IT Security News Blast 11-07-2017

Bank Cybersecurity News

Securing the future of banking
Attacks that lead to a systematic leakage of data over time don’t have the immediate shock effect of a swift attack, but they can be just as damaging, and serve to weaken the banks’ defences over time. […] Securing all the various channels will only get more difficult for the industry as the way we bank continues to evolve and leaders must be armed with an agile cybersecurity plan to move into the next generation of finance with the confidence of their customers behind them.
http://www.information-age.com/securing-future-banking-123469376/

 

How Government Can Avoid Rushing into IoT
As for the problem of cybersecurity, Todd Davis, vice president of field marketing for CenturyLink, said there are some methods emerging to help prevent unwanted hijacking of IoT devices. “Infrastructure available today, connected to your network, connected to your cloud or private cloud infrastructure, can help avoid some of (those risks) by things like whitelisting.
http://www.govtech.com/data/How-Government-Can-Avoid-Rushing-into-IoT.html?_lrsc=633b29ac-8079-4829-8fae-774322fcd02a

 

Embrace the Cyber Security-Physical Security Nexus
In most companies I work with, the IT security team and the physical security team (if there is one) do not communicate effectively. The IT team implements software and hardware solutions to protect security; the physical team does the same thing, often competing for the same funding. The reality is, these two teams should be working together to present a common risk picture so top management can look strategically at how best to cost-effectively manage risk.
https://www.informationweek.com/strategic-cio/security-and-risk-strategy/embrace-the-cyber-security-physical-security-nexus/a/d-id/1330310

 

Cyber attack impact hangs over Maersk’s Q3 earnings
The not-Petya virus forced Maersk Group to shut down all its communications with customers and within the company, affecting the carrier, APM Terminals and forwarding arm Damco. It was several weeks before business was back to normal and the loss of business was estimated to have been as high as USD300 million.
https://www.joc.com/maritime-news/container-lines/maersk-line/cyber-attack-impact-hangs-over-maersk%E2%80%99s-q3-earnings_20171106.html

 

Cybersecurity threats pose biggest healthcare hazard, ECRI reports
Malware attacks in healthcare can put patient safety at risk, shutting off access to records, taking down medical devices and interrupting supply chains, according to a new report from the ECRI Institute that puts ransomware and cybersecurity threats at the top of its technology hazards list for 2018. […] As expected, the number of data breaches in healthcare is on the rise. So far, there have been more data breaches in 2017 than there were in 2016. Between Jan. 1 and Nov. 1, 2017, there were 255 breaches submitted to the Office for Civil Rights that are still under investigation and another 34 breaches that have been resolved—a total of 289.
http://www.modernhealthcare.com/article/20171106/NEWS/171109934

 

Stakeholders Stress Healthcare Cybersecurity Focus for HHS
“We call on the Department to prioritize cybersecurity both within the Department and across the sector,” CHIME stated. “The recent attacks and referenced articles should serve as a call to action for the industry to collectively pursue actions to improve our cybersecurity posture including devoted increased attention to building and sustaining an amply equipped workforce to tackle increasing cyber threats.”
https://healthitsecurity.com/news/stakeholders-stress-healthcare-cybersecurity-focus-for-hhs

 

Regulation Can’t Solve Cybersecurity Problems, Fed Official Says
There are already lots of rules and regulations that banks and other financial institutions have to follow when it comes to cybersecurity. Several lenders and trade groups collected all U.S. and global guidance documents, regulatory requirements and recent proposals on cybersecurity into a “financial sector profile,” said JPMorgan Chase & Co.’s Kevin Gronberg, who was also on the panel. It ended up being a 2,000-line spreadsheet showing a lot of overlap between rules and demands from different regulators, Gronberg said.
https://www.bloomberg.com/news/articles/2017-11-06/regulation-can-t-solve-cybersecurity-problems-fed-official-says

 

Cybersecurity Report Emphasizes Urgency, Teamwork
One of the lead execs on a cybersecurity report requested by the White House suggests it will advise a holistic and cooperative public-private partnership approach, suggest there needs to be more urgency about the issue (primarily the threat of botnets), and advises against relying on “international norms.” That is according to a blog post from AT&T assistant VP of global policy Chris Boyer, aa member of the National Security Telecommunications Advisory Council (NSTAC), who was tasked with overseeing the development of the report.
http://www.broadcastingcable.com/news/washington/cybersecurity-report-emphasizes-urgency-teamwork/169896

 

New Wyoming CISO Sets to Work Amid Increased National Cybersecurity Concerns
Young also said that for the first time ever, there is a line item for cybersecurity funding in the budget being considered by the state Legislature. In past years, Young and Wyoming’s Department of Enterprise Technology Services have relied on existing funds or repurposing other moneys to fortify cyberdefenses. This year, however, they’re asking for $2 or $3 million specifically to fund tools and training for cybersecurity.
http://www.govtech.com/people/New-Wyoming-CISO-Sets-to-Work-Amid-Increased-National-Cybersecurity-Concerns.html

 

Unisys Predicts Proliferation of IoT and Other Connected Technologies Will Accelerate Security Threats to Life Sciences and Healthcare Industry
According to a recent report, in the second quarter of 2017 life sciences and healthcare organizations suffered more security incidents than any other industry, surpassing the public sector. Simultaneously, as more providers utilize personal or hand-held devices to access data, it means extremely valuable patient data is more vulnerable to cyber threats. In the coming years, the industry will see a rapid rise in ransomware and DDoS attacks that threaten patient data, as well as the business reputations of the organizations trusted to protect it.
http://markets.businessinsider.com/news/stocks/Unisys-Predicts-Proliferation-of-IoT-and-Other-Connected-Technologies-Will-Accelerate-Security-Threats-to-Life-Sciences-and-Healthcare-Industry-1007055722

 

Are you overlooking the chink in your cybersecurity armour?
One example would be that of water pumps in flood defences, which might seem a non-obvious point of entry. However, industrial processes and individual water pumps are increasingly becoming internet-enabled so they can be controlled from one central point in the network. […] Exploring this further, we look at a selection of intermediate devices that organisations often overlook.
https://www.itproportal.com/features/are-you-overlooking-the-chink-in-your-cybersecurity-armour/

Data Pours from Cloud—And ‘The Enemy is Us’

As of September 2017, IBM X-Force said 1.3 billion records tied to 24 incidents have been exposed to the public internet via misconfigured servers. Businesses are doing a better job at protecting against vulnerabilities such as SQL injections, X-Force said. “In its place, simple permission errors, API oversights and server misconfigurations have become even more pervasive,” according to  X-Force researchers.
https://threatpost.com/data-pours-from-cloud-and-the-enemy-is-us/128747/

 

Paradise Papers appear to show ties between Trump’s Cabinet and Russian firms
The leaked data was obtained by German newspaper Süddeutsche Zeitung, which said that the majority of the documents stem from offshore law firm Appleby, which was founded in Bermuda but has offices in several other locations. The company reported last month that it had been hacked. The documents, dubbed the Paradise Papers, appear to show ties between members of President Trump’s cabinet and Russian firms.
https://www.usatoday.com/story/news/world/2017/11/06/paradise-papers-ties-between-trump-cabinet-russian-firms/835671001/

 

Change of command for elite National Guard cyber group
In remarks at the ceremony, Col. Gent Welsh, commander of the 194th Wing, called Jeffries the “Godfather of Cyber” for Washington State. “Where this Group is at now, its missions, its reputation, is directly linked to [Jeffries’s] work, vision and leadership,” said Welsh. Welsh presented the Legion of Merit to Jeffries in recognition of his pioneering leadership.
https://www.dvidshub.net/news/254199/change-command-elite-national-guard-cyber-group

 

Flaw crippling millions of crypto keys is worse than first disclosed
A crippling flaw affecting millions—and possibly hundreds of millions—of encryption keys used in some of the highest-stakes security settings is considerably easier to exploit than originally reported, cryptographers declared over the weekend. The assessment came as Estonia abruptly suspended 760,000 national ID cards used for voting, filing taxes, and encrypting sensitive documents. Millions of high-security crypto keys crippled by newly discovered flaw. The critical weakness allows attackers to calculate the private portion of any vulnerable key using nothing more than the corresponding public portion.
https://arstechnica.com/information-technology/2017/11/flaw-crippling-millions-of-crypto-keys-is-worse-than-first-disclosed/

 

Comcast Internet service crippled; affecting users across US
According to DownDetector, a service that keeps track of online platforms facing connectivity issues, over 8,000 reports citing Internet connectivity issue from all over the United States on Monday 1:00 PM ET have been noted. Furthermore, DownDectector stats show that Comcast customers in “Mountain View, Denver, Portland, Chicago, Seattle, New York, San Francisco, Houston, Minneapolis, and Boston” are facing major experiencing connectivity issues.
https://www.hackread.com/comcast-internet-service-crippled-affecting-users-across-us/

 

“Combosquatting” attacks, hiding in plain sight, trick computer users
To guard against unknowingly visiting malicious websites, computer users have been taught to double-check website URLs before they click on a link. But attackers are now taking advantage of that practice to trick users into visiting website domains that contain familiar trademarks — but with additional words that change the destination to an attack site. The attack strategy, known as combosquatting, is a growing threat, with millions of such domains set up for malicious purposes.
http://www.homelandsecuritynewswire.com/dr20171106-combosquatting-attacks-hiding-in-plain-sight-trick-computer-users

 

The real risks quantum attacks will pose for Bitcoin
They have just released a whitepaper which finds that Bitcoin and other cryptocurrencies will be vulnerable to attacks by quantum computers in as little as ten years. Such attacks could have a disastrous effect on cryptocurrencies as thieves equipped with quantum computers could easily steal funds without detection, thus leading to a quick erosion of trust in the markets. They also assess the risk of quantum dominated mining in so called Proof of Work protocols which are the basis for verifying transactions in Bitcoin and many other cryptocurrencies.
http://www.homelandsecuritynewswire.com/dr20171106-the-real-risks-quantum-attacks-will-pose-for-bitcoin

 

New GIBON Ransomware Emerges
Once it has infected a machine, GIBON connects to its command and control (C&C) server and registers the new victim by sending a base64 encoded string containing the timestamp, Windows version, and the “register” string (which tells the C&C that this is a new victim). The server’s response contains a base64 encoded string that the ransomware uses as the ransom note. As BleepingComputer’s Lawrence Abrams notes, this setup allows the malware author to update the ransom note on the fly, without having to compile a new executable.
http://www.securityweek.com/new-gibon-ransomware-emerges

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>