IT Security News Blast – 7-26-2021
Kaseya Gets Tool to Unlock Data After Ransomware Attack
Decryptors don’t necessarily restore companies’ data as fast or comprehensively as victims would like, cyber experts say. But the Kaseya tool could help other companies that have been affected by REvil attacks, said Mike Hamilton, chief information security officer at Critical Insight Inc., a firm that is working with the gang’s victims. “If the key is indeed universal,” he said Thursday, “we’d sure like a copy.”
How Taiwan is trying to defend against a cyber 'World War III'
"Based on the attackers' actions and methodology, we have a rather high degree of confidence that many attacks originated from our neighbor," he told CNN Business, referring to mainland China. "The operation of our government highly relies on the internet," Chien said. "Our critical infrastructure, such as gas, water and electricity are highly digitized, so we can easily fall victim if our network security is not robust enough."
Renewed Focus on Cybersecurity May Have Significant Impacts on Previously Shielded Healthcare Companies
Companies that wish to contract with the federal government to provide critical software in the healthcare space should be proactively drafting policies and redesigning business as usual to meet the high-level expectations that the Biden administration has outlined around encryption, software development practices, ongoing monitoring requirements, multi-factor authentication, disclosure of open source, and forced disclosure of vulnerabilities and breaches.
FITCH: 'RELENTLESS' CYBER ATTACKS PRESSURING NONPROFIT HOSPITAL OPERATIONS
Continuous threats from ongoing cyber attacks will place "material revenue and expense pressures" on nonprofit hospitals, according to a Fitch Ratings report released Thursday afternoon. Fitch stated that the healthcare sector remains a "target-rich environment" due to a large amount of sensitive data related to patient care and operations.
House passes several new bipartisan cybersecurity bills
The legislation comes amidst the latest numbers from the Office of Civil Rights about healthcare breach reports. Although the bills would go beyond healthcare, the medical industry has been particularly vulnerable to ransomware attacks and other hacking incidents. According to HIPAA Journal, June saw an above-average 11% increase in reported breaches from the previous month.
Hacking Wall Street
Unlike the detailed simulations that help prepare first responders and soldiers for hurricanes, forest fires and wars, “we do not simulate the scale of destruction, and we never simulate duration” with cyberattacks, Mr. Rattray said. “What we don’t know is how bad it would get and how fast.”
Shortcomings With Financial Market Infrastructure Companies’ Business Continuity And Cybersecurity Plans Need To Be Resolved
Given that the principles were published nine years ago, I am concerned by the IMSG’s report this week, that if there were wide-scale or major disruptions at financial market infrastructures such as securities and derivatives clearing companies, many would struggle with timely recovery of operations and fulfilment of their obligations.
Financial Watchdog Says Home-Based Work Fuels Cyberattacks
Most internet systems were not prepared to deal with widespread remote working “and the exploitation of such a situation by cyber threat actors,” the FSB said. The report examines some lessons that were learned from the effects of the pandemic on financial businesses.
Government Calls On Pipeline Companies To Step Up Defenses Against Cyber Attacks
On July 20, the Transportation Security Administration issued a security directive calling on the owners of about 100 pipelines, designated to be the most critical to the U.S. economy, “to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems,” according to a TSA statement.
Senate NDAA pushes for more domestic production, increased cyber authorities
The SASC's 2022 National Defense Authorization Act authorizes $25 billion more than was requested by the Biden administration's $715 billion proposal for fiscal year 2022. Some of the plus-up targets cybersecurity efforts and unfunded requirements for combatant commands.
Cyber attack disrupts major South African port operations
Transnet, which operates major South African ports, including Durban and Cape Town, and a huge railway network that transports minerals and other commodities for export, confirmed its IT applications were experiencing disruptions and it was identifying the cause.
Opinion: Russia and China’s hypocritical attempt to control cyberspace
In the annals of diplomatic hypocrisy, this new accord is a stunner, even by Russian and Chinese standards. It promotes a new Russian plan for international governance of the global Internet, even as it stresses the right of Russia, China and other authoritarian states “to regulate the national segment of the Internet” to edit and censor what their people can see.
Russia disconnected itself from the rest of the internet, a test of its new defense from cyber warfare, report says
RBC Daily says it obtained documents and spoke to sources who told them that the tests were conducted from June 15 to July 15 — and worked. One source told the outlet that the tests included Russian physically disconnecting its networks from the worldwide internet. Reuters says it's unclear how long the disconnection lasted or whether it was noticeable to Russian residents.
China's new software policy weaponizes cybersecurity research
For China, it is the most widespread application of military-civil fusion in the cyber domain to date. The strategy that previously permitted behavior like working closely with its private sector firms and universities is expanding beyond its borders. The policy weaponizes a process that previously served to make the internet safer. It is an attack on global cybersecurity and is an irresponsible grab for software vulnerabilities.
Scale of secretive cyber surveillance ‘an international human rights crisis’ in which NSO Group is complicit
“NSO Group is just one company. This is a dangerous industry that has operated on the edges of legality for too long, and this cannot be allowed to continue. Now, we urgently need greater regulation over the cyber surveillance industry, accountability for human rights violations and abuses, and greater oversight over this shadowy industry.”
An explosive spyware report shows limits of iOS, Android security
The surveillance tools these companies provide frequently target iOS and Android, which have seemingly been unable to keep up with the threat. But a new report suggests the scale of the problem is far greater than feared—and has placed added pressure on mobile tech makers, particularly Apple, from security researchers seeking remedies.
Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software
FIN7’s Liquor Lure Compromises Law Firm with Backdoor
Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoader remote-access trojan (RAT), researchers said.