IT Security News Blast 7-7-2017

Today’s lax medical device security can be fixed. Here’s how.

Since traditional security means loading software on the medical devices, the question becomes whether or not that action will require FDA approval, said Jennifer Geisler, vice president of marketing at ForeScout, a cybersecurity firm that specializes in the Internet of Things and other connected devices. If so, then vendors must be willing to assume the same liability that a medical device takes on, she added. And if the security software causes a malfunction and a system fails, the matter of liability arises, Geisler said, adding that infosec pros need to be asking a lot of questions.

 Banking task force issues best practices for banks to mitigate cyber threats

The United States Secret Service and the Bankers Electronic Task Force, a group of state bank regulators, recently issued a series of industry best practices for managing risks related to cyber threats. The recommendations were made after recent reports of a new international ransomware cyberattack which has affected computer systems in more than 60 nations. The release of industry best practices is part of a larger overall effort by state and federal authorities to combat cybercrime.

 Maersk says shipments back to normal next week after cyber attack

Danish shipping giant A.P. Moller-Maersk (MAERSKb.CO) expects container shipments to be back to normal early next week, it said on Thursday, as the impact of last week’s cyber attack extends into its third week. Maersk, which handles one in seven containers shipped globally, said this week it had restored its major IT systems, but was still handling a backlog of orders and was working to bring operations at its ports back to normal.

 Industry Group Launches Cyber Security Guidelines

The second edition of The Guidelines on Cyber Security Onboard Ships has been released, compiled by a joint industry group led by BIMCO. The second edition includes information on insurance issues and how to effectively segregate networks, as well as new practical advice on managing the ship to shore interface and how to handle cyber security during port calls and when communicating with the shore side.

 Guide to the top college and university cyber security degree programs

Dozens of institutions have launched undergraduate and graduate security programs. Many provide both technical and management skills to help students become well versed in the latest security technologies, threats, vulnerabilities and management strategies. Here’s a look at a few of the leading programs in the United States.

 Cyber-Security Executive Order Implementation Deadlines Near

“This executive order is making the agencies executive heads accountable and responsible for cyber-security risk, quickly identifying and reporting back the current state of cyber-security.” Carson said that in his view the executive order is a a gap analysis exercise and it is important to note that it does not improve or prevent cyber-security threats, however it is an important step in the right direction to understand clearly the areas of high risk.

 These are the good ol’ days of cybersecurity

As bad as things might seem right now with the most current ransomware, we are going to look back on these days and think “It was so easy to protect ourselves back then, and we didn’t realize it.” The future will bring new challenges. From my vantage point of working with many different clients and speaking with many different security practitioners, here are my prognostications of things to come[.]

 Ukraine: Cyberattack likely hit 1 in 10 state, business PCs

Dmytro Shymkiv, the deputy head of Ukraine’s presidential administration and a former director of Microsoft Ukraine, told The Associated Press the figure was a “guesstimate” based on publicly available data, his previous work in the technology industry and what he’d heard from business and government sources. He added that the figure did not include line of business computers such as cash machines.

 Hackers are targeting nuclear power plant operators in the US

The joint report indicated that “there is no indication hackers had been able to jump from their victims’ computers into the control systems of the facilities,” according to The Times. Wolf Creek officials also confirmed to The Times that its “operations systems” are kept separate from the computer network of the facility, preventing cyberattacks like this from allowing hackers to directly control power plant systems. Still, the hack is a serious cause for concern. The joint report suggests that the hackers are interested in mapping out the computer networks to inform potential future attacks. These attacks focused on employees who have direct access to systems that could cause environmental disasters like toxic waste spills and fires.

 Russia steps up spying efforts after election

The officials say they believe one of the biggest US adversaries feels emboldened by the lack of a significant retaliatory response from both the Trump and Obama administrations. […] “The concerning point with Russia is the volume of people that are coming to the US. They have a lot more intelligence officers in the US” compared to what they have in other countries, one of the former intelligence officials says. […] Fueling law enforcement officials’ concern is that the Russians are targeting people in the US who can provide access to classified information, in addition to ongoing efforts to hack the US government for intelligence, according to several of the officials. In some cases, Russian spies have tried to gain employment at places with sensitive information as part of their intelligence-gathering efforts, the sources say.

 Teams Defend Against Simulated Attacks in Cyber Guard Exercise

More than 700 cyber operators and critical infrastructure experts from Cybercom, the National Guard and Reserves, the intelligence community, and public- and private-sector organizations teamed together to support each other during an onslaught of cyber threat scenarios. Teams navigated a coordinated response to protect, defend and mitigate a variety of cyber threats ranging from the simply disruptive to nearly catastrophic.

 Cyber Warfare: How Militaries Defend Themselves Online

Fighting fire with fire, leading defense agencies and military forces such as the US Department of Defense and NATO are deploying automated cyber-defense systems which can analyse vast and complex stretches of cyber-infrastructure for the type of hard-to-find vulnerabilities often exploited by the tools hackers use.

 Beijing’s Views on Norms in Cyberspace and Cyber Warfare Strategy Pt. 2

The following is a two-part series looking at PRC use of cyberspace operations in pursuit of its national strategies and the establishment of the Strategic Support Force. Part 1 considered the centrality of information operations and information war to the PRC’s approach toward its current struggle against the U.S. Part 2 looks at the PRC’s use of international norms and institutions in cyberspace, and possible U.S. responses.

 House Democrats announce new task force to protect election infrastructure from cyber attacks

Developed by House Minority Leader U.S. Rep. Nancy Pelosi (D-CA), House Homeland Security Committee Ranking Member U.S. Rep. Bennie G. Thompson (D-MS), and House Administration Committee Ranking Member U.S. Rep. Bob Brady (D-PA), the Congressional Task Force on Election Security will seek to address the lack of attention that has been paid to securing election infrastructure.

 Data breaches and due diligence

If you are a company considering a sale, you should be prepared to answer give detailed answers about any your cybersecurity policies, procedures and compliance with applicable laws. Before the formal due diligence process begins, you should review and update your cybersecurity policies and breach response plans. You should also be prepared to explain any past breaches of customer information or confidential data, and to outline the company has done to address the vulnerabilities that lead to the breach.

 Two hackers arrested after a decade of selling malware

Ruslan Bondars and Jurijs Martisevs were identified as the main culprits behind a crime in which they were selling malware over the dark web. The malware sold was meant to disrupt many U.S businesses. According to an indictment released by the Federal court in Alexandria, Virginia, the two men were selling malicious software that included hacking tools to exploit vulnerabilities by creating files with malware, Remote Access Trojans to hijack a victim’s computer, malware that could bypass detection from antivirus software and keyloggers which would monitor every keystroke made by a victim.

 Not Exit Scam? Users Freak Out Over Bitcoin Stored on AlphaBay

As previous Cointelegraph reports emphasized, it is not a viable option to store Bitcoin or any other cryptocurrencies on centralized and custodial platforms. […] The moderators of AlphaBay did not immediately provide the community with an official announcement until various Reddit threads emerged, criticizing the platform and raising the possibility of an exit scam being executed by AlphaBay. At the moment, users can be assured that their funds are safe, as said by the moderators of AlphaBay.

 Google Patches Critical ‘Broadpwn’ Bug in July Security Update

Artenstein, who is scheduled to present his research on the Broadpwn vulnerability at Black Hat USA 2017, said in a preview of his talk the vulnerability, “can be triggered remotely, without user interaction.” He added, the vulnerability “is found in an extraordinarily wide range of mobile devices – from various iPhone models, to HTC, LG, Nexus and practically the full range of Samsung flagship devices.”

 CopyCat Malware Infected 14M Android Devices, Rooted 8M, in 2016

Researchers with Check Point’s Mobile Research Team, who found the malware in March this year, claim CopyCat mostly infected Android users in Southeast Asia, but that upwards to 280,000 U.S. Android users were also infected. According researchers, Asia accounted for 55 percent of CopyCat infections. Africa, at 18 percent, accounted for the second highest number of infected devices.

 U.S. judge allows Twitter lawsuit over surveillance to move forward

A U.S. judge ruled on Thursday that Twitter Inc (TWTR.N) could move forward with a lawsuit that aims to free technology companies to speak more openly about surveillance requests they receive from the U.S. government. The U.S. government had failed to show the kind of “clear and present danger” that could possibly justify restraints Twitter’s constitutional right to talk about surveillance requests, U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, said in a written order.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.