IT Security News Blast 7-19-2017

The Healthcare Industry Is in for a Rude Cybersecurity Awakening

“IoT technology presents special challenges to a healthcare organization’s ability to protect itself from both insider threats as well as external cyber-attacks across a wide range of attack vectors, as demonstrated by the most recent WannaCry ransomware and NotPetya wiperware attacks,” said Xu Zou, CEO and cofounder of ZingBox. “As these attacks continue to step to the forefront, companies deploying IoT devices need to be more cognizant than ever of their security measures.”

 Applying Healthcare Information Sharing to Data Security

“Information sharing is useful for all types of incidents and threats,” Kim wrote. “Whether there is a threat of something actually occurring or an incident has actually occurred, both threats and incidents have indicators to help determine what has occurred (in the case of an incident) or what may occur (in the case of a threat).” For healthcare specifically, Kim explained that information sharing can occur within any organization, sector-wide, or even occur between or among several critical infrastructure sectors and/or industries.

 How large would the financial losses get in case of a global cyber attack?

A major attack could result in financial losses of up to $53 billion, close to the total cost of the 2012 storm. That’s according to noted banking group Lloyd’s of London, which teamed up with risk-modeling firm Cyence to look at several potential cyber-attack disaster scenarios. Apparently, insurers are having a hard time estimating their potential exposure to cyber-related losses.

 Petya cyber-attack still disrupting firms weeks later

“On one hand, it is alarming to see large multinational corporations still feeling the impact and attempting to recover systems,” said security researcher Kevin Beaumont. “On the other hand, it is good to see some of the businesses communicating so openly about the problems they are experiencing.” Both Mr Beaumont and Mikko Hypponen, at cyber-security company F-Secure, have praised Maersk’s openness.

 Millions of Dow Jones customer records exposed due an internal error

The downloaded database contained customer names, internal Dow Jones customer IDs, home and business addresses. Perhaps most critical was the inclusion of the last four digits of customer credit cards in the files, as well as customer email addresses also used to login to their accounts which could be used in compiling a phishing attack, UpGuard warned. Dow Jones’ Director of Communications Steve Severinghaus told SC Media that the data was “over-exposed” only on AWS and not the internet. In addition, the incident was not due to an unauthorized person gaining entry.

 Top 5 critical infrastructure cyber attacks

A new form of malware comparable to the Stuxnet attack that was designed for infrastructure has recently been discovered, it is called Industroyer. The attack is able to take direct control of electricity substation circuit breakers using industrial communication protocols, this means that power stations, transportation control systems, water, and gas plants are all potential targets. We are undoubtedly set to see more of these frightening attacks in future, but in this list we are going to reflect on some of the most high profile examples of cyber attacks on critical infrastructure around the world.

 White House ‘rumoured to close State Department’s only cyber security office’ as top diplomat quits

It has been reported that the cyber security office in the State Department may be closed as its top diplomat quits. Christopher Painter, the Coordinator for Cyber Issues, is leaving his post at the end of the month after well over two decades of leadership on the issue, per Politico. The news outlet also reported that Secretary of State Rex Tillerson may shut down Mr Painter’s office, which is responsible for “negotiating joint agreements with other countries on issues like protecting critical infrastructure and developing cyber norms.”

 Dems call for review of pipeline cybersecurity rules

Sen. Maria Cantwell (D-Wash.) and Rep. Frank Pallone Jr. (D-N.J.) asked the Government Accountability Office and Transportation Security Administration on Tuesday whether voluntary guidelines for cybersecurity defenses for fuel pipelines need to be updated or codified. “An assessment of these guidelines and their effectiveness is needed as a number of major trends have emerged, with potentially significant implications for our energy, national and economic security,” the lawmakers wrote in a letter.

 House Dems say voter data request poses serious cybersecurity concerns

Kobach, who is also Kansas’ secretary of state, in late June asked election officials in all 50 states to submit publicly available voter roll information to the commission, including voters’ full first, last and middle names; dates of birth; political party affiliations; last four digits of Social Security numbers; voting history dating back to 2006; and  a variety of other personal information. State election officials have dug in their heels against submitting the data, and privacy advocates have filed lawsuits to block the action.

 Security experts from Google, Facebook, Crowdstrike want to save US elections

A new group at Harvard University staffed by the former campaign managers of the Hillary Clinton and Mitt Romney campaigns, along with other top security experts, have banded together to help mitigate various types of online attacks that threaten American democracy. The initiative, dubbed “Defending Digital Democracy,” will be run by former chief of staff for the secretary of defense, Eric Rosenbach.

 38 governors sign cybersecurity compact

The announcement came Friday after a yearlong initiative spearheaded by Virginia Gov. Terry McAuliffe, the National Governors Association’s outgoing chair, to create guidelines that could be universally applied across states and promote cybersecurity generally. Under an initiative called Meet the Threat, governors were advised to institute cybersecurity governing bodies, organize computer crime units for law enforcement agencies, design cybersecurity education programs for staff and coordinate state efforts with cities and counties.

 Russia’s next fake news campaign could devastate the economy

The most concerning scenario is that of Russia deploying cyber weapons against stock exchanges and banking systems. […] These systems are so complex nobody can accurately model how they will react or respond to manipulation or freak events. The erroneous and uncontrollable behaviour of trading algorithms – known as flash crashes – are regular occurrences in many stock markets. Critically, there are few human stockbrokers left, leaving the financial world with no backup if the markets were manipulated or wiped.

 Russians hacked energy companies on election day, GCHQ claims

The Government’s electronic spy agency GCHQ said in an official report sent to the energy sector that companies “are likely to have been compromised” in the wake of the attack launched on June 8. […] The document does not name Russia but experts have told The Telegraph that they believe the Kremlin was behind the attack and that it targeted engineers working in power plants and in the electricity supply network.

 Russians Suspected in NotPetya Malware Attacks

A recent international cyber attack that began in Ukraine involved sophisticated malware called “NotPetya” and was likely carried out by the Russian government or hackers associated with Moscow, according to U.S. officials and private security researchers. The malware masquerades as ransomware—programs that scramble data inside penetrated computers and then demand payment from victims to unscramble the data. But in reality the latest global outbreak was the work of data-destroying hackers seeking to undermine Ukraine’s economy. […] NotPetya’s first attacks took place June 27 in Ukraine, causing widespread computer network failures ranging from the National Bank of Ukraine to the radiation detection center at the Chernobyl nuclear reactor.

 Comcast accuses net neutrality advocates of not “living in the real world”

But even as Comcast increases its own capital spending, it insists that the FCC’s Title II rules have harmed “the economy and consumers.” For example, Cohen wrote, Comcast slowed down the rollout of its new Stream TV service because of an FCC investigation into the cable service’s exemption from Comcast data caps. “The ill-advised and politically motivated decision to reclassify broadband Internet access service under Title II represented an unnecessary and unwise turn for the economy and consumers,” Cohen wrote. “Comcast strongly agrees with the FCC’s decision to move forward with a proceeding to reverse that harmful ruling.”

 All hail AT&T! Champion of the open internet and users’ privacy!

As legislators vote on a new bill that would install privacy protections for broadband users, AT&T has been lobbying Sacramento saying there’s no point introducing the law since it is already legally obliged to follow FTC privacy rules. However, at the exact same time, AT&T is arguing in court in San Francisco that the opposite is true – that it is exempt from FTC enforcement. So why would the company write down such claims when they are transparently untrue?

 Cybersecurity Issues of Self-Driving Vehicles

The numerous points of entry into a self-driving vehicle’s computer system give clever thieves and cyber terrorists multiple opportunities to take control of vehicles.  […] The automotive industry has addressed the issue of cybersecurity of self-driving vehicles by creating a series of Automotive Cybersecurity Best Practices (“Automotive Best Practices”).3 The Automotive Information Sharing and Analysis Center (“Auto-ISAC”) issued the Automotive Best Practices, which guide how individual companies can implement the previously released “Enhance Automotive Cybersecurity” Principle.

 A Continuing Need for Stealth with Loud Cyber Weapons

To wit, the director of government cyber solutions at a major defense contractor is quoted as saying “If you’re using the same platform that’s vulnerability to the enemy following you back, that path in cyberspace, you’re jeopardizing your intelligence sources if you’re using the same platform to conduct an attack. . . . With intelligence, you typically don’t want to get caught—it’s espionage. Well, if I’m going to use a cyber exploit, and I’ve got the rules of engagement to do it, the thinking is: Heck, I’m at war. Getting caught isn’t part of the equation.” The C4ISRNET summary is “attribution is not a big deal in a warfare scenario.”

 Cybersecurity legend bets his manhood bitcoin reaches $500,000 within three years

John McAfee, the colorful founder of his namesake antivirus software company, as well as a former fugitive and passionate cryptocurrency backer, says bitcoin is headed toward the $500,000 mark within three years. […] McAfee might be on the extreme end, but he’s not the only one with high hopes for bitcoin and the rest of the cryptos. Fundstrat’s Tom Lee, one of Wall Street’s biggest equity bears, says bitcoin’s the new gold, with $55,000 possible by 2022.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.