IT Security News Blast 2-8-2017

Preventing Insider Threats from Affecting Health Data Security

There are numerous potential threats to health data security, and the increasingly complex level of technology will only help add to that threat level. Insider threats are one key area of concern, as careless or poorly trained employees could compromise sensitive information. […] Detecting, deterring, and mitigating insider threats are key pillars to building strong cybersecurity measures, ICIT stressed. One insider threat “can jeopardize decades of work, can inflict millions or billions of dollars of harm, and can impact millions of lives,” the report stated.

A Big Problem for Small Business: Why Companies of All Sizes must be Cybercrime Savvy

In 2011, the ISTR found 50% of spearphishing attacks were aimed at enterprises with 2500+ staff; 32% targeted medium sized businesses and 18% targeted firms with 250 staff or less. In 2016, this was turned on its head. Last year 43% of spearphising attempts targeted small businesses, whilst 22% were targeted medium and 35% at large. As you can see, the last five years have shown a clear increase in attacks targeting businesses with less than 250 employees.

Start-ups: Cyber security advice you need to hear

For most big businesses this problem can be met head on by enlisting and recruiting IT security experts and implementing software that safeguards them from attacks; investments which are often costly, making them unattainable for many start-up businesses. […] There is a common myth that hackers and cyber criminals only lay their cross hairs on larger businesses. But the fact is that no business, no matter how large or small, is safe from an attack. So what should start-ups do about cyber security without the mammoth budgets that their larger enterprise competitors wield? Here, Focus Training looks at the most common threats and how they can be tackled to fledgling businesses.

InterContinental Confirms Breach at 12 Hotels

In a statement issued late Friday, IHG said it found malicious software installed on point of sale servers at restaurants and bars of 12 IHG-managed properties between August and December 2016. The stolen data included information stored on the magnetic stripe on the backs of customer credit and debit cards — the cardholder name, card number, expiration date, and internal verification code.

Breach at Verity Health System exposes data of more than 10,000 patients

Verity Medical Foundation-San Jose Medical Group website, part of the Verity Health System in Redwood, California, was hacked, exposing the data of 10,164 patients. Verity includes six California hospitals, the Verity Medical Foundation and Verity Physician Network. […] The breached patient data included names, dates of birth, medical record numbers, addresses, emails, phone numbers and the last four digits of credit card numbers, dated between 2010 and 2014. Officials said Social Security numbers or full credit card numbers weren’t included.

Practicing Good Personal Cybersecurity Isn’t Just About Protecting Yourself

You may not need to use a VPN constantly or activate two-factor authentication for every account or encrypt all your communications. But you should probably be doing all of these things at least some of the time. So even if you’ve convinced yourself that you have absolutely nothing to hide—that no one could conceivably be interested in the contents of your digital life—it’s worth taking 15 minutes to understand a few of the security options available to you and when and why you might want to be using them.

The key functions to consider when building or buying a log analysis platform

1GB of log data is the equivalent of nearly 700,000 pages of text. Sifting through this manually would take nearly three years, or about the same amount of time it would take to read War and Peace 571 times consecutively (debatable as to which fate is worse). […] Log analysis platforms should solve the issue of information overload by breaking down the mass of log entries into digestible, relevant groups, and ignoring non-relevant data. Entries might be grouped according to common characteristics or patterns, e.g. the action performed or users performing them.

Everything old is new again: Experts predict a flood of denial-of-service attacks

“DDoS outages are causing companies to completely rethink their cybersecurity strategies,” said cyber-defence strategist Terrence Gareau in a report by threat identification firm Nexusguard. Nexusguard examines network data to identify threat vector trends like duration, source, and variation of denial-of-service attacks.”Hackers’ preferences for botnets over reflection attacks are typical of cyclical behavior, where attackers will switch to methods that have fallen out of popularity to test security teams with unexpected vectors.”

Why Your Company’s First Line Of Cybersecurity Is Not Your CTO

The problem is not the use (or lack) of security tools and technology, but rather employees who are unknowingly the objects of security threats. The latest trick employed by criminals is to emulate executives within a company in a trusted environment. For example, an employee receives a legitimate-looking email from the CEO or CFO, instructing them to wire money. Before, employees used to be able to tell if the email was real, but today, employees are often duped by sophisticated hackers.

Cybersecurity policy in 2017: How will a major debate on government surveillance play out?

A major issue has always concerned the inadvertent or incidental collection of data about US citizens in the search for intelligence regarding foreigners. This could occur in a variety of ways, including a coincidental address or the mention of the US citizen by the intended foreign target. There are rules that limit when and under what conditions a US citizen can be further scrutinized, and these activities are overseen by the Foreign Intelligence Surveillance Court (FISC). But in the developing challenge to the renewal of Section 702, it is this “incidental” collection of information on US citizens that will dominate the debate.

Here Are 4 Ways to Profit From the Growing Need for Cybersecurity

This is the time to scoop up these investments, as corporations and governments plow ever-greater sums into detecting and deterring cyberattacks. All four are poised for growth.

  1. Booz Allen Hamilton (BAH)
  2. Fortinet (FTNT)
  3. ManTech International (MANT)
  4. PureFunds ISE Cyber Security ETF (HACK)

“You’re Fired!” Will Not Fix Federal Cybersecurity

In briefings late January, President Trump promised that he would hold agency heads accountable for failures in cybersecurity. He plans to issue an executive order to do that early this month. While on its surface, the idea that executives in both the public and private sector need to be held accountable for cybersecurity, there is just one problem with the approach. It’s already required by law. The Federal Information Security Modernization Act (FISMA) puts responsibility squarely on the shoulders of agency heads.

Vizio To Pay Millions After Secretly Spying On Customers, Selling Viewer Data

The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education and home ownership. And Vizio permitted these companies to track and target its consumers across devices.

Feds snooping on your email without a warrant? US lawmakers are on a war path to stop that

The new legislation amends the 1986 Electronic Communications Privacy Act (ECPA), which states that emails that are unread or stored for more than 180 days can be requested and read by US law enforcement without a warrant. The new legislation insists the Feds go to a judge and get one before having a snoop around email inboxes. When the ECPA was enacted 31 years ago, emails were almost exclusively stored locally and not for very long, since hard drive sizes were in megabytes, not gigabytes, and commercial cloud service provision of email was a distant prospect for most. So legislators have been trying to update this antiquated legislation – against the wishes of law enforcement.

Maybe the US does have the right to seize data from the world’s servers

Can the US government demand that it be able to reach into the world’s servers with the tech sector’s assistance? International relations issues aside, the answer to that legally thorny question depends on which US court is asked. Consider that a federal magistrate judge in Philadelphia answered that question Friday in the affirmative, ordering Google to comply with US warrants and transfer e-mail stored overseas to the US so the FBI could examine it as part of a criminal probe. Yet just two weeks ago, a New York-based federal appeals court let stand its highly publicized July decision that allowed Microsoft to quash a US court warrant for e-mail stored on its servers in Dublin, Ireland.

Anonymous shut down thousands of Dark Web sites for hosting child porn

Reportedly, the Anonymous-affiliated hacker group has managed to take down the Freedom Hosting II servers affecting more than 10,000 websites. It must be noted that Freedom Hosting II is regarded as one of the largest hosting services on the Dark Web with hosting rights of around 20% of all the sites on this underground platform. According to researcher Sarah J Lewis, the websites bear the domain .onion and therefore, can be accessed through Tor browser. The stolen information includes email IDs of more than 380,000 users.

Report: IRS-related phishing scams seen running rampant

The latest Phishing Trends and Intelligence Report, which has data about January 2016, says that the IRS phishing sites spotted in that one month totaled more than the IRS phishing attempts seen during all of the previous year. […] That’s compounded by other phishing attempts that ask tax professionals to update their accounts, then direct them to fake Web sites that steal their credentials. And individuals received emails purportedly from tax preparers, tax software companies or banks, asking them to update their information in order to receive their returns. They included links to malicious Web sites.

Former NSA contractor may have stolen 75% of TAO’s elite hacking tools

Attorneys representing Harold T. Martin III have previously portrayed the former NSA contractor as a patriot who took NSA materials home so that he could become better at his job. Meanwhile, investigators who have combed through his home in Glen Burnie, Maryland, remain concerned that he passed the weaponized hacking tools to enemies. The theft came to light during the investigation of a series of NSA-developed exploits that were mysteriously published online by a group calling itself Shadow Brokers.

GAO raises alarm over key cyber office

The report from the Government Accountability Office says the National Cybersecurity and Communications Integration Center faces a number of impediments to safeguarding the nation’s cybersecurity. The center does not have a single, consolidated system that tracks cyber incidents, the report said. Instead, it receives reports of cyber intrusions in a variety of ways, including by phone and email, which makes it more difficult for agents to catalogue them in one place. […] “Until NCCIC takes steps to overcome these impediments, it may not be able to efficiently perform its cybersecurity functions and assist federal and nonfederal entities in identifying cyber-based threats, mitigating vulnerabilities, and managing cyber risks,” the report states.

Protecting quantum computing networks against hackers

As we saw during the 2016 U.S. election, protecting traditional computer systems, which use zeros and ones, from hackers is not a perfect science. Now consider the complex world of quantum computing, where bits of information can simultaneously hold multiple states beyond zero and one, and the potential threats become even trickier to tackle. Even so, researchers have uncovered clues that could help administrators protect quantum computing networks from external attacks.

5 signs we’re finally getting our act together on security

  1. We’re looking at passwords in a better light
  2. We may finally be taking IoT security seriously
  3. We’re getting other benefits on the coattails of new security technology
  4. We’re getting more realistic about security
  5. We may finally get security promises we can bank on

Your web browsing history can be linked to your social media accounts

They tested their approach first on simulated browsing histories containing links originating from Twitter, then in practice with the help of 374 individuals who chose to participate in the research and “donate” their browsing histories. The result of that last test? Over 70 percent of the individuals were correctly tied to their Twitter accounts. While not perfect, the result is impressive, and even more so because a correctly identified account is one of over 300+ million opened on Twitter.