|
IT Security News Blast – 9-28-2021
Urgent Panel: BlackMatter and Conti
The BlackMatter ransomware gang hit media and food supply companies. The FBI is urgently warning healthcare organizations about the Conti ransomware gang. In this urgent panel discussion, we’ll take a look at both gangs, who they are, how they target organizations, and what they’re after. We’ll also talk about how to prepare and defend your organization, and how federal policy is being brought to bear.
https://cybersecurity.criticalinsight.com/urgent-panel-blackmatter
CISA Director: Attackers Targeted Port of Houston
Hamilton adds that incidents such as the attempted attack against the Port of Houston are likely to make the Coast Guard rethink its cybersecurity assessments of these facilities. "The Coast Guard is going to become much more regulatory, potentially with audits by third parties replacing self-assessments - which are always aspirational," he says.
https://www.bankinfosecurity.com/cisa-director-attackers-targeted-port-houston-a-17614?highlight=true
UC San Diego Health sued over data breach that may have exposed records of 500,000 patients
Lawyers representing an El Cajon cancer patient filed legal action this week in San Diego federal court alleging negligence, breach of contract, and violation of California consumer privacy and medical confidentiality laws. It seeks class-action status and unspecified damages for all individuals whose personal and medical information may have been compromised.
https://www.sandiegouniontribune.com/business/story/2021-09-23/sd-fi-ucsandiego-cyber-attack
Health Tech Companies Face Penalties for Not Sharing Information
Examples of information blocking include inappropriately citing the Health Insurance Portability and Accountability Act (HIPAA) as a reason for not sharing EHI, including contractual provisions preventing the sharing of EHI in vendor agreements, and designing technology in ways that lessen the ability to share EHI.
https://news.bloomberglaw.com/health-law-and-business/health-tech-companies-face-penalties-for-not-sharing-information
United Health Centers ransomware attack claimed by Vice Society
On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United Health Centers was reeling from a Vice Society ransomware attack that caused them to shut down their entire network. [...] This week, the Vice Society ransomware gang leaked files that the threat actors allegedly stole from United Health Centers during the August attack.
https://www.bleepingcomputer.com/news/security/united-health-centers-ransomware-attack-claimed-by-vice-society/
The 5 'Ts' of cyber-crisis readiness for every kind of organization
1. Talent & planning
2. Technology & infosec governance
3. Training & communication
4. Technology tools
5. Triangulation & continuous improvement
https://www.weforum.org/agenda/2021/09/cybersecurity-cyber-crisis-readiness/
Can Centralized Identity Management Build Trust in the Finance Industry?
Fund administrators must be airtight on compliance, know your customer and anti-money laundering regulations. They shouldn’t even trust themselves. That’s why using a centralized identity management system should now be the price of admission for financial or professional services companies that preside over sensitive data.
https://www.toolbox.com/it-security/cyber-risk-management/guest-article/can-centralized-identity-management-build-trust-in-the-finance-industry/
OFAC Targets Virtual Currency Exchange For Ransomware Attack
The SUEX designation was accompanied by OFAC’s Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments (“Updated Advisory”), which “describes the potential sanctions risks associated with making and facilitating ransomware payments and provides information for contacting relevant U.S. government agencies, including OFAC if there is any reason to suspect the cyber actor demanding ransomware payment may be sanctioned or otherwise have a sanctions nexus.”
https://www.jdsupra.com/legalnews/ofac-targets-virtual-currency-exchange-1180508/
Compliance as a Service Addresses Manufacturing Complexities
Until recently, “cybersecurity” hasn’t meant much more than a general awareness that employees ought to avoid clicking strange links and to change their passwords occasionally, she said. “So, now, enterprise-wide, you’re going to have to devote time to learning something that is not your expertise or find somebody who does have it and depend on them—which has its own drawbacks.
https://www.sme.org/technologies/articles/2021/september/compliance-as-a-service-addresses-manufacturing-complexities/
States at disadvantage in race to recruit cybersecurity pros
A state or local government role doesn’t compare to the “meat grinder” of constantly responding to new attacks or vulnerabilities on a cybersecurity team for Microsoft or Amazon, said Michael Hamilton, founder of the PISCES Project. The organization connects cybersecurity students to local governments that don’t have employees focused on that work.
https://www.abqjournal.com/2432542/states-at-disadvantage-in-race-to-recruit-cybersecurity-pros.html
Spending the federal cybersecurity budget: what's next?
So, where should government invest first? Legacy systems: According to the recent Senate Committee on Homeland Security and Government Affairs report, "Federal Cybersecurity: America's Data Still at Risk," seven of the eight agencies studied used legacy systems or applications that are no longer supported by the vendor with security updates.
https://fcw.com/articles/2021/09/27/comment-cyber-priorities-budget.aspx
Cybersecurity, AI, and 5G: Top tech features in new defense spending bill
The bill's new policies and additional spending will fortify the U.S. military’s technological advantage by ensuring the government has the tools to confront the growing threat of China and Russia. [...] One of the largest new tech-related areas of spending in the bill is nearly $1 billion in additional cybersecurity investments in people, programs, and technologies to curb the rapid increase in ransomware attacks that have occurred recently.
https://news.yahoo.com/cybersecurity-ai-5g-top-tech-110000765.html
How Should South Korea’s Next President Approach Cybersecurity?
South Korean domestic media have reported an increase in the number of cyberattacks on defense-related South Korean institutes, companies, and governmental organizations, from 3,986 in 2017 to 12,696 in 2020. Power stations, energy facilities, traffic control centers, and major governmental offices are all targeted.
https://thediplomat.com/2021/09/how-should-south-koreas-next-president-approach-cybersecurity/
EU Slams Russia For Alleged 'malicious Cyber Activities' Ahead Of German Election
Borrell’s statement comes after Germany had criticised what it called Russian attempts to influence the September 26 election of a new parliament. Berlin had pointed the fingers at the Russian hacking group, which conducts disinformation campaigns known as "Ghostwriter”. The German intelligence believes that the Russian hackers have been trying to gain access to the email accounts of federal and regional MPs[.]
https://www.republicworld.com/world-news/europe/eu-slams-russia-for-alleged-malicious-cyber-activities-ahead-of-german-election.html
To Deter China, Relearn The Lost Art of Dissuasion
The rising importance of information technologies may result in all confrontations looking more like today’s action in cyberspace. Ubiquitous space and airborne sensors will provide nearly continuous observation of friendly and adversary forces, spurring new efforts at counter-detection and deception. Once identified, opposing units can be engaged by electromagnetic and cyber attacks, influence operations, or criminal activity regardless of whether a war is underway.
https://www.defenseone.com/ideas/2021/09/deter-china-relearn-lost-art-dissuasion/185638/
Stop worrying that crims could break the 'net, say cyber-diplomats – only nations have tried
"Despite recent attempts to cast the main threat to the public core as resulting from cybercriminals, it is in fact states and their affiliates whose activities pose the greatest risks," the document adds, citing an International Telecommunications Union document that suggests nation-states could guarantee the 'net's safety from a criminal attack.
https://www.theregister.com/2021/09/24/gcsc_norm_on_protecting_internet_core/
Cybercrime is hitting communities of color at higher rates, study finds
The survey found, for instance, that just 47% of BIPOC respondents were able to avoid a financial impact due to identity theft, compared to 59% of overall respondents. Compared to overall respondents, BIPOC on average reported roughly $200 more in financial losses.
https://www.cyberscoop.com/cybercrime-demographics-bipoc-malwarebytes/
System Rivalry: How Democracies Must Compete with Digital Authoritarians
The larger threat posed by all these AI-enabled technologies is that they are facilitating the spread of digital authoritarianism: an encompassing techno-social system and governance model that involves control and security for the state as opposed to liberty and security for citizens.
https://www.justsecurity.org/78381/system-rivalry-how-democracies-must-compete-with-digital-authoritarians/
'Chilling': Facial recognition firm Clearview AI hits watchdog groups with subpoenas
Clearview AI, the controversial facial recognition company that scrapes public images from social media to aid law enforcement probes, has subpoenaed internal documents from some of the groups that first exposed its activities. [...] “To use legal process to try to silence critics — silence people that are just trying to get transparency about how our criminal justice system is operating and what tools are being used by law enforcement agencies — that's pretty problematic,” Brody said.
https://www.politico.com/news/2021/09/24/clearview-ai-subpoena-watchdog-groups-514273
|
