Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 6-7-2021

US to Treat Ransomware Like Terrorism
The specialized process described by Carlin is typically used in cases of national security. Central notification will now be compulsory for investigations into counter anti-virus services, illicit online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets and online money laundering services.
Why the ransomware crisis suddenly feels so relentless
Ransomware gangs now pay specialist hackers to go “big game hunting” and seek out massive targets that can pay out huge ransoms. The hackers sell the access to the gangs, who then carry out the extortion. Everyone gets paid so handsomely that it’s become increasingly irresistible—especially because the gangs typically suffer no consequences.
Covid-19: Cyberattacks on the Healthcare SystemApart from the physical harm caused by cyber-attacks, though, the psychological impacts are far greater. Patients, doctors and nurses sense an increase in stress and anxiety combined with a constant fear that a cyber-attack will occur again. Hospitals feel powerless due to a lack of control, and patients feel betrayed as their privacy has been breached.
Pandemic allows CIOs to move with new speed, but cyber threats lie in wait
"And although there are many elements to be considered and addressed for information security, one place where the work begins is through ensuring that a robust business associate agreement is in place with particular vendors who offer telehealth systems and services," he said.
Cyber-Insurance Considerations for Healthcare Providers Related to Ransomware Attacks
Some insurers may stop writing policies that reimburse customers for payments made in response to ransomware attacks. (As one example, AXA, one of Europe’s top five insurers, issued a statement on May 6, 2020, indicating that it will no longer underwrite policies in France that reimburse customers for extortion payments made to ransomware criminals.)
The Increasing Credit Relevance of Cybersecurity
Second, while active prevention of cyber events is now becoming the norm, many cyberattacks are being structured in a way that makes them ever more difficult to uncover. Active detection will therefore become a competitive advantage. [...] Companies may suffer indirectly as a result of centralized, perhaps politically motivated attacks such as the SolarWinds and Microsoft Exchange Server episodes[.]
'Critical lifeline': How Steamship Authority ransomware attack affects ticketing all over
“This is a critical lifeline to our islands,” Keating said. “And there’s a lot at stake with any kind of shutdown economically. It would have enormous economic consequences if they had been able to have a more extensive attack. Fortunately, they weren’t able to do that.”
Federal Reserve to Speak at the Next Cyber Fraud Intelligence Series: “Defining the Threat of Synthetic Identity Fraud”
Synthetic identity fraud (SIF) is reported to be one of the fastest-growing types of financial crime in the United States, accounting for billions in losses annually. Moreover, the use of multiple definitions for synthetic identity fraud throughout the industry poses a fundamental problem – inconsistent categorization and reporting, making it difficult to identify and mitigate this type of fraud.
Lawmakers Say U.S. Cyber Ransom Payments Should Be Disclosed
“Not only are the companies often not reporting that they are attacked, but they’re not reporting the ransomware payments,” Warner said on NBC’s “Meet the Press.” It’s “worth having” a debate over whether to make paying ransoms illegal for U.S. companies, said Warner, who’s also co-chair and founder of the Senate Cybersecurity Caucus.
IG: CISA-Run Monitoring Program Has Not Improved DHS’ Cybersecurity Posture
The Continuous Diagnostics and Mitigation program the Cybersecurity and Infrastructure Security Agency is working to implement across the federal government has improved the cybersecurity posture of some agencies but not that of the Department of Homeland Security, according to an inspector general’s report.
Hacked drones and busted logistics are the cyber future of warfare
Any 21st century war will include cyber operations. Weapons and support systems will be successfully attacked. Rifles and pistols won’t work properly. Drones will be hijacked midair. Boats won’t sail, or will be misdirected. Hospitals won’t function. Equipment and supplies will arrive late or not at all.
Centralizing Cyber Ops Necessary as Cyberattacks Escalate
“We need to remove barriers to information-sharing in the government and private sector,” Hartman said. “Industry is often uniquely positioned to see vulnerabilities or breaches first. IT service providers need to share information with the government and even be required to do so in the event of certain breaches.”
Graham: 'It's time for the Russians to pay a price' for cyberattacks
“I don’t think he said and told them to hack into the oil pipeline. I think these people live in Russia with impunity. They’re tied to the Russian intelligence services. They’re an extension of the Russian government. They’re one-off. They’re, to me, cyber terrorists living within Russia, attacking our interests,” Graham said.
White House executive order further restricts investments in Chinese surveillance technology
Building on a Trump administration order, the new directive expands to 59 the list of Chinese companies that Americans are barred from investing in. The order, the White House said, will also give U.S. officials greater leeway in addressing the threat of Chinese surveillance technology that is used to repress religious or ethnic groups inside and outside of China.
The slow trend away from facial recognition technology
It remains to be seen which camp will emerge victorious in this ongoing privacy battle. Given the reluctance of several organisations to get back into privacy related facial recognition issues, it looks like Clearview AI may be the so-called main character of this particular blowout for some time to come.
This is not a drill: VMware vuln with 9.8 severity rating is under attack
A VMware advisory published last week said vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. [...] Another researcher who tweeted about the published exploit told me he was able to modify it to gain remote code execution with a single mouse click.
GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks
To that end, users are refrained from uploading, posting, hosting, or transmitting any content that could be used to deliver malicious executables or abuse GitHub as an attack infrastructure, say, by organizing denial-of-service (DoS) attacks or managing command-and-control (C2) servers.
REvil Ransomware Gang Spill Details on US Attacks
The brief Russian-language interview revealed that the cybercriminal gang had originally focused its efforts on an unspecified Brazil-based entities. According to the REvil source, the gang was trying to stay away from the U.S. and U.S.-based firms.
Hacktivist collective Anonymous takes aim at Elon Musk. Who cares?
The group’s power seems to have waned in recent years. Their peak arguably came during Project Chanology, an effort aimed at delegitimizing and degrading the influence of the Church of Scientology. They attacked websites, published secret information, and even sent a near-naked man covered in pubic hair and vaseline to trash a Church location. Bless you, Agent Pubit.

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of Critical Insight Inc, DBA CI Security.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2021 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

We host NEVER BORING free security awareness training 
 every other Friday.
Register and/or send your colleagues and friends. Let's educate users together! 

Add this Email to Your Address Book