IT Security News Blast – 7-29-2021
IBM: Average Cost of Data Breach Exceeds $4.2 Million
The average cost of a data breach increased by nearly 10% compared to the previous year, from $3.86 million to $4.24 million, but IBM noted that “costs were significantly lower for some of organizations with a more mature security posture, and higher for organizations that lagged in areas such as security AI and automation, zero trust and cloud security.”
Critical pipelines have reported more than 220 cyber incidents since May TSA directive
Companies have been reporting incidents since day one of the agency's May 28 security directive aimed at critical pipelines, Pekoske told CNN in an interview. Reporting of cybersecurity incidents has ramped up since the directive, according to Pekoske, who said the reports will help TSA understand the risks facing the industry. Prior to the directive, reporting was voluntary.
HOW BLOCKCHAIN CAN ENSURE PATIENT PRIVACY IN DIGITAL HEALTHCARE ECOSYSTEMS
By not offering cybercriminals a fixed target to attack, blockchain empowers data security companies to build elaborate data tools for organizational networks and databases. Additionally, blockchain ensures that data stored within it cannot be replicated or recreated without the consent of its owners.
New Report Reveals 76% of Healthcare Systems Failed in Securing Their Supply Chains
“It is the responsibility now – of stakeholders, C-suite, IT managers, and anyone involved in protecting our healthcare system – to ensure that patient care remains resilient even in an environment with growing cyberattacks. The report demonstrates there is work to be done, but there are also immediate opportunities to shore up risk management practices.”
Cyber Claim Frequency Growing; Smaller Organizations Targeted
The share of policyholders who filed a cyberattack claim jumped by 50% from the first half of 2000 compared to the first half of 2001, according to a new report by cyber insurer Coalition. An increasing number of attacks were made against smaller organizations, while both the amount of ransom demanded and the amount stolen through fund transfer fraud more than doubled, the company said.
South Africa Port Operator Declares Force Majeure Over Cyber Attack
“Transnet, including Transnet Port Terminals, experienced an act of cyberattack, security intrusion and sabotage,” it said. “Investigators are currently determining the exact source of the cause of compromise and extent of the ICT data security breach or sabotage.” [...] Force majeure is an unanticipated or uncontrollable event that releases a company from fulfilling contractual obligations.
Cyber insurance rates fail to match catastrophe risk-Chubb CEO
"The pricing environment is pretty good," Greenberg said on a conference call. "But ... that is not addressing by itself the fundamental issue.... Like pandemic, cyber has a catastrophe profile to it." [...] Chubb's underwriting activities are also exposed to systemic risks arising from cyber threats, Greenberg said, adding that the company is beginning to address it.
NYDFS Issues Ransomware Guidance Aimed At Combatting Rising Cyber Threats
[Covered] entities are required to report cybersecurity events to the superintendent no later than 72 hours after the covered entity determines that either (1) the cybersecurity event will require notice “to be provided to any government body, self-regulatory agency or any other supervisory body,” or (2) the cybersecurity event has a “reasonable likelihood of materially harming any material part of the normal operation(s) of the covered entity.”
What Will It Take to Defend Drinking Water from Cyber Attacks?
Water agencies, especially smaller ones, largely need more support in training personnel, getting the latest cybersecurity information and adopting best practices, speakers said. Federal funding and promotion efforts could boost many of these areas, helping agencies learn about and implement cybersecurity practices and join existing support organizations.
Shifting the Cyber Mindset from ‘Assume Breach’ to ‘Breach Prevention’ Is Critical in Next Three Years, Say 91 Percent of Government Cyber Leaders
The study – which surveyed more than 300 cybersecurity leaders across Federal, state, and local government – found that 83 percent of public sector organizations operate on an ‘assume breach’ model today. Seventy percent estimate their high-value assets (HVAs) have been compromised in the past 12 months, and fifty percent believe there will be a cyber 9/11 in the next 10 years.
Biden pushes for stronger cybersecurity in critical infrastructure, wants companies to do more
The order also establishes an industrial control system cybersecurity initiative, which the official described as a “voluntary, collaborative effort between the federal government and the critical infrastructure community to facilitate the deployment of technology and systems that provide threat visibility, indicators, detections and warning.”
House panel concerned over DoD’s approach to the information environment
“We really do need someone in charge. We need to identify an office and put a policy person in charge like a deputy assistant secretary to be responsible for the strategy implementation. We don’t have that right now,” Langevin said in May.
Israeli government raids NSO Group offices
The raids have taken place after a consortium of international journalists revealed earlier this month that NSO Group had sold access to its software —the Pegasus platform— to oppressive governments across the world, which abused it to spy on journalists, human rights activists, and political rivals.
How Will New Data Privacy Laws Affect Convenience Stores?
Convenience store retailers need to monitor state and federal laws to understand how these measures will affect their businesses and how they collect, use and store consumer data. California has already passed strict privacy measures that could cost companies hundreds of dollars per incident of misuse.
Praying Mantis Threat Group Targeting US Firms in Sophisticated Attacks
The attacks have been going on since at least last June and appear to be a cyber-espionage operation for a state-backed entity. "While the full scope of activity is unknown to Sygnia, the level of sophistication and highly persistent nature of the threat actor suggests the existence of a large operation[.]"
BlackMatter & Haron: Evil Ransomware Newborns or Rebirths
The first new group to appear this month was Haron, and the second is named BlackMatter. As Ars Technica‘s Dan Goodin points out, there may be more still out there. They’re both claiming to be focused on targets with deep pockets that can pay ransoms in the millions of dollars. They’re also virtue-signaling a la DarkSide, with similar language about sparing hospitals, critical infrastructure, nonprofits, etc.
Here’s what that Google Drive “security update” message means
The "get link" option works the same way as unlisted YouTube videos—it's not really private but, theoretically, not quite public, either, since the link needs to be publicized somewhere. The secret sharing links are really just security through obscurity, and it turns out the links are actually guessable.
Former eBay Employee Sentenced for Role in Aggressive Cyberstalking Campaign
It is alleged that in August 2019, the defendants executed a three-part harassment campaign against the Natick couple. Among other things, several of the defendants ordered anonymous and disturbing deliveries to the victims’ home, including a preserved fetal pig, a bloody pig Halloween mask and a book on surviving the loss of a spouse.