Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 3-29-2021

Nine cyber attack has all the hallmarks of ransomware, without the ransom
The attack hit Nine’s systems in Sydney early on Sunday morning, disrupting live television, as workers arriving and logging in found their machines unresponsive. Independent security researcher Troy Hunt said the details resembled a ransomware attack — where criminals encrypt data to make it inaccessible and then demand money to unlock it — but Nine said there have been no demands.
https://www.smh.com.au/technology/nine-cyber-attack-has-all-the-hallmarks-of-ransomware-without-the-ransom-20210329-p57eum.html
 
Insurance Giant CNA Hit with Novel Ransomware Attack
Sources familiar with the attack have told BleepingComputer that threat actors encrypted more than 15,000 devices on CNA’s network—including those of employees working remotely who were logged onto the company’s VPN at the time—when they deployed the new ransomware on Sunday, according to the report.
https://threatpost.com/cna-hit-novel-ransomware/165044/
 
Policyholders may be the primary target in hack of cyber insurance provider CNA
“The profit that ransomware groups can extort from a target has historically started as an educated guess, modified as the hostile negotiations proceed. Possessing the cyber insurance policy details at the outset allows ransomware groups to maximize their success by setting a price that falls within the bounds of the coverage.”
https://www.scmagazine.com/home/security-news/ransomware/policyholders-may-be-the-primary-target-in-hack-of-cyber-insurance-provider-cna/
 
2020 offered a 'perfect storm' for cybercriminals with ransomware attacks costing the industry $21B
The Comparitech report found that 92 individual ransomware attacks occurred at healthcare organizations, and 600 clinics, hospitals and organizations were affected. In addition, more than 18 million patient records were impacted by these ransomware attacks, a 470% increase from 2019, the report revealed.
https://www.fiercehealthcare.com/tech/ransomware-attacks-cost-healthcare-industry-21b-2020-here-s-how-many-attacks-hit-providers
 
UK was ‘perilously close’ to more dire outcome in 2020 cyberattack on hospital, audit shows
An after-action audit of what was called the most substantial cyberattack in University of Kentucky history found that the university expended nearly $5 million to contain and expel attackers that hobbled university hospital systems for months last year.
https://www.kentucky.com/news/local/education/article250228875.html
 
American Hospital Association selects CI Security as Preferred Provider for Managed Detection & Response
“Closely aligned with the AHA’s mission and vision, CI Security is fully committed to helping the AHA and their members advance health in this country by protecting and defending live-saving, life-sustaining services with our healthcare cybersecurity solutions,” said Garrett Silver, CEO of CI Security.
https://www.businesswire.com/news/home/20210325005298/en/American-Hospital-Association-selects-CI-Security-as-Preferred-Provider-for-Managed-Detection-Response
 
How Cyber Insurance Actually Increased Cyber Risk
“Insurers that don’t effectively measure the risk of their insureds also risk insuring organizations that use cyber insurance as a substitute for improving cybersecurity, and pass the cost of cyber incidents on to the insurer.”
https://www.forbes.com/sites/bobzukis/2021/03/25/has-cyber-insurance-actually-increased-cyber-risk/?sh=1ab0eb2146d8
 
Report: 'Record-Breaking' Cyber Attacks on Schools in 2020
The problem has only intensified due to vulnerabilities found in the American public school system, according to the report, which notes that many districts still lack the IT staff and security protocols needed for modern cybersecurity systems.
https://www.govtech.com/policy/2020-Marks-a-Record-Breaking-Year-for-Cyber-Attacks-Against-Schools.html
 
Multiple cyber threats lurking compromised systems, says Microsoft
"These actions might involve performing follow-on attacks via persistence on Exchange servers they have already compromised, or using credentials and data stolen during these attacks to compromise networks through other entry vectors," the tech giant said in its latest update.
https://www.business-standard.com/article/technology/multiple-cyber-threats-lurking-compromised-systems-says-microsoft-121032800145_1.html
 
LA County Organizations Warned About Cyber Security Threats
The L.A. County Sheriff’s Department Fraud & Cyber Crimes Bureau (FCCB) Thursday announced that it had received reports that the servers of several organizations had been compromised, including those of law enforcement agencies. [...] “Reports showed attackers have established backdoors and/or installed malware on systems once gaining access,” the FCCB wrote.
https://losangeles.cbslocal.com/2021/03/26/la-county-organizations-warned-about-cyber-security-threats/
 
'Time is not on our side' — Biden navigates cyber attacks without a cyber czar
But nearly a dozen current and former officials familiar with the deliberations say that it has been the casualty of classic Washington dramas: executive branch officials wary of legislators meddling in their business and government bureaucrats trying to fend off potential colleagues from encroaching on their perceived portfolios.
https://www.politico.com/news/2021/03/28/white-house-cyber-czar-478242
 
Biden Team Boosts Effort to Shield Power Grid From Cyber Threats
The administration plans to produce a so-called operational technology action plan that will begin with the power industry and expand to other critical sectors such as natural gas distribution, chemical refining and municipal water systems, said one person briefed on the plan.
https://www.bloomberg.com/news/articles/2021-03-28/biden-team-boosts-effort-to-shield-power-grid-from-cyber-threats
 
Opinion: The United States has a major hole in its cyberdefense. Here’s how to fix it. [Subscripton]
The NSA is the only U.S. government organization with the vast capabilities to conduct both cyberdefense and cyberoffense at home and abroad. Civil libertarians and privacy advocates might hope to see creation of a purely domestic organization to defend against attacks launched from within the United States — with appropriate legal safeguards — but that is a fantasy.
https://www.washingtonpost.com/opinions/2021/03/28/united-states-has-major-hole-its-cyberdefense-heres-how-fix-it/
 
Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited
Gen. Paul Nakasone is not eager to embrace new authorities that would allow the National Security Agency to use its surveillance tools within the United States and pushed for other ways to gain the visibility needed to detect hacks like those recently executed by suspected nation-state actors. [...] Nakasone said there is a need for greater visibility into domestic infrastructure but that it could also be achieved through public-private partnerships and is something the administration is working on.
https://www.nextgov.com/cybersecurity/2021/03/director-says-nsas-domestic-surveillance-authority-rightly-limited/172935/
 
Hackers target German lawmakers in an election year
Hackers have attempted to breach the private email accounts of certain German parliamentarians, a spokesperson for the legislative body confirmed Friday, in the latest example of cyber campaigns aimed at German politicians.
https://www.cyberscoop.com/bundestag-germany-hackers-ghostwriter/
 
ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar
“In the same day the U.N. recommended Proton apps, Apple suddenly rejected important updates to our ProtonVPN iOS app,” Yen wrote. “These updates include security enhancements designed to further improve safeguards against account takeover attempts which could compromise privacy,” Yen said.
https://threatpost.com/protonvpn-ceo-blasts-apple-myanmar/165022/
 
Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts
Carding Mafia, a forum for stealing and trading credit cards has been hacked, exposing almost 300,000 user accounts, according to data breach notification service Have I Been Pwned.
https://www.vice.com/en/article/v7m9jx/credit-card-hacking-forum-gets-hacked-exposing-300000-hackers-accounts
 
No, I Did Not Hack Your MS Exchange Server
New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Let’s just get this out of the way right now: It wasn’t me.
https://krebsonsecurity.com/2021/03/no-i-did-not-hack-your-ms-exchange-server/

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


We host NEVER BORING free security awareness training every other Friday.
Register and/or send your colleagues and friends. Let's educate users together! 

Add this Email to Your Address Book





unsubscribe