Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 10-28-2020

DOD, FBI, DHS warn of active North Korean government-linked hacking operation

The joint alert comes in a long string of reports the U.S. government has released publicly on North Korean government hacking in an effort to throw North Korean hackers off course and neutralize their operations’ effectiveness. As the thinking goes, when the private sector protects against these hacking operations, the attackers may get distracted from their operations as they retool, officials say.

https://www.cyberscoop.com/north-korean-hacking-kimsuky-cyber-command-cisa-dhs-fbi/

 

Cyber attack targeted absentee ballot applications in Chenango County

The Board of Elections in Chenango County was hit with a cyber attack targeting absentee ballot applications. The state’s Board of Elections says voting in the county will not be compromised. There was initial concern that some emailed absentee ballot applications would be lost. The county released a statement asking anyone who requested an application by e-mail to call the Board of Elections to verify it was received. The cyber attack encrypted about 200 county computers and demanded ransom of $450 each to unlock the files.

https://whcuradio.com/news/025520-cyber-attack-targeted-absentee-ballot-applications-in-chenango-county/

 

Cyber attack on WI's unemployment system exposes banking information

The Department of Workforce Development says Wisconsin was one of several states to detect "unauthorized intrusions of state UI data originating from Japan, South Korea, Russia, and inside the U.S." A spokesperson says the department believes the cyber attack or attacks were able to access 116 active unemployment accounts. Fischer said investigators told her what happened is called "credential stuffing."

https://www.fox6now.com/news/cyber-attack-on-wis-unemployment-system-exposes-banking-information

 

10 big ideas in health IT

We will see growth in data analytics, bioinformatics and in particular roles that will deepen our expertise in the visualization of complex information," he said. "Cyber will continue to be an area of growth as we expand our efforts in the face of growing threats. And last but not least, we will see growth in our investment in digital consumer talent as we move faster to expand our patient facing offerings."

https://www.beckershospitalreview.com/healthcare-information-technology/10-big-ideas-in-health-it.html

 

Security Incident Drives Sonoma Valley Hospital to EHR Downtime

The incident joins a host of similar EHR downtime procedures in recent weeks, caused by various IT disruptions, security incidents, and ransomware attacks, including security events at Universal Health Services, Dickinson County Healthcare System in Michigan, and at least three other covered entities.

https://healthitsecurity.com/news/security-incident-drives-sonoma-valley-hospital-to-ehr-downtime

 

Hospital CISOs to meet, prep for 'long war' against cyberattacks

Cyberattacks against hospitals and healthcare organizations have accelerated in the last few months, and experts are warning this trend is likely to continue, according to a report in The Hill. [...] The founder of IT-focused investment firm C5 Capital André Pienaar said his organization is bringing together chief information security officers of large and small hospitals for closed-door meetings to promote cooperation and increased defense against cyberattacks.

https://www.beckershospitalreview.com/cybersecurity/hospital-cisos-to-meet-prep-for-long-war-against-cyberattacks.html

 

How Disaster Recovery Planning Can Help Avoid Government Sanctions

While you can’t predict when a cyberattack might strike, you can have a plan in place for when one inevitably does. Building a disaster recovery plan that tiers your data in order of importance, establishes a crisis team and creates a smooth path to data recovery can help you avoid potential fallout from paying a ransom – eliminating the question over whether you should altogether.

https://www.cpomagazine.com/cyber-security/how-disaster-recovery-planning-can-help-avoid-government-sanctions/

 

When BYOD Also Means Bring-Your-Own-Cyber Risk

In addition to potentially having greater access to non-corporate devices to infiltrate company networks, attackers are also exploiting some shifting behaviors that result from a remote work setting. For instance, many professionals' devices are always on and always connected, Mancini said. Sending confidential information to personal printers or local storage is another trend causing security headaches.

https://www.pymnts.com/news/b2b-payments/2020/eclypsium-byod-remote-work-cyber-risk/

 

70% of Financial Organizations Are Concerned About Insider Data Theft During Remote Work

Despite this increased concern about malicious activity, the most commonly reported incidents involved human errors: 48% of respondents had users fall for phishing attacks in the first few months of the pandemic, 31% suffered improper data sharing, and 28% experienced incidents caused by admin mistakes.

https://www.prnewswire.com/news-releases/70-of-financial-organizations-are-concerned-about-insider-data-theft-during-remote-work-301160576.html

 

Report Shows How Auditors Can Enhance Trust in Company-Prepared Cybersecurity Disclosures

“As the scale and complexity of cybersecurity challenges has grown exponentially in recent years, investors and other stakeholders may find information beyond the disclosures required by the Securities and Exchange Commission helpful for decision making. In their public interest role, auditors could bring additional discipline to voluntary cybersecurity disclosures and company cybersecurity risk management programs, enhancing stakeholders’ trust and confidence in such information.”

https://www.cpapracticeadvisor.com/accounting-audit/news/21160160/report-shows-how-auditors-can-enhance-trust-in-companyprepared-cybersecurity-disclosures

 

The US must not lose the cyberwar with Russia

·       First, it must fully acknowledge that this cyberwar is no less dangerous than the Cold War.

·       Second, it must mobilize its technological might – including help from the internet private industry – to stop the Russian offensive.

·       Third, the U.S. must mount a counterattack against Russia’s cyberwar infrastructure.

·       Fourth, the U.S. must retaliate and interfere with the functioning of Russia’s society and its foreign policy — eye for an eye, byte for a byte.

https://thehill.com/opinion/cybersecurity/523019-the-us-must-not-lose-the-cyberwar-with-russia

 

We’re Disinformation Researchers. Here’s All the Election Day Chaos We’re Expecting.

Much of the misinformation that will circulate on Nov. 3 will be based on very real and legitimate concerns by Americans about attempts to undermine the election and prevent people from casting their ballots. We have all seen the turmoil within the U.S. Postal Service, President Donald Trump ’s unfounded claims of a rigged election, and calls for a civil war by social media users identifying as members of the far-right and far-left.

https://www.barrons.com/articles/were-disinformation-researchers-heres-all-the-election-day-chaos-were-expecting-51603827496

 

Microsoft: Trickbot ransomware targeted Virginia computers. State says it's ready to confront Russian cyber threat

“Let’s say, if you’re a state or local municipality, or somewhere in the U.S. involved with elections,” began Mark Arena, CEO of cyber crime intelligence company Intel 471. “Your compromised computer access could be sold to Russian security services.” “Trickbot hackers are already selling accesses to cyber criminals, they’re selling access to nation states,” Arena said. “It’s not a far jump to say they’re probably going to give it to the Russian security service or Russian government, if they asked, which they probably are.”

https://www.wusa9.com/article/news/politics/elections/microsoft-trickbot-ransomware-targeted-virginia-computers-state-says-its-ready-to-confront-russian-cyber-threat/65-36c52025-c61a-44d2-b08d-47f00a3464e0

 

Pai’s FCC squeezes in one more vote against net neutrality before election

FCC Democrats Jessica Rosenworcel and Geoffrey Starks dissented today, saying the FCC majority didn't provide a good enough justification for sticking with the repeal as is. Rosenworcel called the order "a set of three cobbled-together arguments designed to tell the court to go away, the public that we are not interested in their opinion, and history that we lack the humility to admit our mistake."

https://arstechnica.com/tech-policy/2020/10/pais-fcc-squeezes-in-one-more-vote-against-net-neutrality-before-election/

 

What Tech Companies Need to Know About the SAFE DATA Act

Several signs support the trend that U.S. lawmakers are in favor of enacting a federal privacy law. The GDPR passed in 2018, and the CCPA came into enforcement on July 1, 2020. Senator Maria Cantwell (D-WA) put forth a federal privacy bill last year. Several GOP senators collaborated on the Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA Act) in September of 2020.

https://securityboulevard.com/2020/10/what-tech-companies-need-to-know-about-the-safe-data-act/

 

Nokia: Cyber attacks on internet-connected devices on the rise

The report found that Internet-connected, or IoT, devices now make up roughly 33% of infected devices, up from about 16% in 2019. [...] In networks where devices are routinely assigned public facing internet IP addresses, a high infection rate is seen. In networks where carrier-grade Network Address Translation is used, the infection rate is considerably reduced because the vulnerable devices are not visible to network scanning.

https://securitybrief.co.nz/story/nokia-cyber-attacks-on-internet-connected-devices-on-the-rise

 

Employees Aware of Emailed Threats Open Suspicious Messages

Nearly all (96% of) employees surveyed claim to be aware that malicious links in their email, social media feeds, and websites they browse could potentially infect their devices. Nearly two-thirds (64%) report receiving cybersecurity awareness training specifically related to working remotely during the COVID-19 pandemic. Despite this, nearly half (45%) admit to opening emails they consider to be suspicious, and the same percentage admit they don't report suspicious emails to their IT or security teams.

https://www.darkreading.com/attacks-breaches/employees-aware-of-emailed-threats-open-suspicious-messages/d/d-id/1339288

 

Researchers: LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

Link previews in popular chat apps on iOS and Android are a firehose of security and privacy issues, researchers have found. At risk are Facebook Messenger, LINE, Slack, Twitter Direct Messages, Zoom and many others. In the case of Instagram and LinkedIn, it’s even possible to execute remote code on the companies’ servers through the feature, according to an analysis.

https://threatpost.com/linkedin-instagram-preview-link-rce-security/160600/

 

Brit accused of spying on 772 people via webcam CCTV software tells court he'd end his life if extradited to US

Taylor told District Judge Michael Fanning that both he and his wife would kill themselves if he was forcibly removed to the US. "I'm just not coping at all," he said. "I'm having bad thoughts about ending my life. I'm so sorry for what I've done. I would never come back or I would come back in a coffin, I know I would and I know my wife wouldn't be here to stand it, I know she would end her life too, I know she would. I'm so sorry."

https://www.theregister.com/2020/10/27/christopher_taylor_extradition_hearing/

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe