Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-5-2020

COVID-19 and Cybersecurity Staffing Shortages

It turns out that companies experience a lack of professionals during the pandemic in other fields as well. An April, a survey by (ISC)2 shows that 81% of respondents had their job functions changed in some capacity. Some of them were required to assist employees with other IT-related problems, like installing new programs and updates, deleting unused ones, data backup, etc., leaving the cybersecurity element of their job description on the side.


Clinical Trials Hit by Ransomware Attack on Health Tech Firm

Among those hit were IQVIA, the contract research organization helping manage AstraZeneca’s Covid vaccine trial, and Bristol Myers Squibb, the drugmaker leading a consortium of companies to develop a quick test for the virus. ERT has not said how many clinical trials were affected, but its software is used in drug trials across Europe, Asia and North America.


Someone died because of ransomware: Time to give hospitals emergency security care

The U.S. government should consider imposing sanctions on governments that don’t enforce international computer crime laws. While many ransomware gangs act with impunity within their own country — and some even operate on behalf of their government — others are left alone out of convenience and lack of resources. [...] But now that it’s clear that ransomware attacks can lead to patient deaths, U.S. officials should pressure foreign governments to enforce laws just like they do in other circumstances when U.S. lives are lost.


Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

In its advisory (PDF), the Treasury’s Office of Foreign Assets Control (OFAC) said “companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”


'It's not a good week for healthcare': Health system IT execs react to recent ransomware attacks

"There’s been an unfortunate increase in cyberattacks on healthcare organizations, and I don’t anticipate this trend changing anytime soon," said Jesus Delgado, vice president and CIO of Community Healthcare System in Munster, Ind. "Therefore, the investment on cyber security technologies needs to continue to be carefully considered and properly communicated to executive leadership.


CMA-CGM Struggles To Restore Systems After Cyber Attack

Given CMA CGM’s ownership of ANL and its importance in the country’s container trades, the IT outage has heaped more misery on shippers and forwarders trying to clear a substantial cargo backlog created by the recent industrial action in Sydney’s container terminals, he said. [...] Many in the industry have been quick to compare CMA CGM’s response to cyber-attack with that of Maersk’s to the 2017 NotPetya cyber-attack.


FBI: 41% of Financial Sector Cyber Attacks Come from Credential Stuffing

“When customers and employees use the same email and password combinations across multiple online accounts, cyber criminals can exploit the opportunity to use stolen credentials to attempt logins across various sites,” the bureau says. Citing a 2020 survey conducted by a data analytics firm, the FBI notes that nearly 60 percent of respondents reported using one or more passwords across multiple accounts.


3 Months for the Cybercrime Books

"The intent behind these efforts is for the US to showcase their very powerful capability to identify the actual human being behind the keyboard, and not just attributing an attack to a certain nation-state," Berglas says. But in order for these charges and announcements to serve as significant deterrents, it is imperative the US supports these indictments with whatever political or economic sanctions or penalties are deemed appropriate, he adds.


Reducing Cyber-risks in As-a-Service IT Agreements

State and local governments, however, lag behind. While they are increasingly taking cues from federal agencies on supply chain risk awareness, the resources to act on that awareness are slim. Indeed, for smaller public agencies whose IT departments frequently find themselves deficient in funding and manpower, the idea of comprehensive supply chain audits is about as realistic as municipally funded moon landings.


Hacking Voting Systems to Be a Federal Crime in US

The Defending the Integrity of Voting Systems Act was unanimously approved by the House of Representatives last week after gaining a green light from the Senate last year. The legislation will make hacking federal voting infrastructure a crime under the Computer Fraud and Abuse Act.


US preps for ‘Irregular Warfare’ with China, Russia

The National Defense Strategy pivots the Pentagon to focus on potential conflict with those countries and other advanced militaries instead of lower-tech militants in the Middle East and Africa, according to a report by Rachel S. Cohen at Air Force Magazine. “Irregular warfare” isn’t just for special operations forces.


Insurance Coverage for Biometric Privacy Claims [Registration]

Several states, including Illinois, Texas, Arkansas, and Washington, have enacted privacy laws governing various types of biometric information, such as fingerprint, retina, and facial scans. The risks associated with the inadvertent disclosure and misuse of this type of information can be significant. Unlike other types of protected information such as user names, credit card numbers, and passwords, biometric information cannot be cancelled or replaced.


New ransomware vaccine kills programs wiping Windows shadow volumes

Raccine works by registering the raccine.exe executable as a debugger for vssadmin.exe using the Image File Execution Options Windows registry key. Once raccine.exe is registered as a debugger, every time vssadmin.exe is executed, it will also launch Raccine, which will check to see if vssadmin is trying to delete shadow copies. If it detects a process is using 'vssadmin delete,' it will automatically terminate the process, which is usually done before ransomware begins encrypting files on a computer.


Pandemic Leads to Increase in Human-Like Attacks

Some human characteristics that are often emulated are typing rate, the speed between page interactions, the emulation of mouse movement, page scrolling and browser identifiers, he added. The human-looking attacks can also do things such as solve CAPTCHA and get by security layers designed to tell a human from a bot. “For organizations that lack sophisticated controls for automation, human emulation can create havoc for fraud and security evaluation controls, allowing for high-risk interactions to occur uninterrupted,” said Capps.


Satellite boom expands network capabilities, but brings new security considerations

As more vendors enter the field and more businesses find uses, said Beek, it will become increasingly important for chief information security officers to have detailed conversations with satellite makers about patching protocols and ground stations on cloud security measures. And businesses have seen with bucket leakages and ICS security, it’s an issue that requires some hands-on protection posture, even if a satellite is many, many arms lengths away.


Hacker Uploads Own Fingerprints To Crime Scene In Dumbest Cyber Attack Ever

The luxury goods business had installed ten fingerprint scanners so as to restrict access to warehouses in an effort to reduce risk. "Unbeknown to them," Heinemeyer continues, "an attacker began exploiting vulnerabilities in one of the scanners. In perhaps the weirdest hacker move yet, they started deleting authorized fingerprints and uploading their own in the hope of gaining physical access."

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book