IT Security News Blast 12-08-2017

Critical Infrastructure

Banking Apps Found Vulnerable to MITM Attacks
The use of certificate pinning allows apps to specify a specific certificate that they trust for a given server. This helps defeat a number of attacks, specifically MITM attacks that rely on spoofing the certificate for a trusted app or website. What researchers found was a vulnerability in each of the apps’ implementation of the certificate pinning and certificate verification used when creating a Transport Layer Security (TLS) connection.
https://threatpost.com/banking-apps-found-vulnerable-to-mitm-attacks/129105/

 

Financial services organizations fail to properly secure SSH keys
According to the findings 69 percent of respondents from the financial services industry admit they don’t actively rotate keys, even when an administrator leaves their organization. This allows the former employee the potential for ongoing privileged access to critical and sensitive systems.
https://betanews.com/2017/12/07/finance-unsecure-ssh/

 

Cybersecurity tops list of IT investments for 2018
According to the survey, health systems are likely to invest time and money in proven solutions that can have near-term impact, such as strengthening cybersecurity systems. Less-proven technologies like artificial intelligence and wearables can expect to see more cautious uptake.
https://www.healthcaredive.com/news/cybersecurity-tops-list-of-it-investments-for-2018/512466/

 

2018 is primed for blockchain, big data and cloud computing advancements, all with a better security plan
Health IT is in a very fluid state and evolving quickly. Hospital executives and technology professionals no doubt have their hands full keeping up with technological advances, security events and much more. Following are six health IT predictions for 2018 from various experts in the field that can help C-suite executives and other health IT pros stay on top of the latest trends and developments moving into the new year.
http://www.healthcareitnews.com/news/2018-primed-blockchain-big-data-and-cloud-computing-advancements-all-better-security-plan

 

Ransomware up nearly 2,000% in two years as “cyber mafia” hit business
Cyber criminals have the same professional organisation as mafia gangs of the 1930s, but they also share a willingness to intimidate and paralyse victims, the report shows. […] The new cyber mafia, the report said, is accelerating the volume of attacks, with the average monthly volume of attacks in 2017, up 23% compared with 2016. In the UK, the report said 28% of businesses had experienced a “serious” cyber attack in the past 12 months.
http://www.computerweekly.com/news/450431447/Ransomware-up-nearly-2000-in-two-years-as-cyber-Mafia-hit-business

 

2018 Cybersecurity prediction: Extortion attempts, ransomware will proliferate
In its recent threat prediction report for the coming year, McAfee highlighted the biggest threats facing all sectors, including serverless apps. But for healthcare, ransomware will continue to be the biggest hot-button issue. […] The attack method will continue to evolve in the coming year. Hackers will not only attempt to lock down computers in the traditional sense, they’ll launch ‘pseudo-ransomware’ attacks: Viruses with hidden purposes.
http://www.healthcareitnews.com/news/2018-cybersecurity-prediction-extortion-attempts-ransomware-will-proliferate

 

The Latest: Disruption From County Cyberattack Continues
Mecklenburg County officials say it will take days to restore the computer system. For that time period, residents in North Carolina’s most populous metro area will face delays or disruptions to county services. Deputies were processing jail inmates by hand and building code inspectors switched to paper records after the cyberattack.
https://www.usnews.com/news/best-states/north-carolina/articles/2017-12-07/the-latest-disruption-from-county-cyberattack-continues

 

How cyber safe is your municipality?
IT security vulnerabilities need to be front-and-centre for municipal leaders and taxpayers. The failure to act or fund should be publicly reported. Citizens have a right to know just how cyber safe your community is. After all, it is a liability. It’s not severe weather, an old bridge or crumbling road. It’s mainly ones and zeros in a computer that too few municipal leaders show an active interest in.
http://troymedia.com/2017/12/07/municipalities-risk-cyber-attacks/

 

NATO’s Little Noticed but Important New Aggressive Stance on Cyber Weapons
In short, NATO embraced the use of cyber weaponry in NATO operations. This is a marked departure from NATO’s historical stance of using cyber only defensively, mainly to ward off incursions against its own networks. The more aggressive approach was intended as a strong message, primarily to Russia, that NATO intends to use the cyber capabilities of its members to deter attacks in the same way it uses land, sea, and air weaponry.
http://foreignpolicy.com/2017/12/07/natos-little-noticed-but-important-new-aggressive-stance-on-cyber-weapons/

 

Dubious claim of week: Air Force’s “EMP missile” could disable N. Korean ICBMs
The Air Force has conducted tests of CHAMP, a system designed to selectively beam high-energy microwaves to cause damage to electronic systems. AFRL, Raytheon, and Boeing’s Phantom Works development team tested the CHAMP concept aboard a Conventional Air Launched Cruise Missile (CALCM) in 2012 at a Utah test range. In the 2012 test, pulses from the CHAMP cruise missile disabled computers and even the video cameras monitoring them as the missile flew over them.
https://arstechnica.com/information-technology/2017/12/dubious-claim-of-week-air-forces-emp-missile-could-disable-n-korean-icbms/

 

Iranian Hackers Have Been Infiltrating Critical Infrastructure Companies
“We have seen, and this is with a lot of the Iranian actors, a very disconcerting or aggressive posture towards critical infrastructure organizations,” says John Hultquist, director of intelligence analysis at FireEye. “APT 33 has targeted a lot of organizations in critical infrastructure in the Middle East and so has APT 34.
https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/

 

Why the Australian Defence Organization Is Recruiting Cyber Analysts on the Autism Spectrum
According to the IDF blog, these specialized analysts are “gifted with an incredible ability to analyze, interpret, and understand satellite images and maps.” In other words, this is not about compromise or settling for whatever talent you can get in an overly competitive labor market. These are true A-teams; it’s just that the “A,” in this case, stands for “autism.” Perhaps surprisingly, when it comes to skills required for cybersecurity analysis, (some) people with autism excel.
https://hbr.org/2017/12/why-the-australian-defence-organization-is-recruiting-cyber-analysts-on-the-autism-spectrum

 

Cybersecurity Spending Seen Rising 8% Worldwide Again Next Year
Gartner forecasts global enterprise security spending will grow 8% to $96.3 billion. […] “Cyberattacks such as WannaCry and NotPetya, and most recently the Equifax breach have a direct effect on security spend, because these types of attacks last up to three years,” Ruggero Contu, research director at Gartner, said in a press release.
https://www.investors.com/research/ibd-industry-themes/cybersecurity-spending-seen-rising-8-worldwide-again-next-year/

 

Cyber Pearl Harbor Versus The Real Pearl Harbor
“We are in the midst of a revolution in military affairs (RMA) unlike any seen since the Napoleonic Age, when France transformed warfare with the concept of levée en masse. Chief of Naval Operations Admiral Jay Johnson has called it ‘a fundamental shift from what we call platform-centric warfare to something we call network-centric warfare’, and it will prove to be the most important RMA in the past 200 years.”
https://www.forbes.com/sites/richardstiennon/2017/12/07/cyber-pearl-harbor-versus-the-real-pearl-harbor/#bed9c8e5bf77

 

Cook County Official Joins Cyber, DHS and National Security Leaders to Unveil First-Ever “Voting Infrastructure Security Plan”
The plan outlines several strategies for stakeholders to better defend, detect, and recover from cyber threats aimed at voting equipment, systems, networks and databases. Specifically, it describes “a challenging, comprehensive, yet achievable list of actions” for both federal leaders to support the more than 9,000 voting jurisdictions around the country, as well as the responsibilities of state and local officials.
https://www.prnewswire.com/news-releases/cook-county-official-joins-cyber-dhs-and-national-security-leaders-to-unveil-first-ever-voting-infrastructure-security-plan-300568656.html

 

One Nation Under Surveillance
In  2015, there were 5.9 million surveillance cameras reckoned in the United Kingdom—a country that has a population of approximately 60 million. […] Public buildings must now display the obligatory signs stating that cameras are recording at all times. When in such a recorded space, try standing for just long enough to be singled out by one of those cameras and then observe how they close in, and begin to follow your every step. It has an unsettling effect. It is meant to.
http://www.ncregister.com/blog/kturley/one-nation-under-surveillance

 

The Scary Links Among AI, Data, Privacy — And A $24M Fine
[Collecting] PII on large audiences, and feeding that Big Data into machine-learning algorithms, offers marketers great power. You know the rest. Repeat after me: With Great Power, Comes Great Responsibility. You must keep people’s data safe. Now the European Union has put a price on that cybersecurity responsibility: €20 million, or $23.6 million (when I checked the exchange rate late last night).
https://www.mediapost.com/publications/article/311270/the-scary-links-among-ai-data-privacy-and-a.html

 

Regulation for IoT security and data privacy
The bill states that IoT devices should:
·       Not have software, hardware or firmware vulnerabilities listed in the NIST vulnerability database
·       Not use hardcoded or fixed credentials for remote administration, communication or updates
·       Not use deprecated networks or encryption protocols
·       Be able to receive trusted and authenticated software updates from manufacturers
·       Have future update support and provide timely repair for new-found vulnerabilities
·       Disclose new found vulnerabilities to consumers
http://internetofthingsagenda.techtarget.com/blog/IoT-Agenda/Regulation-for-IoT-security-and-data-privacy

 

More than 5,000 WordPress websites plagued with Keylogger
The keylogger is designed to steal login credentials from WordPress sites while its prime target is e-commerce platforms to steal customers banking and card payment details. In case the platform requires users to log in with their social media details, personal email address or any other sensitive and useful data, the keylogger will also steal and send them to the attackers.
https://www.hackread.com/more-than-5000-wordpress-website-plagued-with-keylogger/

 

Toucan play that game: Talking toy bird hacked
Researchers from UK security consultancy Pen Test Partners found that it was child’s play to turn the Teksta Toucan talking toy into a potty-mouth. In homage to The Fast Show the Toucan was induced to swear like Unlucky Alf’s parrot, as the video (below) illustrates.
https://www.theregister.co.uk/2017/12/07/robot_bird_teksa_toucan_hack/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.