IT Security News Blast 11-03-2017

Election Cybersecurity

Were you aware that October was Cybersecurity Awareness Month?
In case you didn’t participate in Security Awareness Training (SAT) this past October, this video training for government staff provided by Mike Hamilton can get you caught up.
https://goo.gl/dnRNxe

 

Advisors ‘Lagging’ in Proper Insurance Against Cyberattacks
Financial advisors are also seen sometimes as less interested in cyberinsurance than other financial sector businesses. On top of this, only 29 percent of advisors questioned in a 2016 survey by the Financial Planning Association (FPA) completely agreed they were “fully prepared to manage and mitigate the risks associated with cybersecurity.”
http://www.thinkadvisor.com/2017/11/02/advisors-lagging-in-proper-insurance-against-cyber

 

Cyber risk – speaking the language of the CFO
CFOs and FDs in particular have the best view of the entire threat landscape of their organisation, so must train their security leadership team to converse with them in the way they want to provide effective defence against cyber threats. […] This may require involving the CISO in strategy or business development meetings for example, as well as board meetings, so they are aware of recent initiatives and can express their security concerns from a business viewpoint.
http://dofonline.co.uk/2017/11/02/cyber-risk-speaking-language-cfo/

 

Cyber attack, storms and catastrophic events top power and utilities risk ranking
As the frequency of catastrophic events accelerates, resilience and business continuity are being tested across the sector, with 80% of respondents indicating that business interruption will become more or much more important in the future. […] “Utilities need to ask themselves whether their operating model is agile enough to react to unexpected events as they unfold, and whether they have the right resiliency to recover.
https://www.finchannel.com/business/69159-cyber-attack-storms-and-catastrophic-events-top-power-and-utilities-risk-ranking

 

HHS continuing to push for health care cyberthreat sharing
[The] 2015 Cybersecurity Information Sharing Act […] called on the agency, which is tasked with protecting the health care and public health critical infrastructure sector, to stand up a Health Care Industry Cybersecurity Task Force as well as disseminate information across industry to improve the sector’s cyber posture under Section 405 D.
https://www.fedscoop.com/hhs-continuing-push-cyber-threat-sharing-initiatives-health-care/

 

Hospital Impact—Cybersecurity breaches pose major legal threat to healthcare providers
Although no loss of life has yet been reported due to one of these device vulnerabilities or ransomware attacks, it is only a matter of time until medical device manufacturers, hospital administrators and healthcare providers are sued. While insurers may seek shelter in cyber policies’ personal injury exclusions, limits and sublimits, healthcare providers may find themselves facing a new kind of malpractice claim—one that may not be covered by their usual malpractice policy.
http://www.fiercehealthcare.com/hospitals/hospital-impact-cybersecurity-breaches-pose-major-legal-threat-to-healthcare-providers

 

What Should Entities Expect with OCR HIPAA Enforcement?
“What they’re saying about enforcement is not a sharp change because they’ve been saying it for a number of years,” Meisinger explained. “They’ve been saying, ‘We don’t have the ability to investigate every data breach in the country, but we do have the ability to make examples of people.’”
https://healthitsecurity.com/news/what-should-entities-expect-with-ocr-hipaa-enforcement

 

Active Army cyber teams fully operational a year-plus ahead of schedule
The focus of U.S. Cyber Command’s Cyber Mission Force teams aligns with the DoD Cyber Strategy’s three primary missions: Defend DoD networks and ensure their data is held secure; support joint military commander objectives; and, when directed, defend U.S. critical infrastructure.
https://www.dvidshub.net/news/253884/active-army-cyber-teams-fully-operational-year-plus-ahead-schedule

 

U.S. authorities identify six Russian officials in DNC hack: WSJ
Federal agents and prosecutors in Washington, Philadelphia, Pittsburgh and San Francisco have been cooperating on the DNC investigation and prosecutors could bring the case to court next year, it said. By identifying individual Russian military and intelligence hackers with charges, U.S. authorities could make it difficult for them to travel, but arrests and jailing would be unlikely, according to the Journal report.
http://www.reuters.com/article/us-usa-trump-russia-hackers/u-s-authorities-identify-six-russian-officials-in-dnc-hack-wsj-idUSKBN1D21MI

 

Is the Global Cyber Warfare Crisis at Tipping Point?
This reality is eye-opening, to say the least, and according to cybersecurity experts, the worst might yet still be ahead of the financial sector. Now, Dmitri Alperovitch, chief technology officer at cybersecurity firm CrowdStrike is warning that there is growing concern that Pyongyang may become more destructive with its cyberattacks: taking cyber warfare to previously unknown levels.
https://www.bestvpn.com/privacy-news/global-cyber-warfare-crisis/

 

Liberty Act Presents Another “Fake Fix” To Controversial NSA Spying Program
Though the bill does extend some protections to whistleblowers, it applies only to those who go through the “proper” channels and engage in the “lawful disclosure” of abuses. Numerous whistleblowers, including Snowden, pursued these very channels without success. Whistleblowers who speak to the media or to privacy advocacy organizations would not benefit from the Liberty Act’s proposed protections.
https://www.mintpressnews.com/liberty-act-another-fake-fix-controversial-nsa-spying-program/233967/

 

Challenges to U.S. election integrity
Various concerns about the security of U.S. elections have arisen over the past two decades, some more significant than others. While many studies have shown that voter fraud, for instance, is vanishingly rare in the U.S., what about the state of electoral administration, lost votes, and cyberattacks? On 16 October, two experts teamed up at MIT to share insights from their research on what is and isn’t working in America’s electoral system.
http://www.homelandsecuritynewswire.com/dr20171102-challenges-to-u-s-election-integrity

 

US government wants “keys under doormat” approach to encryption
Rosenstein said encryption serves, “a valuable purpose.” He called it, “a foundational element of data security and essential to safeguarding data against cyber-attacks.” And he said he supports, “strong and responsible encryption.” Which to him means, “effective, secure encryption, coupled with access capabilities.”
https://nakedsecurity.sophos.com/2017/11/01/us-government-wants-keys-under-doormat-approach-to-encryption/

 

Michigan Governor Signs Volunteer Cyber Corps Bill
With the new law, called the Cyber Civilian Corps Act, the team is now designated in statute and doesn’t need a state of emergency to be called into action. That means it can step in, when requested, and provide technical assistance if the state gets hit by a cyberattack or data breach. The law also broadens the team’s reach to allow it to help local governments, nonprofits and businesses across the state.
http://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2017/10/30/michigan-governor-signs-volunteer-cyber-corps-bill

 

Georgia attorney general quits defense in server wiping case
The Georgia attorney general’s office will no longer represent the state’s top elections official in an elections integrity lawsuit filed three days before a crucial computer server was quietly wiped clean. […] The erased hard drives are central to the lawsuit because they could have revealed whether Georgia’s most recent elections were compromised by hackers. Russian interference in U.S. politics, including attempts to penetrate voting systems, has been an acute national preoccupation since last year.
https://apnews.com/0b9004bc3828468d9dc636054140a047

 

Another misconfigured Amazon S3 server leaks data of 50,000 Australian employees
This is country’s second largest data breach since the information of 550,000 blood donors was leaked last year. Records including full names, passwords, salaries, IDs, phone numbers, and some credit card data were left exposed with 25,000 of the records coming from AMP Ltd, 17,000 records belonging to Cimic Group Ltd. subsidiary UGL Ltd, 4,770 from Australian government departments, and 1,500 from Rabobank, according to iTnews.
https://www.scmagazine.com/contractor-misconfigures-aws-exposes-data-of-50000-australian-employees/article/704873/

 

Hackers Stole $150,000 from Cryptocurrency Wallets Using CryptoShuffler Trojan
The Trojan attacks cryptocurrency wallets by modifying the original, legitimate address of the user with its own on the clipboard of the targeted device. As per the researchers at Kaspersky Lab, attacks that involve hijacking of clipboards are not unheard of as there are instances where attackers targeted online payment systems with this method but cases involving hijacking of cryptocurrency host address are quite rare.
https://www.hackread.com/hackers-stole-from-cryptocurrency-wallets-using-cryptoshuffler-trojan/

 

Devilish ONI Attacks in Japan Use Wiper to Cover Tracks
A new bootkit was also found during these attacks called MBR-ONI used by the same attackers. The bootkit borrowed a page from the recent Bad Rabbit attacks and built its ransomware around the DiskCryptor disk encryption utility. The researchers believe MBR-ONI comes from the same attackers behind ONI given the two pieces of malware were used in the same attacks and the ransomware note contains the same email address.
https://threatpost.com/devilish-oni-attacks-in-japan-use-wiper-to-cover-tracks/128733/

 

Man who used botnet to earn college tuition dodges jail time, gets probation
A man who controlled a botnet 77,000 computers strong, earning money for tuition by renting it to others to send spam, won’t see the inside of a jail cell for his misadventure. Sean Tiernan, now enrolled in the Stanford CyberSecurity Graduate Program and “employed continuously with a well-known company in the cybersecurity sector,” Bleeping Computer reported his lawyers as saying, was instead sentenced Monday to two years of probation by a judge in Pittsburgh.
https://www.scmagazine.com/man-who-used-botnet-to-earn-college-tuition-dodges-jail-time-gets-probation/article/704871/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.