Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-26-2020

Microsoft did some research. Now it's angry about what it found

A fundamental problem, said Brill is the lack of trust in society today. In bold letters, she declared: "The United States has fallen far behind the rest of the world in privacy protection." I can't imagine it's fallen behind Russia, but how poetic if that was true. Still, Brill really isn't happy with our government: "In total, over 130 countries and jurisdictions have enacted privacy laws. Yet, one country has not done so yet: the United States."

https://www.zdnet.com/article/microsoft-did-some-research-now-its-angry-about-what-it-found/

 

Report: Critical Infrastructure Cyber Attacks A Global Crisis

According to Claroty’s findings, 67% of respondents, comprised of security professionals in critical infrastructure sectors, said their IT and OT network have become more interconnected since the pandemic began. More than 75% expect they will become even more so as a result of the changes brought about by coronavirus, leaving only 2% who said their IT and OT were completely disconnected.

https://securityledger.com/2020/10/report-critical-infrastructure-cyber-attacks-a-global-crisis/

 

Rapid Threat Evolution Spurs Crucial Healthcare Cybersecurity Needs

It’s no secret healthcare has remained highly targeted by cybercriminals given its troves of valuable data and the high likelihood of paying ransom demands. [...] “From what we noticed, a very small percentage of the attacks rely on an exploit to penetrate the defenses of the victim,” he added. “From the recent ransomware families, only Sodinokibi had an exploit for Oracle WebLogic embedded, the rest rely on either the cooperation of the end-user or leverage leaked credentials.”

https://healthitsecurity.com/features/rapid-threat-evolution-spurs-crucial-healthcare-cybersecurity-needs

 

Hackers behind life-threatening attack on chemical-maker are sanctioned

The attack drew considerable concern because it’s the first known time hackers have used malware designed to cause death or injury, a prospect that may have actually happened had it not been for a lucky series of events. The hackers—who have been linked to a Moscow-based research lab owned by the Russian government—have also targeted a second facility and been caught scanning US power grids.

https://arstechnica.com/information-technology/2020/10/us-sanctions-russian-hackers-who-hit-chemical-maker-with-dangerous-malware/

 

How Vulnerable Is Critical Infrastructure to a Cyberattack?

Other nations are taking similar steps, and the overall critical infrastructure protection market is set to continue to grow rapidly through 2027. Also this week, Wired Magazine released this article on 12 cyber threats that could wreak havoc on the election. The list includes ransomware, voter data manipulation, DDoS and many more items. Remember that the U.S. Department of Homeland Security (DHS) has declared election equipment and processes as part of critical infrastructure.

https://www.govtech.com/blogs/lohrmann-on-cybersecurity/how-vulnerable-is-critical-infrastructure-to-a-cyberattack.html

 

Cybercrime task force monitoring the global digital financial system

The “Cryptocurrency Enforcement Framework” report is the second of its kind issued by the Attorney General’s Cyber-Digital Task Force, which was established in February 2018. It lays out the DoJ’s policy formulation in a number of critical areas, including cybersecurity, cross-border data transfers and protection, emerging technologies, cryptocurrency and encryption.

https://cointelegraph.com/news/cybercrime-task-force-monitoring-the-global-digital-financial-system

 

Why Cyber Security Is Still So Complex

Our neighborhood is now the entire globe. In response to this new type of cyber criminal, organizations have developed an equally evolved security system. Because of our daily interaction with connected devices, computers, smartphones, and tablets, it’s important that everyone - from the CEO and software developers to suppliers and employees - to be aware. Everyone can play an important part in keeping information safe.

https://www.forbes.com/sites/elenakvochko/2020/10/25/why-cyber-security-is-still-so-complex/#3e387d567ef9

 

Phishing groups are collecting user data, email and banking passwords via fake voter registration forms

Subject lines in this campaign are simple and play on the fear of US citizens that their voter registration request might have failed. Using subject lines like "voter registration application details couldnt be confirmed" and "your county clerk couldnt confirm voter registration," users are lured to web pages posing as government sites and asked to fill a voter registration form again.

https://www.zdnet.com/article/phishing-groups-are-collecting-user-data-email-and-banking-passwords-via-fake-voter-registration-forms/

 

Exclusive: National Guard called in to thwart cyberattack in Louisiana weeks before election

The situation in Louisiana follows a similar case in Washington state, according to a cybersecurity consultant familiar with the matter, where hackers infected some government offices with a type of malware known for deploying ransomware, which locks up systems and demands payment to regain access. [...] Experts investigating the Louisiana incidents found a tool used by the hackers that was previously linked to a group associated with the North Korean government[.]

https://www.reuters.com/article/us-usa-election-cyber-louisiana-exclusiv-idUSKBN27823F

 

Georgia Election Data Hit in Ransomware Attack

Ransomware gangs have officially entered the 2020 election fray, with reports of one of the first breaches of the voting season, on Hall County, Ga. The county’s database of voter signatures was impacted in the attack along with other government systems. Although the county said the voting process hasn’t been impacted by the ransomware attack, the incident is a warning to other municipalities to lock down their systems, particularly in these last days leading up to the election.

https://threatpost.com/georgia-election-data-ransomware/160499/

 

National security adviser: Hackers 'can't change votes'

O’Brien’s comments on CBS’ “Face the Nation” come after federal officials said on Thursday the Russian government was behind a series of attacks "against a wide variety of U.S. targets” including “dozens” of state and local governments. But federal agencies also said they saw no indication that the hacking team had “intentionally disrupted any aviation, education, elections, or government operations.”

https://www.politico.com/news/2020/10/25/obrien-hackers-votes-november-election-432268

 

Russians Who Pose Election Threat Have Hacked Nuclear Plants and Power Grid

September’s intrusions marked the first time that researchers caught the group, a unit of Russia’s Federal Security Service, or F.S.B., targeting states and counties. The timing of the attacks so close to the election and the potential for disruption set off concern inside private security firms, law enforcement and intelligence agencies.

https://www.nytimes.com/2020/10/23/us/politics/energetic-bear-russian-hackers.html

 

Britain strikes back! UK launched SECRET cyber-attacks on Russia says ex-security chief

Lord Sedwill was asked why Britain’s offensive cyber capabilities have yet to be used against Russia. He replied: “The fact you don’t see that we use it doesn’t mean that we don’t. “Russia is operating in what the aficionados call grey space, that gap between normal state relations and armed conflict, with cyberattacks, information warfare and disruption campaigns.

https://www.express.co.uk/news/uk/1351968/WW3-news-Britain-cyber-attacks-Putin-Russia-Lord-Sedwill-Salisbury-GCHQ-ont

 

The weirdly specific filters campaigns are using to micro-target you

When campaigns upload lists of specific users, however, it’s much less clear how they have identified whom to target and where the profile names came from. Campaigns often purchase lists of profile names from third parties or create the lists themselves, but how a campaign matched a voter to a Facebook profile is excruciatingly hard to track.

https://www.technologyreview.com/2020/10/23/1011119/the-weirdly-specific-filters-campaigns-are-using-to-micro-target-you/

 

CBP Refuses to Tell Congress How it is Tracking Americans Without a Warrant

"CBP officials confirmed to Senate staff that the agency is using Venntel’s location database to search for information collected from phones in the United States without any kind of court order," the letter signed by Wyden and Warren, and addressed to the DHS OIG, reads. "CBP outrageously asserted that its legal analysis is privileged and therefore does not have to be shared with Congress. We disagree."

https://www.vice.com/en/article/n7vwex/cbp-dhs-venntel-location-data-no-warrant

 

Why companies should reject ‘adjunct surveillance’ and any unethical user data collection

Because of recent government-mandated regulations and increased public awareness, companies have resorted to more nuanced, surreptitious methods of acquiring customer data. In some cases, surveillance companies place trackers on company websites to acquire the company’s user data—all without permission from the users. In addition to the use of tracking codes from third parties, some enterprises have opted to collect customer data via social media share buttons. In essence, these share buttons function like digital Trojan horses.

https://www.scmagazine.com/perspectives/why-companies-should-reject-adjunct-surveillance-for-collecting-user-data/

 

The Now-Defunct Firms Behind 8chan, QAnon

Both the Nevada-based web hosting company owned by 8chan’s current figurehead and the California firm that provides its sole connection to the Internet are defunct businesses in the eyes of their respective state regulators. In practical terms, what this means is that the legal contracts which granted these companies temporary control over large swaths of Internet address space are now null and void, and American Internet regulators would be well within their rights to cancel those contracts and reclaim the space.

https://krebsonsecurity.com/2020/10/the-now-defunct-firms-behind-8chan-qanon/

 

Cybercriminals Could be Coming After Your Coffee

You know that cup of coffee that's pretty much the only thing that can get you out of bed most mornings? Well, some eye-opening ransomware research came out with the announcement of a proof-of-concept ransomware attack on a coffee maker. Losing access to critical data is one thing. Losing access to coffee is, as Vizzini said in "Princess Bride," "Inconceivable!"

https://www.darkreading.com/theedge/cybercriminals-could-be-coming-after-your-coffee/b/d-id/1339263

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe