|
IT Security News Blast – 10-8-2021
This is the IT Security News Blast.
A brief situational awareness summary for key sectors, threats and vulnerabilities, noteworthy events. Security, Privacy, Surveillance. Sign up for the blast here:
https://www.criticalinsight.com/resources/daily-news
Security Awareness Training – TODAY 12PM PDT
Join us for our now weekly security awareness presentation. Peppered with materials collected over many years and right up to recently, I'll present examples of all kinds of bait, explain how "they" get into your networks, and leave you with some good advice. Meets regulatory requirements for annual training, and we promise it won't be boring.
https://app.livestorm.co/critical-insight/security-awareness-training-2021
Google warns 14,000 Gmail users targeted by Russian hackers
The campaign from APT28, also known as Fancy Bear, lead to a larger number of warnings for Gmail users across various industries. In a statement sent by a Google spokesperson, Huntley says that Fancy Bear’s phishing campaign accounts for 86% of all the batch warnings delivered this month.
https://www.bleepingcomputer.com/news/security/google-warns-14-000-gmail-users-targeted-by-russian-hackers/
4 steps to protect the C-suite from business email compromise attacks
Thompson recommends twice-yearly tabletop exercises to raise awareness of the threats and practice responses to a breach or BEC before it happens. These exercises should ideally be conducted in a non-threatening ‘quiet’ time to help everyone in the C-suite become more security conscious and help with resilience if/when a company is victimized by a BEC or data breach.
https://www.csoonline.com/article/3634776/4-steps-to-protect-the-c-suite-from-business-email-compromise-attacks.html
Cyber Criminals Focusing on Clinics + Business Associates
The report states that “Data on cyber-attacks from the first half of 2021 shows criminals are changing targets within the healthcare ecosystem, with breaches increasing for outpatient facilities and business associates. The data also shows some long-term trends continuing, with overall attacks on an upward trend.”
https://www.natlawreview.com/article/cyber-criminals-focusing-clinics-business-associates
Is a Hospital to Blame if a Patient Dies During a Ransomware Attack?
But even if the ransomware is ultimately to blame for what happened, it’s still far from straightforward to sort out whether that means the hospital and its staff were at fault because of how they responded to the attack.
https://slate.com/technology/2021/10/ransomware-hospital-teiranni-kid-lawsuit.html
Medtronic Recalls Medical Devices Due to Security Risks That Can Lead to Injury, Death
That recall is now being expanded by Medtronic to the optional remote controllers associated with the affected insulin pumps. Users of these devices have been sent updated instructions, including for stopping the use of impacted controllers and returning them.
https://www.securityweek.com/medtronic-recalls-medical-devices-due-security-risks-can-lead-injury-death
The Cyber Insurance Market in Flux
“The appetite for taking cyber risk has decreased through many insurance companies across the industry,” Mak says. “That can mean anything from withdrawal from the market in the most extreme cases down to increasing underwriting standards.”
https://www.informationweek.com/security-and-risk-strategy/the-cyber-insurance-market-in-flux
TSA set to mandate railroads and rail systems report cyber incidents to government
In addition to railways, the TSA is also requiring U.S. airport operators, passenger aircraft operators and all cargo aircraft operators to designate a cybersecurity coordinator and report all incidents to CISA, by next spring, Mayorkas said at the Billington Cybersecurity Forum.
https://abcnews.go.com/Politics/tsa-set-mandate-railroads-rail-systems-report-cyber/story?id=80457231
Justice Department to Fine Contractors for Not Reporting Cyber Incidents
“Where those who are entrusted with government dollars, who are entrusted to work on sensitive government systems fail to follow required cybersecurity standards, we’re going to go after that behavior and extract very hefty, very hefty fines,” she said.
https://www.wsj.com/articles/justice-department-to-fine-contractors-for-not-reporting-cyber-incidents-11633599001
Lawmakers Call for Definitive Cyber Deterrence Policy
“There’s no deterrent effect right now in the cyber realm,” Rep. Katko said. “We’ve got a lot of things that we’re talking about, and [Rep. Clarke] does a great job and all of us from the Solarium on down, to harden our systems and make us less vulnerable. But the thing that makes us most vulnerable is not responding, and there’s no question about that.”
https://www.meritalk.com/articles/lawmakers-call-for-definitive-cyber-deterrence-policy/
Russian spies reportedly used SolarWinds hack to steal US counterintelligence details
The attack is said to have led to the Russian foreign intelligence service making off with "information about counterintelligence investigations, policy on sanctioning Russian individuals and the country's response to COVID-19," according to people involved in the US government's investigation who spoke to Reuters.
https://www.theregister.com/2021/10/07/solarwinds_russia_us_counterintelligence_details/
European Parliament adopts resolution accusing Russia, China, North Korea of cyberattacks
According to the document, various state actors like Russia, China and North Korea have been involved in malicious cyber activities in pursuit of political, economic and security objectives that include attacks on critical infrastructure, cyber espionage on and mass surveillance of EU citizens
https://tass.com/world/1346705
Russian cyberattacks pose greater risk to governments and other insights from our annual report
uring the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia. And attacks from Russian nation-state actors are increasingly effective, jumping from a 21% successful compromise rate last year to a 32% rate this year. Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security or defense.
https://blogs.microsoft.com/on-the-issues/2021/10/07/digital-defense-report-2021/
Should the US consider Iran's 'deniable' attacks a significant threat?
According to the Center for Strategic and International Studies, “Iran uses Hezbollah and Hamas as proxies for cyber actions. Iranian hackers targeted the accounts of employees at major manufacturers and operators of industrial control systems. Iranian hackers targeted more than 170 universities around the world … stealing $3.4 billion worth of intellectual property
https://thehill.com/opinion/international/574828-should-the-us-consider-irans-deniable-attacks-a-significant-threat
US gov’t will slap contractors with civil lawsuits for hiding breaches
"We are announcing today that we will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards—because we know that puts all of us at risk. This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust."
https://arstechnica.com/information-technology/2021/10/us-govt-will-slap-contractors-with-civil-lawsuits-for-hiding-breaches/
Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming
The incident was first reported by military news specialist Task & Purpose, which said that the USS Kidd‘s page was officially taken over at 10:26 p.m. on Sunday. The hijacked page of the warship, which finished up its latest active deployment in late September, then posted a joyful “Hahahahaha” and commenced four hours of live Age of Empires action.
https://threatpost.com/navy-warships-facebook-age-empires-gaming/175409/
|
