IT Security News Blast 12-27-2017

Korea-linked hackers are attacking banks worldwide

Korea-linked hackers are attacking banks worldwide

Banks and security researchers have previously identified four similar cyber-heists attempted on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam.But researchers at Kaspersky now say the same hacking operation — known as “Lazarus” — also attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay.

https://kaplanherald.com/2017/12/26/n-korea-linked-hackers-are-attacking-banks-worldwide/

 

Fla. Health Clinic’s Cyber Insurer to Pay $2.3M HIPAA Settlement

“Normally, the covered entity would pay the settlement or fine and would get reimbursed by the insurer,” Green told Healthcare Info Security. “Here, OCR is going directly to the insurer to receive the payment, which is likely in large part because the covered entity is in bankruptcy proceedings.”

https://www.campussafetymagazine.com/hospital/21st-century-oncology-cyber-insurer-beazley-hipaa/

 

Security in IoT space to be of prime focus in 2018, say experts

We will see an increase in businesses to ‘secure’ the entire network instead of each individual endpoint, which can help minimise the risk and cost involved in maintaining security across IoT devices,” Juniper Networks VP, security marketing, Franklyn Jones told PTI. According to a Gartner report, global spend on information security products and services will grow to a massive USD 93 billion in 2018.

http://www.financialexpress.com/industry/technology/security-in-iot-space-to-be-of-prime-focus-in-2018-say-experts/989925/

 

Risk assessment: Expert tips for combating ransomware, identifying search results malware

Cybersecurity experts who have been plowing through this era of nonstop attack attempts have learned a lot along the way. And some of those professionals are glad to share the lessons they’ve learned in order to help other healthcare organizations avoid a crippling attack.

http://www.healthcareitnews.com/news/risk-assessment-expert-tips-combating-ransomware-identifying-search-results-malware

 

Maintain HIPAA Safeguards, Healthcare Cybersecurity on Vacation

Individuals should bring their own power adapters and cords, the agency warned. Malware could be installed onto hotel lamps, airport kiosks and other public USB charging stations. If employees do not have access to their own charger or adapter, then they should power down their device before connecting it to a public charging area.

https://healthitsecurity.com/news/maintain-hipaa-safeguards-healthcare-cybersecurity-on-vacation

 

NAIC Adopts Model Law on Cybersecurity: Will States Adopt It?

The NAIC is a standard setting and regulatory support organization consisting of the top insurance regulators from the 50 states, District of Columbia, and five U.S. territories. […] The model law requires Licensees to implement a comprehensive written information security program based on the licensees’ risk assessment. As part of the information security program the licensee must designate an individual (who can come from a third party) to be responsible for the information security program.

https://www.law.com/thelegalintelligencer/sites/thelegalintelligencer/2017/12/26/naic-adopts-model-law-on-cybersecurity-will-states-adopt-it/?slreturn=20171126202447

 

US foreign policy prompted Russia to become ‘masters’ of cyberwarfare, Blackstone’s Studzinski says [Video]

Cyberwarfare is likely to be at the center of geopolitical disputes for a long time to come, strategists told CNBC. […] While China has stepped in to displace the U.S. on the global stage, Russia has “astutely” chosen to prioritize investments in cyberdefense over military spending, according to Studzinski. This had led to Moscow becoming the “masters” of so-called “cyber foreign policy,” he added.

https://www.cnbc.com/2017/12/23/studzinski-us-triggered-russias-pursuit-to-become-cyberwarfare-masters.html

 

Kremlin trolls burned across the Internet as Washington debated options

“Hello, my name is Alice Donovan and I’m a beginner freelance journalist,” read the Feb. 26, 2016, message. The FBI was tracking Donovan as part of a months-long counterintelligence operation code-named “NorthernNight.” Internal bureau reports described her as a pseudonymous foot soldier in an army of Kremlin-led trolls seeking to undermine America’s democratic institutions.

https://www.washingtonpost.com/world/national-security/kremlin-trolls-burned-across-the-internet-as-washington-debated-options/2017/12/23/e7b9dc92-e403-11e7-ab50-621fe0588340_story.html?utm_term=.58589570fc3d

 

Fancy Bear campaign targets 200 journalists

The Associated Press reported that the journalists worked for a wide range of publications, including the New York Times, Washington Post and The Daily Beast. The AP said it received a list of targets from the cybersecurity firm Secureworks. Fancy Bear tactic had it sending the journalists phishing emails in an attempt to compromise their computer and then using any information found as ammunition to intimidate them into changing how they covered events.

https://www.scmagazine.com/fancy-bear-campaign-targets-200-journalists/article/720572/

 

How North Korea’s hacking strategy is related to its missile tests

The potential for North Korea to destroy critical infrastructure without a nuclear weapon has largely been ignored, yet Pyongyang has the cyber capability to cause serious damage. In 2014, a cyber attack on Sony Pictures destroyed files and leaked e-mails online. The US blamed North Korea for it. Overall, North Korea’s isolation makes it hard for the US to come up with an effective strategy to counter its cyber attacks.

http://www.tnp.sg/news/views/how-north-koreas-hacking-strategy-related-its-missile-tests

 

We ignore Iran at our peril

Iran’s cyber capability is the focus of a detailed study called “Iran’s Cyber Threat,” to be published soon by Collin Anderson and Karim Sadjadpour of the Carnegie Endowment for International Peace. It describes a country that, although “third tier” on the cyberthreat matrix, can still do considerable damage. […] The United States, with its relatively open systems, can be an easy target.

https://www.washingtonpost.com/opinions/we-ignore-iran-at-our-peril/2017/12/26/c246078c-ea80-11e7-b698-91d4e35920a3_story.html?utm_term=.ecef3916acd5

 

Nato to re-establish Cold War-era command post as Russian submarines increase activity around undersea cables

The apparent Russian focus on the cables, which provide internet and other communications connections to North America and Europe, could give the Kremlin the power to sever or tap into vital data lines, the officials said. Russian submarine activity has increased to levels unseen since the Cold War, they said, sparking hunts in recent months for the elusive watercraft.

http://www.independent.co.uk/news/world/europe/nato-fears-heighten-russian-submarines-activity-undersea-data-cables-north-atlantic-a8126681.html

 

Vietnam army reveals 10,000-strong cyber warfare unit

“The Central Military Commission is very interested in building up a standing force to counter the wrong viewpoints,” he said, referring to the party’s branch in the military. He added that the military would work with internal security and other forces in Vietnam to build a specialised cyber warfare force. “I see other countries declaring that there is a real cyber war,” he said. “Therefore in every hour, minute, and second we must be ready to fight proactively against the wrong views.”

https://www.ft.com/content/ef924a6e-ea14-11e7-bd17-521324c81e23

 

Researchers Develop New Security Method for AI to Keep Data Private

Researchers claim that the model is guaranteed to reveal only limited information each data subject. “Previously you needed one party with unrestricted access to all the data. Our new method enables learning accurate models, for example, using data on user devices without the need to reveal private information to any outsider,” assistant professor Antti Honkela of the University of Helsinki says.

http://electronics360.globalspec.com/article/10686/researchers-develop-new-security-method-for-ai-to-keep-data-private

 

Internal FCC Report Shows Republican Net Neutrality Narrative Is False

But internal FCC documents obtained by Motherboard using a Freedom of Information Act request show that the independent, nonpartisan FCC Office of Inspector General—acting on orders from Congressional Republicans—investigated the claim that Obama interfered with the FCC’s net neutrality process and found it was nonsense. This Republican narrative of net neutrality as an Obama-led takeover of the internet, then, was wholly refuted by an independent investigation and its findings were not made public prior to Thursday’s vote.

https://motherboard.vice.com/amp/en_us/article/vbympa/net-neutrality-fcc-inspector-general-report

 

US capital’s surveillance cam network allegedly hijacked by Romanian ransomware suspects

Graham described how around January 9, 2017, and January 12, 2017, the pair, as part of an alleged ransomware scheme, took control of the networked Windows computers used by the Washington DC Metropolitan Police to run their traffic cameras. On January 12, having recognized that some of the cameras were offline, DC police IT staff and a Secret Service agent used Remote Desktop Protocol (RDP) software to connect to one of the servers controlling the cameras.

https://www.theregister.co.uk/2017/12/22/romanian_hackers_used_cops_surveillance_cam_network_for_ransomware/

 

Spoofed Emails from Supposedly Corporate Printer Vendors Install Backdoor

These emails are supposed to be sent by commonly used printer and scanner brands, which is why nobody tends to suspect foul play. The attachments in the spoofed emails contain malware. […] The emails contain very regular and normal looking subject lines such as Scanned from HO, Scanned from Canon or Scanned from Epson, etc. Cybercrooks have modified extension and file names and hidden the malicious coding in such a way that email antivirus software cannot detect them.

https://www.hackread.com/spoofed-emails-from-printer-vendors-install-backdoor/

 

Hackers phishing Facebook addicts this holiday season

Malwarebytes researchers are reporting that cybercriminals are using these fake landing pages as bait in phishing scams that say the person has lost access to Facebook, but this can be regained using the common “Login with Facebook,” method used by many valid websites. It’s not lost on attackers that the average Facebook user spends 55 minutes per day on the social media site, which partly explains the recent onslaught of malicious landing pages warning the possibility of losing a Facebook account.

https://www.scmagazine.com/hackers-phishing-facebook-addicts-this-holiday-season/article/720776/

 

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.