Copy
CI Security

IT Security News Blast – 2-14-2020

$400 Million for State and Local Governments to Secure Their Networks
Rep. John Katko (R-NY), Rep. Michael McCaul (R-TX) and Rep. Mike Rogers (R-AL) introduced the State and Local Cybersecurity Improvement Act (H.R. 5823) that:

  • Establishes a $400 million DHS grant program that incentivizes States to increase their own cybersecurity funding.
  • Requires DHS’s Cybersecurity and Infrastructure Security Agency (CISA) develop a strategy to improve the cybersecurity of State, local, tribal, and territorial governments.
  • Requires State, local, tribal, and territorial governments develop comprehensive Cybersecurity Plans to guide use of grant dollars.
  • Establishes a State and Local Cybersecurity Resiliency Committee so State, local, tribal, and territorial governments can advise CISA on their cybersecurity needs.
https://www.securitymagazine.com/articles/91725-400-million-for-state-and-local-governments-to-secure-their-networks
 
Senate GOP blocks election security bills as intel report warns of Russian meddling in 2020
The SAFE Act and the Stopping Harmful Interference in Elections for a Lasting Democracy (SHIELD) Act, which requires offers of foreign assistance to be reported to the FBI, were passed by the House last year but have been repeatedly rejected by Republicans. Senate Republicans also rejected the Defending Elections from Threats by Establishing Redlines (DETER Act), sponsored by Sen. Marco Rubio, R-Fla., and Sen. Chris Van Hollen, D-Md., despite bipartisan support. The bill would have imposed sanctions on Russia if U.S. intelligence agencies determined that Russia interfered in a federal election.
https://www.salon.com/2020/02/13/senate-gop-blocks-election-security-bills-as-intel-report-warns-of-russian-meddling-in-2020/
 
Malware Attack Hits Boston Children’s Hospital Physician Group
The security incident was first discovered on Monday, February 10. PPOC’s IT team worked quickly to contain the attack and ensure it did not spread to other systems. Currently, the impacted systems have been quarantined. Some PPOC offices are encouraging patients to postpone scheduled checkups for February 12. Children with mild symptoms should wait before coming into the office, officials said. PPOC is still investigating whether any patient data was exposed during the attack.
https://healthitsecurity.com/news/malware-attack-hits-boston-childrens-hospital-physician-group
 
 
Cybersecurity Jobs Going Begging As College Computer Science Grads Lack Skills/Experience Says House Leader
“The cybersecurity field as a whole lacks diversity, even more so than many other STEM fields. The math is simple: Last year, women accounted for only 20 percent of the global cybersecurity workforce,” she noted. Aggrieved women of color in cybersecurity jobs make on average $10,000 less than their male counterparts, Congressman Stevens contended: “We cannot address our current and future cybersecurity workforce needs without recruiting and retaining more women and minorities into the field.”
https://www.forbes.com/sites/tedknutson/2020/02/11/cybersecurity-jobs-going-begging-as-college-computer-science-grads-lack-skillsexperience-says-house-leader/#36f9bc341df1
 
WEBINAR: Cybersecurity for utilities: 2020 and beyond
  • How do utilities across the power, water and gas sectors come to grips with the reality of cyber threats?
  • How do you get C-Level and Board backing?
  • What is the risk profile for utilities around the globe and are some more at risk than others?
  • What are other utilities doing to protect themselves?
  • Where do you go for assistance or inspiration?
  • Is enough being done or is the threat completely blown out of proportion?
  • Should you get someone to hack you to test your defences?
https://www.smart-energy.com/industry-sectors/cybersecurity/webinar-cybersecurity-for-utilities-2020-and-beyond/
 
Cyber Security Lessons For Financial Firms
The report found that since the previous year’s report, the number of financial services firms at high risk of attack had increased by more than two fifths (41%), the only sector to have suffered an increase in risk. [...] One of the most common risks faced by large businesses is through its supply chain. In the financial services industry, where there is constant interaction between numerous third parties and their affiliated platforms, this risk is multiplied.
https://www.globalbankingandfinance.com/cyber-security-lessons-for-financial-firms/
 
The FBI Issues A Powerful $3.5 Billion Cybercrime Warning
The Federal Bureau of Investigation (FBI) has released the Internet Crime Complaint Center (IC3) "2019 Internet Crime Report." For everyone but those engaged in cybercrime, it makes for very difficult reading. Across that one year, the number of cybercrime complaints from both individuals and business organizations reached a staggering 467,361. The total cost of those reported crimes was even more mind-boggling: in excess of $3.5 billion (£2.7 billion.)
https://www.forbes.com/sites/daveywinder/2020/02/13/the-fbi-issues-a-powerful-35-billion-cybercrime-warning/#7c95eaf4187f
 
Why more research is needed to craft good cyber policy
The study surveyed participants from the United States, Russia and Israel, proposed different scenarios to understand baseline escalation risks and examined differences of how others in the international community approach cyber operations. The conventional wisdom in the cyber world has been that cyber operations can escalate situations unnecessarily, more so than physical or kinetic responses. But many academics now disagree.
https://www.fifthdomain.com/thought-leadership/2020/02/13/why-more-research-is-needed-to-craft-good-cyber-policy/
 
Businesses must prepare for a cyber cold war
Russia, China, North Korea, and others have the capacity to launch sophisticated attacks against U.S. businesses. Using armies of “cyber soldiers,” these nation-states can easily target critical infrastructure, including utilities and financial systems -- if they so desire. Last week the World Economic Forum published an article – “These will be the main cybersecurity trends in 2020” – warning of a new cyber cold war between Western and Eastern countries fuelled by trade wars. But there’s also another player fanning the flames: Iran.
https://www.fudzilla.com/news/50297-businesses-must-prepare-for-a-cyber-cold-war
 
Chinese cyber criminals are getting more organized and dangerous
"I think the biggest take away from this research is that Chinese non-state actors; they're no longer low-skill hackers trying to make extra money," An said. "They have transformed from small local networks targeting mostly Chinese businesses and citizens to large well-organized criminal groups hacking international organizations."
https://www.techrepublic.com/article/chinese-cyber-criminals-are-getting-more-organized-and-dangerous/
 
Hackers Could Turn Our Satellites Into Weapons (Think Russia or China)
If hackers were to take control of these satellites, the consequences could be dire. On the mundane end of scale, hackers could simply shut satellites down, denying access to their services. Hackers could also jam or spoof the signals from satellites, creating havoc for critical infrastructure. This includes electric grids, water networks and transportation systems. [...] In addition, many of the components draw on open-source technology. The danger here is that hackers could insert back doors and other vulnerabilities into satellites’ software.
https://nationalinterest.org/blog/buzz/hackers-could-turn-our-satellites-weapons-think-russia-or-china-122736
 
Surveillance-curtailing legislation gets privacy group backing
A coalition of 45 privacy and civil liberties groups is sending a letter to congressional lawmakers today that endorses bipartisan legislation to overhaul a set of controversial surveillance authorities set to expire next month. The missive backs a measure introduced last month, S. 3242, that would amend the 2015 USA Freedom Act, including formally ending an idle NSA program that gathers records of Americans’ telephone calls and text messages in search of links to terrorists.
https://www.politico.com/newsletters/morning-cybersecurity/2020/02/12/surveillance-curtailing-legislation-gets-privacy-group-backing-785317
 
California Police Have Been Illegally Sharing License Plate Reader Data
Some of California’s largest police departments have been collecting millions of images of drivers’ license plates and sharing them with entities around the country—without having necessary security policies in place, in violation of state law, according to a newly released state audit. The audit, published Thursday, found that 230 police and sheriff’s departments in the state currently use automated license plate readers (ALPRs), which can be fixed cameras or devices mounted on patrol cars.
https://www.vice.com/en_us/article/y3mb8b/california-police-have-been-illegally-sharing-license-plate-reader-data
 
Privacy Experts Skeptical of Proposed Data Protection Agency
Currently, the responsibility of privacy regulation is divvied between several various agencies, including the Federal Communications Commission (FCC), Federal Trade Commission (FTC) and Department of Justice (DOJ). The new agency, introduced by Sen. Kirsten Gillibrand (D-NY), would streamline data regulation efforts under one group, billed with enforcing data privacy and penalizing improper data collection or use.
https://threatpost.com/privacy-experts-skeptical-of-proposed-data-protection-agency/152861/
 
Nasty Android malware reinfects its targets, and no one knows how
On Wednesday, Malwarebytes published a new post that recounted the lengths one Android user took to rid her device of the malicious app. In short, every time she removed two xHelper variants from the device, the malware would reappear on her device within the hour. She reported that even performing a factory reset wasn't enough to make the malware go away.
https://arstechnica.com/information-technology/2020/02/researcher-says-nasty-android-infection-survived-a-factory-reset/
 
Google to Samsung: Stop messing with Linux kernel code. It's hurting Android security
Not only are smartphone makers like Samsung creating more vulnerabilities by adding downstream custom drivers for direct hardware access to Android's Linux kernel, vendors would be better off using security features that already exist in the Linux kernel, according to GPZ researcher Jann Horn. [...] It was this type of mistake that Horn found in the Android kernel on the Samsung Galaxy A50. But as he notes, what Samsung did is pretty common among all smartphone vendors. That is, adding code to the Linux kernel code downstream that upstream kernel developers haven't reviewed.
https://www.zdnet.com/article/google-to-samsung-stop-messing-with-linux-kernel-code-its-hurting-android-security/
 
Voatz of no confidence: MIT boffins eviscerate US election app, claim fiends could exploit flaws to derail democracy
"We find that Voatz has vulnerabilities that allow different kinds of adversaries to alter, stop, or expose a user’s vote, including a side-channel attack in which a completely passive network adversary can potentially recover a user’s secret ballot," their paper states. "We additionally find that Voatz has a number of privacy issues stemming from their use of third-party services for crucial app functionality."
https://www.theregister.co.uk/2020/02/13/voatz_mit_election_app/
 
App Used by Israel's Ruling Party Leaked Personal Data of All 6.5 Million Voters
"Someone visiting the Elector website on a standard browser like Google's Chrome could right-click their mouse on the page and select 'View page source.' The revealed source code for the website contained a link to the 'get-admins-users' page, which the prospective hacker simply had to visit in order to find, out in the open, the passwords of "admin" users — those with authorization to manage the database." Israeli media explained.
https://thehackernews.com/2020/02/Israeli-voter-data-leaked.html



You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2019 CI Security. All rights reserved.

CI Security
245 4th St, Suite 405  Bremerton, WA 98337
About Us   |   CI News   |   Contact Us

Add this Email to Your Address Book

Update Your Preferences   |   Unsubscribe from the Daily Blast