to Craft New Cybersecurity Plan
White House Homeland Security Adviser Tom Bossert said today that the Trump administration will establish a new cybersecurity strategy that draws from the president’s Executive Order signed in May. “As soon as we’re prepared to put forward a strategy that will be beneficial to the government and the nation, we’ll do so,” Bossert said, according to a DefenseOne report.
https://www.darkreading.com/threat-intelligence/trump-administration-to-craft-new-cybersecurity-plan/d/d-id/1330281?

 

AMC prepares to move into the “Cloud”
Air Mobility Command has begun aggressive efforts to migrate its cyber systems to a cloud-based model, providing Mobility Airmen more efficient and secure ways to access and store data. […] Adams added that a Cloud-based service also enhances readiness and customer service responses to IT issues by decreasing the time it takes to develop software security patches and disseminate the patches to customers.
http://www.amc.af.mil/News/Article-Display/Article/1354191/amc-prepares-to-move-into-the-cloud/

 

North Korea’s Elite Cyber Soldiers Hacked Top Secret Warship Blueprints, Seoul Lawmaker Says
Opposition party politician Kyung Dae-soo said the hack occurred in April last year and that North Korea obtained around 40,000 documents, including 60 classified military files. Kyung, who was briefed on a South Korean Ministry of Defense investigation into North Korean cybercrime, believes it is highly likely that blueprints for military vessels—including submarines and an Aegis-class warship—were among the stolen files.
http://www.newsweek.com/north-koreas-cyber-attack-hacked-south-koreas-warship-plans-seoul-lawmaker-696956

 

EU to Declare Cyber-Attacks “Act of War”
The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances.” The framework on a joint EU diplomatic response to malicious cyber activities would seem to raise the stakes significantly on state-sponsored attacks, especially those focused on critical infrastructure.
https://www.infosecurity-magazine.com/news/eu-to-declare-cyber-attacks-act-of/

 

Where Emerging Cybersecurity Technology Fits in Your Business
Half of the organizations surveyed by AT&T indicated they plan to increase their security staffs over the next 12 months. However, talent has never been as tough to come by. The U.S. has a reported skills gap of 300,000 cybersecurity experts. The shortage is particularly evident when it comes to threat prevention, threat detection and threat analysis – three of the most important areas of any cyberdefense.
https://www.csoonline.com/article/3235175/data-breach/where-emerging-cybersecurity-technology-fits-in-your-business.html

 

Popular ‘Circle with Disney’ Parental Control System Riddled With 23 Vulnerabilities
“Through these exploitable vulnerabilities, a malicious attacker could gain various levels of access and privilege,” wrote Cisco Talos researchers who worked with Circle Media to mitigate against the near two-dozen vulnerabilities. Of those flaws, one vulnerability (CVE-2017-12087) received a CVSS score of 10, the highest you can get. That was for a Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability, according to Cisco Talos.
https://threatpost.com/popular-circle-with-disney-parental-control-system-riddled-with-23-vulnerabilities/128711/

 

Malicious Chrome Extension Steals ‘All Posted Data’ without Login Credentials
When md0 file is executed, it disables Windows Firewall and kills all the processes of Google Chrome to install the malicious Catch-All extension written in JavaScript. When this is achieved, it extracts the extension and modifies Chrome launcher’s “.Ink” files to load it when the next time it is executed. All the data posted by the victim on any website is hijacked by the extension and sent to a C&C server through jQuery and Ajax connections.
https://www.hackread.com/malicious-chrome-extension-steals-data-without-login-credentials/

 

Cryptoshuffler trojan diverting bitcoin payments to criminal’s pockets
The CryptoShuffler Trojan uses the devices clipboard and depends upon the user not paying enough attention during the transaction process, Kaspersky Labs reported. So far the process has allowed 23 BTC, or about $145,000, to be stolen in the year that CryptoShuffler has been in the wild. It is also capable of targeting Ethereum, Zcash, Dash and Monero.
https://www.scmagazine.com/cryptoshuffler-trojan-diverting-bitcoin-payments-to-criminals-pockets/article/704202/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.