IT Security News Blast 10-5-2017

SEC hack came as internal security team begged for funding

In a memo sent to the SEC’s inspector general, the head of the SEC’s Digital Forensics and Investigations Unit complained that his team was woefully underfunded, undertrained, and forced to work with repurposed equipment and hard drives that had been designated by other branches of the SEC for disposal. The memo to SEC Inspector General Carl Hoecker, shared with Reuters by a congressional staffer, cited “serious deficiencies” in funding and support.

https://arstechnica.com/information-technology/2017/10/sec-hack-came-as-internal-security-team-begged-for-funding/

FICO-Like Cybersecurity Scores Are Imminent: What Do They Mean For Your Business?

This system is already underway. The U.S. Chamber of Commerce recently announced that finance titans like Goldman Sachs, Morgan Stanley and JPMorgan Chase, as well as retail giants like Starbucks and Home Depot, are combining efforts to establish shared principles for cybersecurity ratings. Meanwhile, the U.S. Chamber of Commerce has stated that a central security ratings system would allow organizations to review their own scores to identify weaknesses and seek the ratings of their partners, vendors or acquisition targets to evaluate risks.

https://www.forbes.com/sites/forbestechcouncil/2017/10/05/fico-like-cybersecurity-scores-are-imminent-what-do-they-mean-for-your-business/#4268ecde6660

Cybersecurity Is Not a Device

We find that many organizations believe cybersecurity is a device, such as a modern firewall. Perimeter defense, universally associated with a firewall, is of critical importance. While device-based solutions to cybersecurity management remain the most common misconception, we find many firms also have complementary programs that provide a false sense of security. Devices don’t prevent data breaches on their own — mature processes do.

https://www.forbes.com/sites/forbestechcouncil/2017/10/02/cybersecurity-is-not-a-device/#2a8941d25728

Cybersecurity: Lessons from 5 States

Cybersecurity was perhaps the most consistent thread running through all the programming at the annual NASCIO conference this week. It’s on the minds of state CIOs, and many have well-developed strategies to protect state IT systems and constituent data, combat current threats and build strong cyberdefenses. Here’s a look at a few state programs[.]

http://www.govtech.com/security/Cybersecurity-Lessons-from-5-States.html

HITRUST Deploys ‘Honeypots’ to Gain Knowledge of Cyber Attack Methods

HITRUST said it has taken the concept to the next level by designing a deception environment that spans across many healthcare organizations via the HITRUST CTX threat-sharing infrastructure. HITRUST has also deployed decoys of commonly used systems including leading EHRs, medical devices and other healthcare-specific systems. HITRUST facilitates the 24/7 monitoring of the activity.

https://www.healthcare-informatics.com/news-item/cybersecurity/hitrust-deploys-honeypots-gain-knowledge-cyber-attack-methods

Securing a national treasure – healthcare: is it possible?

The general consensus was that the threat can be mitigated, but it is no easy task. It is important, Information Age learned, for law enforcement agencies and healthcare organisations to work together. A public and private collaboration can help disrupt the success of attackers, by upstreaming intelligence, and sharing threats and vulnerabilities.

http://www.information-age.com/securing-healthcare-possible-123468889/

Report: Healthcare Organizations Spend $12.5 Million a Year on Cybersecurity

Looking at 15 different industry sectors, the study found that financial services has the highest cost of cybercrime, at $18.3 million, on average, a year, followed by utilities and energy, costing $17.2 million a year. For organizations in the healthcare sector, the average annualized cost of cybercrime is $12.5 million a year, making healthcare the fifth most costly industry.

https://www.healthcare-informatics.com/news-item/cybersecurity/report-healthcare-organizations-spend-125-million-year-cybersecurity

Russia may have tested cyber warfare on Latvia, Western officials say

Latvian officials suspect Moscow targeted Latvia’s emergency services’ 112 hotline, which failed for the first time on Sept. 13, just before the most intensive phase of Russia’s biggest war games since 2013, known as Zapad, or West, the officials said. “Russia appears to have switched on a mobile communications jammer in Kaliningrad, a very powerful one that wasn’t aimed at Latvia, but towards Gotland, the Aland Islands,” said Karlis Serzants, the deputy chairman of the Latvian parliament’s National Security Committee.

https://www.reuters.com/article/us-russia-nato/russia-may-have-tested-cyber-warfare-on-latvia-western-officials-say-idUSKBN1CA142

German spy agencies want right to destroy stolen data and ‘hack back’

He said it would also make sense to “infect” foreign servers with software that would enable greater surveillance of any operations directed against German cyber targets, or to extract data, much as human agents are recruited for counter-espionage. “In the real world, it would be like turning a foreign intelligence agent and getting them to work for us … Something like this should be possible in the cyber world too,” Maassen told the committee in its first public hearing.

http://www.reuters.com/article/us-germany-cyber/german-spy-agencies-want-right-to-destroy-stolen-data-and-hack-back-idUSKBN1CA1IN?il=0

Donald Trump ‘ordered hackers to launch cyber-warfare’ against North Korea

Hackers working for US Cyber Command targeted North Korea’s military spy agency, the Reconnaissance General Bureau, according to the Washington Post. It has been claimed the US bombarded the spy agency’s computer servers with so much traffic it eventually blocked their Internet access. The Cyber Command operation was part of the overall campaign set in motion many months ago and the effects were temporary and not destructive.

http://www.express.co.uk/news/world/862289/world-war-3-donald-trump-ordered-cyber-attacks-against-north-korea-spy-agency

North Korea’s cyber fingers are in many pots

Knowledge of the DPRK cyber operations capabilities has been the focus of the Center for Strategic Studies for many years. In the center’s December 2015 report “North Korea’s Cyber Operations – Strategy and Responses,” they note how DPRK’s peacetime strategy includes “launching low-intensity unconventional operations to disrupt the peaceful status quo without escalating the situation to a level the DPRK cannot control or win.”

https://www.csoonline.com/article/3230495/security/north-koreas-cyber-fingers-are-in-many-pots.html

Time to be worried about cyber warfare in the Gulf

The region also has the dubious honor of being home to what has been described as “the biggest cyber attack in history.” In 2012, Saudi Aramco was the victim of a hugely destructive assault by the Shamoon virus, which caused some 35,000 computers at the oil company to malfunction. The effects of the attack — likely caused by a foreign government, intelligence officials said at the time — took weeks to clear, but could have been even more serious if they had targeted oil production facilities, rather than head office.

http://www.arabnews.com/node/1172501

Bulletproof hosts stay online by operating out of disputed backwaters

One of the most infamous BPH operations, the Russian Business Network (RBN), pioneered the market a decade ago and became notorious for phishing, spam, malware distribution and even child abuse material. The crooks behind the network understood Border Gateway Protocol (BGP), peering, routing, and how these technologies could be used to hide their core infrastructure while providing connectivity to clients. Its founder was long rumoured to be the nephew of a high-ranking St Petersburg politician.

https://www.theregister.co.uk/2017/10/05/bulletproof_hosting/

White House cybersecurity chief: Social Security numbers a ‘flawed system’

“I believe the Social Security number has outlived its usefulness,” Rob Joyce said Tuesday at The Washington Post’s Cybersecurity Summit. In the wake of the Equifax security breach, the White House is looking for safer ways, based on newer technology, to verify Americans’ identities. “It’s a flawed system that we can’t roll back after a breach,” Joyce said. Equifax hackers gained access to the Social Security numbers of more than 145 million Americans in a recent breach, The Hill reported.

http://www.ajc.com/news/white-house-cybersecurity-chief-social-security-numbers-flawed-system/86XMhdBC9gDYuL0hG0ykBL/

10 questions job seekers can expect in a cybersecurity interview

“I might hand them some log data and ask questions about the contents of the data. I might hand them a forensic capture from a system and ask them to perform light investigative work and answer details about the attacker,” Pollard said. “If the person was going to be a developer I might ask them to write some code that could parse through data. If the person was going to be a penetration tester, I might hand them a basic web application and ask them to attack it.”

http://www.techrepublic.com/article/10-questions-job-seekers-can-expect-in-a-cybersecurity-interview/

Spy vs spy vs hacker vs… who is THAT? Everyone’s hacking each other

The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly difficult for security researchers, according to Kaspersky Lab. Threat intelligence depends on spotting patterns and tools that point towards a particular threat actor. Related work allows researchers to infer a hacking group’s targets and objectives before advising clients about the risk they face. This process falls down now that threat actors are hacking each other and taking over tools, infrastructure and even victims.

https://www.theregister.co.uk/2017/10/05/fog_of_cyberwar/

Israeli Firm Offering WiFi Interception Service to Law Enforcement Agencies

Now it is time to welcome a new entrant at the Israeli digital mafia spectrum called WiSpear. It is a firm that is focusing on capturing the Wi-Fi interception domain of the market. It is a technology that is in great demand nowadays, and every state-owned institution including intelligence agencies, law enforcement, and military agencies pay hackers to infiltrate the networks of their targets.

https://www.hackread.com/israeli-firm-wispear-wifi-interception-law-enforcement-agencies/

 

 ====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.