IT Security News Blast 7-27-2017

CEOs: WannaCry is Your Wake Up Call

Your organization has hundreds or thousands of different pieces of software, and each one needs to be updated several times a year. Yet this process is often not well defined or automated, a fact amply demonstrated by how many organizations are running old software and being hacked. Acceptance of this issue is probably the largest step in addressing it. The whole organization can often be distracted by new solutions, but that should not come at a cost of forgetting about the ones you have already bought and deployed.

 U.S. treads water on cyber policy as destructive attacks mount

The Trump administration’s refusal to publicly accuse Russia and others in a wave of politically motivated hacking attacks is creating a policy vacuum that security experts fear will encourage more cyber warfare. In the past three months, hackers broke into official websites in Qatar, helping to create a regional crisis; suspected North Korean-backed hackers closed down British hospitals with ransomware; and a cyber attack that researchers attribute to Russia deleted data on thousands of computers in the Ukraine.

 Ukraine braces for further cyber-attacks

In particular, the chief executive of Ukraine’s state-owned energy giant Ukrenergo is concerned it will be a target. “All our life as an independent country in the last 25 years, we’ve been connected to the Russian power grid and they’ve balanced us,” Vsevolod Kovalchuk told the BBC. However, he explained, an agreement his firm has struck with European electricity transmission operators to modernise Ukraine’s power grid might have put the firm in Moscow’s cross-hairs.

 EU Council Agrees to Develop Sanctions Framework to Address Cyber Attacks

Of note, the press release states that “the EU is concerned by the increased ability and willingness of state and non-state actors to pursue their objectives through malicious cyber activities”, and further adding that “states should not knowingly allow their territory to be used for internationally wrongful acts using Information and Communication Technologies (ICT)”.

 A security solution that’s simple for government, tough for attackers

While peace of mind can never be fully realized within the ever-changing space of cybersecurity, we can move toward a more data-centric approach where security is embedded at a more granular level. Format-preserving encryption has been widely adopted by retail and finance industries, but the federal government now recognizes the importance of this continuous form of data protection that reduces threats from insiders, malware and advanced attacks.

 Lawmakers approve ‘cyber vulnerability’ bill

The legislation was sponsored by Rep. Sheila Jackson Lee (D-Texas) and received broad support from members of the House Homeland Security Committee, including Chairman Michael McCaul (R-Texas). The bill would require Homeland Security Secretary John Kelly to send a report to relevant congressional committees describing policies and procedures used by the DHS to coordinate the disclosure of what are called “zero days” — cyber vulnerabilities that are unknown to a product’s manufacturer and for which no patch exists.

 Healthcare organizations are underestimating cybersecurity risks

“Healthcare payers and providers are on treacherous ground here and some organizations are underestimating cybersecurity risks,” said KPMG healthcare advisory leader Dion Sheidy. “There needs to be a higher degree of vigilance among boards and executive suites as attacks become much more sophisticated, especially as doctors need to share information to improve quality and as connected medical devices and wearables proliferate.”

 Malware in Medicine: Prevention Is Key to Protection

The theft of personal data is not, therefore, the major threat in this age of cyber insecurity. More dangerous are ransomware attacks like WannaCry, which can shut down hospital services and destroy patient records. According to Dr Yaraghi, some hospitals are laying in stocks of bitcoin to pay off attackers in the case of a ransomware attack, implying that encrypting and backing up patient data are understood within the health care community to be insufficient.

 HIT Think Why IoT security is everyone’s responsibility

The dangers are clear: device breaches can compromise patient safety and privacy and also provide an entry point for attackers to access health systems’ networks. While every security expert on earth wishes there was a silver bullet that could eliminate cyber risks, no such “one size fits all” solution exists. Regardless of our role in the delivery of healthcare, cyber threats affect all of us, which means that everyone—regulators, device manufacturers, providers and even patients—has a responsibility to help mitigate risk.

 How hospitals can shore up cybersecurity on a ‘skinny’ budget

“The reality is that if you need someone, the best way to do that is to get a vendor who is able to recommend the needed technology and other security needs,” said Lovejoy. Providers should look toward vendors with a healthcare-focus that are able to provide the necessary security evaluations.

 Overnight Cybersecurity: Facebook invests in group fighting election hacking | House panel advances DHS cyber revamp bill | Lawmakers mull cyber insurance for small businesses

Facebook said on Wednesday that it will give funding to a nonprofit at Harvard that is trying to curb cyberattacks aimed at political groups and election systems. The social media giant’s money will go to Defending Digital Democracy, a group led by former campaign chairs for Hillary Clinton and Mitt Romney, based at Harvard’s Kennedy School of Government.

 Is Amazon’s ‘Alexa’ Crossing a New Privacy Threshold?

The Amazon Echo is always listening for that trigger word. What are the chances that doesn’t eventually expand what their devices record? That could be accomplished with a simple update that you may, or may not, review before downloading. What happens if Amazon goes ahead with the as-yet merely mulling-mode plan to share transcripts of Echo recordings with third-party app developers—or still other entities?

 Why modern cyber attacks require a multi-step plan

As attacks on enterprise networks grow more common and complex, incident response (IR) teams and security operations centers (SOCs) grow increasingly besieged: 44 percent of security operations managers see more than 5,000 alerts every day, according to the Cisco 2017 Annual Cybersecurity Report. Due to the staggering volume, organizations only investigate 56 percent of these alerts, and remediate less than one-half of the actual threats they receive.

 Radiation detection devices open to cyber attack, researcher finds

Attackers could, for example, falsify readings to simulate a radiation leak to trick authorities into ordering unnecessary evacuations, or increase the time that an attack against a nuclear facility or an attack involving a radioactive material remains undetected by sending normal readings to deceive operators.

 Teenage Do-Gooder Arrested in So-Called ‘Cyberattack’

The boy used the loophole to purchase a monthly ticket for 50 HUF (about $0.19 USD) instead of the regular price of 9,500 HUF ($36.23 USD) – something anyone with a passing knowledge of modern browsers would have been able to do, he said, as it was an “amateur bug.” The so-called hacker then immediately contacted BKK to demonstrate what he’d been able to do so that they could patch the system. After four days without a response, the hacker found himself being brought in for questioning by the police.

 China arrests 11 hackers for infecting 250M devices with Fireball malware

Law enforcement authorities in China have arrested eleven hackers suspected of developing Fireball malware which infected 250 million computers worldwide. Among the infected devices, 20 percent belonged to large corporate networks in various countries. […] “Specifically,  25.3 million infections in India (10.1%), 24.1 million in Brazil (9.6%), 16.1 million in Mexico (6.4%), and 13.1 million in Indonesia (5.2%). The United States has witnessed 5.5 million infections (2.2%).”

 Crypto mining malware a huge problem in Russia

“It is estimated that 20 to 30 percent of devices are infected with this virus”, Klimenko said according to Moscow-based news service RBC. The malware is used to mine valuable crypto currencies such as Bitcoin and Ethereum. However, not everyone in the Russian government agrees with these claims. Dmitry Marinichev, who serves as Russia’s internet ombudsman, told the RBC that Klimenko’s claims were “nonsense”, adding that such a scale of infection would be hard to miss. Other security professionals agreed.

 Cybersecurity Does Not Need a Silver Bullet Agency

The lessons arising from the creation of the Department of Homeland Security (DHS) are pertinent.  Establishing even basic agency functions in a politically-charged and bureaucratically-challenging environment is daunting.  And bureaucratically challenging it would be—the agencies contributing people to the new department would fight the process, giving the department as few resources, authorities and good people as possible, and most likely leaving it hobbled on many levels.

 6 billion records hacked in 2017 so far; ransomware victims paid $25 million

According to a mid-year report by Risk Based Security (RBS), a Richmond Virginia based company who keeps an eye on data breaches, there have been 2,227 incidents of data breaches as of June 2017 allowing hackers to steal 6 billion records. This means that in last six months hackers have stolen more data than the total number of medical and financial records stolen in the whole of 2016.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.