Copy
Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 2-11-2021

Enterprise ransomware prevention measures to enact in 2021
In addition, hackers increasingly target their victims and shape attacks based on their profiles, further increasing the level of sophistication of these attacks. "The era of the shotgun blast, [with hackers] just trying to scope up anyone dumb enough to click, is coming to an end," CI Security's Hamilton said. Hackers themselves are morphing, with more criminal enterprises and nation-states engaging in attacks and sometimes even working together, and offering ransomware as a service for anyone willing to pay.
https://searchsecurity.techtarget.com/feature/Enterprise-ransomware-prevention-measures-to-enact
 
U.S. Cyber Weapons Were Leaked — And Are Now Being Used Against Us, Reporter Says
Part of the problem, Perlroth says, is that the U.S. has spent more energy on hacking other countries than on defending itself. "We really need to make a decision as a society and inside government to stop leaving ourselves vulnerable," she says. "We have to take our own security seriously. We also have to stop leaving gaping holes in software that could be used by adversaries to pull off some of these attacks."
https://www.npr.org/2021/02/10/966254916/u-s-cyber-weapons-were-leaked-and-are-now-being-used-against-us-reporter-says
 
Business associates were largely to blame for 2020 breaches
According to analysts, 21.3 million healthcare records were breached in the second half of 2020 alone – with nearly three-quarters of all breaches tied to third parties. "We must redouble our efforts to make sure our business associates are secure operators. That means we not only have to make sure our own networks and applications are secure, but we have to make sure all our partners have strong cyber hygiene," said Drex DeFord, executive healthcare strategist at CI Security[.]
https://www.healthcareitnews.com/news/business-associates-were-largely-blame-2020-breaches
 
Patient records stolen from Florida and Texas hospitals get published on the dark web
The records were stolen from Leon Medical Centers, which serves eight locations in Miami, Florida and Nocona General Hospital, which has three locations in Texas, according to a report Friday on NBC News. The stolen data is said to include at least tens of thousands of scanned diagnostic results and letters to insurers that include personally identifiable information such as names, addresses and birthdates.
https://siliconangle.com/2021/02/07/patient-records-stolen-florida-texas-hospitals-published-dark-web/
 
New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance
Insurers should:

  • Establish a Formal Cyber Insurance Risk Strategy
  • Manage and Eliminate Exposure to Silent Cyber Insurance Risk
  • Evaluate Systemic Risk
  • Rigorously Measure Insured Risk
  • Educate Insureds and Insurance Producers
  • Obtain Cybersecurity Expertise
  • Require Notice to Law Enforcement

https://datamatters.sidley.com/new-york-department-of-financial-services-issues-first-guidance-by-a-u-s-regulator-concerning-cyber-insurance
 
Hack exposes vulnerability of U.S. water plants
The intruder’s timing and visibility seemed almost comical to cybersecurity experts. A supervisor monitoring a plant console about 1:30 p.m. saw a cursor move across the screen and change settings, Gualtieri said, and was able to immediately reverse it. The intruder was in and out in five minutes. [...] There’s been an uptick in hacking attempts of water treatment plants in the past year, the cybersecurity firm FireEye said, but most were by novices, many stumbling on systems while using a kind of search engine for industrial control systems called Shodan.
https://finance-commerce.com/2021/02/hack-exposes-vulnerability-of-u-s-water-plants/
 
Why Boards Will Require Cybersecurity Scrutiny During Financial Audits in 2021 and Beyond
Through custom report creation, we have seen lines of code that share financial information to personal email addresses outside an organization, grant access to modify tables, change information and even grant views into Personally Identifiable Information (PII) that bypass internal access controls, resulting in SOX compliance issues and violations of other data privacy laws. All of this is completely invisible to the actual users.
https://www.cpomagazine.com/cyber-security/why-boards-will-require-cybersecurity-scrutiny-during-financial-audits-in-2021-and-beyond/
 
Why Boards Will Require Cybersecurity Scrutiny During Financial Audits in 2021 and Beyond
Supply chain security is actually worse than we think
Most organizations, sadly, don't know this. They know they spend money on security and they know they see charts with red and green boxes and arrows tracking progress. Most have no clue they're sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.
https://www.zdnet.com/article/supply-chain-security-is-actually-worse-than-we-think/
 
FERC proposes incentives for electric companies to improve cybersecurity
Under the proposal, public utilities could seek "deferred cost recovery" for any cybersecurity improvements they make to their infrastructure that go beyond the minimum requirements developed by the National Institute of Standards and Technology. The policy allows for three categories of improvements: third-party hardware, software and computing and networking services, employee training to implement the upgrades, and costs associated with the implementation "such as risk assessments by third parties or internal system reviews," according to the Federal Register.
https://fcw.com/articles/2021/02/08/ferc-bulk-power-cyber-rule.aspx
 
New risks threaten defense industry's cybersecurity, report claims
[Prime] contractors needed to be responsible for the network security of their subcontractors. "The big boys, the Boeings and all that -- hold them accountable for basically the security of their networks down into their subcontractors. That's where we're getting picked off," Manchin said, seemingly alluding to the DOD's CMMC program that would require all defense contractors to meet certain cybersecurity standards before getting contracts.
https://defensesystems.com/articles/2021/02/10/ndia-cyber-report-defense-vulns.aspx
 
Congress’ newest subcommittee is focusing on cyber troops and JEDI
The first-ever chairman of the Cyber, Innovative Technologies and Information Systems Subcommittee, Rep. Jim Langevin (D-R.I.), said over the next legislative session the panel will pursue an aggressive agenda focusing on cyber force structure, the newest combatant commands, artificial intelligence, cyber infrastructure and supply chain safety.
https://federalnewsnetwork.com/defense-main/2021/02/congress-newest-subcommittee-is-focusing-on-cyber-troops-and-jedi/
 
Space Force begins onboarding cyber specialists
Raymond said about 1,300 enlisted Air Force and officers are being transferred with the bulk scheduled to convert and become "organic to our team" and who "will understand the cyber terrain of space" by the end of the February. All 1,300 are expected to be absorbed over the next several months.
https://defensesystems.com/articles/2021/02/10/space-force-cyber-raymond.aspx
 
Inside The Cyber Weapons Arms Race [Podcast]
The world is on the precipice of cyber catastrophe, and everything is vulnerable, including our government, nuclear weapons, elections, power grid, hospitals, and cell phones. 'New York Times' cybersecurity reporter Nicole Perlroth explains how the U.S. went from having the world's strongest cyber arsenal to becoming so vulnerable to cyber attack. "We have to stop leaving gaping holes in software that could be used by adversaries to pull off some of these attacks," she says.
https://www.npr.org/2021/02/10/966360714/inside-the-cyber-weapons-arms-race
 
Russia-Iran cooperation poses challenges for US cyber strategy, global norms
Russia and Iran inked an agreement last month on information security, a term that in Russian strategic doctrine encompasses not only cyber but information and communications technology (ICT) more broadly. Such cooperation will help these authoritarian regimes to continue suppressing internal dissent and to expand joint efforts to counter the Western goal of preserving an open and free internet.
https://www.c4isrnet.com/thought-leadership/2021/02/08/russia-iran-cooperation-poses-challenges-for-us-cyber-strategy-global-norms/
 
Data Privacy: Top Considerations for 2021
With the new administration, we may see federal privacy legislation proposed and passed in 2021. The Biden Administration has already appointed certain key positions, including a position within the Department of Commerce responsible for overseeing the negotiations to create a replacement for the EU-US Privacy Shield that was invalidated in 2020.
https://www.cpomagazine.com/data-privacy/data-privacy-top-considerations-for-2021/
 
New York Has More to Say About Consumer Data Privacy
From a security standpoint, the law would mandate that businesses implement safeguards to protect personal information from security risks “such as loss, unauthorized access, destruction, use, modification, or unauthorized disclosure.”  While this type of requirement, in various forms, appears in both the SHIELD Act and (far more prominently) in DFS’s cybersecurity regulation, NYDAT could broaden this requirement’s coverage.
https://www.jdsupra.com/legalnews/new-york-has-more-to-say-about-consumer-9071107/
 
LodaRAT Malware Can Now Target Android Devices
LodaRAT, previously known as Gaza007, is operated by a group called Kasablanca, which uses the malware for cyberespionage and information stealing, say researchers Warren Mercer, Chris Neal and Vitor Ventura, who analyzed the malware for Cisco Talos.
https://www.bankinfosecurity.com/lodarat-malware-now-target-android-devices-a-15957
 
Microsoft: Keep your guard up even after Emotet’s disruption
"Microsoft 365 Defender data shows that the disruption of Emotet infrastructure immediately resulted in the drop in new campaigns," the company's global network of security experts tweeted earlier today. "Given Emotet’s reach and role in the deployment of payloads like ransomware, however, customers should ensure continued monitoring and protection.
https://www.bleepingcomputer.com/news/security/microsoft-keep-your-guard-up-even-after-emotet-s-disruption/
 
Hackers auction alleged stolen Cyberpunk 2077, Witcher source code
Today, security researcher VX-Underground tweeted that the threat actors have started to auction what they claim is stolen data from the CD Projekt attack. This data allegedly includes stolen internal documents, 'CD Projekt offenses,' and the source code for Cyberpunk 2077, Witcher 3, Thronebreaker, and an unreleased Witcher 3 version with raytracing.
https://www.bleepingcomputer.com/news/security/hackers-auction-alleged-stolen-cyberpunk-2077-witcher-source-code/

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at https://ci.security/news/daily-news.

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


 

CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 


Add this Email to Your Address Book





unsubscribe