|
National cyber director role in the spotlight after SolarWinds hack
The compromise of at least seven federal agencies through the SolarWinds hack has technology experts stressing the importance of a national cyber director (NCD) role within the incoming Biden administration. [...] The role could prove instrumental in preparing for future emergencies like the one at SolarWinds — one of the most serious incidents of digital espionage in U.S. history — by ensuring more even implementation of the National Cyber Strategy across departments, experts say.
https://www.fedscoop.com/national-cyber-director-solarwinds/
Nashville explosion exposes weaknesses in IT networks: 5 takeaways for CIOs
Some hospitals experienced outages as a result of the incident; Gallatin, Tenn.-based Sumner Regional Medical Center had to revert to paper records when it lost access to its EHR and other operating systems. The hospital's IT systems were restored by Dec. 28. [...] IT experts told the Journal that the explosion highlights how a terrorist attack, natural disaster or cyber incident can cause widespread economic damage if it hits a location such as AT&T's switching station, which can disrupt the central system directing data from users and businesses on telecom systems.
https://www.beckershospitalreview.com/healthcare-information-technology/nashville-explosion-exposes-weaknesses-in-it-networks-5-takeaways-for-cios.html
Hackers phish 615,000 login credentials by using Facebook ads
Similar ads were found for each country with versions of the ad copy that has been localized in order to increase the conversion rate. Commenting on the technical aspect of how this evaded Facebook’s filters, the researchers state in a blog post that: While Facebook takes measures to make sure that such phishing pages are not approved for ads, in this case the scammers were using Bitly link’s which initially must have pointed to a benign page and once the ad was approved, was modified to point to the phishing domain.
https://www.hackread.com/hackers-phish-login-credentials-with-facebook-ads/
484K Aetna ACE Plan Members Impacted by EyeMed Email Hack
An investigation determined the hacked account contained information from EyeMed’s current and former vision benefits’ members. The data included member names, contact details, dates of birth, health insurance account and identification numbers, Medicaid or Medicare numbers, driver’s driver’s licenses and other government identification numbers.
https://healthitsecurity.com/news/484k-aetna-ace-plan-members-impacted-by-eyemed-email-hack
Inside Change Healthcare’s award-winning compliance program
The board now features governance best practices intended to ensure compliance, independence and transparency such as independent audit, compliance, compensation and nominating and governance committees, and oversight of risks related to ESG, data privacy and cyber-security. The focus on risk and compliance is evident in the recent legal and regulatory risk assessments of the company’s four business units.
https://www.corporatesecretary.com/articles/compliance/32395/inside-change-healthcare%E2%80%99s-award-winning-compliance-program
Georgia physician to pay $36K settlement in HIPAA Right of Access case
In April 2019, OCR received a complaint from a patient alleging that Elite failed to respond to his request for his medical records. OCR then provided Elite technical assistance in May to help the practice comply with the Right of Access requirements and closed the complaint. In October 2019, OCR received a second complaint that claimed Elite still had not provided the patient with access to his medical records. [...] Along with the financial settlement, Elite will undergo a corrective action plan that includes two years of monitoring by the OCR.
https://www.beckershospitalreview.com/cybersecurity/georgia-physician-to-pay-36k-settlement-in-hipaa-right-of-access-case.html
Kawasaki Heavy Industries reports data breach as attackers found with year-long network access
The Japanese firm, which manufactures motorcycles, military aircraft, and industrial machinery, among many other products, said an internal audit back in June revealed that its domestic servers had been accessed via an overseas office in Thailand. It later discovered further unauthorized access via satellite offices in Indonesia, the Philippines, and the US. Local media reported that the access started in September 2019 at the latest. The Japan Times also quoted Kawasaki as saying that administrator ID and passwords had been stolen as part of the incident.
https://portswigger.net/daily-swig/kawasaki-heavy-industries-reports-data-breach-as-attackers-found-with-year-long-network-access
Global cyber insurance market set for massive growth
The Willis Towers Watson Cyber claims analysis report revealed almost one-quarter of all cyber insurance claims between 2013 and 2019 were in the healthcare sector. The IT and telecommunications market ranked second with more than 10% of all cyber insurance claims in this period. Insurance, retail and wholesale, and manufacturing sectors rounded out the top five, with 9,9%, 9,2%, and 7,1% share, respectively.
https://it-online.co.za/2020/12/29/global-cyber-insurance-market-set-for-massive-growth/
AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users
The multi-stage infection chain commences with a malware-laced Excel file that's embedded with a Visual Basic for Applications (VBA) AutoOpen macro, which is subsequently used to drop and execute the downloader client script ("adb.ahk") via a legitimate portable AHK script compiler executable ("adb.exe"). [...] What makes this malware different is that instead of receiving commands directly from the C&C server, it downloads and executes AHK scripts to accomplish different tasks.
https://thehackernews.com/2020/12/autohotkey-based-password-stealer.html
In a Zero Trust World, Compliance Doesn’t Equal Security
A zero-trust approach assumes a problem exists, while compliance is most often focused on prevention. Zero trust is a framework, not a product or service. This gives agencies a huge benefit: instead of being locked into a single vendor, IT leaders can choose the best technologies to monitor, manage and control access to resources wherever they reside.
https://www.nextgov.com/ideas/2020/12/zero-trust-world-compliance-doesnt-equal-security/171046/
Multi-platform card skimmer found on Shopify, BigCommerce stores
While usually designed to target a single type of e-commerce platform, this new type of web skimming malware can take over the checkout process on shops using multiple online store management systems by injecting a malicious checkout page. [...] It does that by displaying a fake payment page before the customers land on the real checkout form and using a keylogger to intercept payment and personal information.
https://www.bleepingcomputer.com/news/security/multi-platform-card-skimmer-found-on-shopify-bigcommerce-stores/
Congress' Cyber Watchdog Sees Trouble
Congress implementing an annual scorecard and performing active oversight of the agencies to see what progress they are making in implementing best practices or ensuring that the information technology development is occurring incrementally has helped, the director observes. Most agencies that are succeeding have chief information officers that are empowered to have broad oversight of the way the information technology dollars are being spent, even if it is an enormous agency.
https://www.afcea.org/content/congress-cyber-watchdog-sees-trouble
Now is not the right time to split NSA and CYBERCOM
A lot has changed since 2009. Cyber Command has built 133 Cyber Mission Force teams and has conducted sophisticated operations, such as the cyber campaign against the Islamic State, which disrupted the latter’s ability to distribute propaganda online. This means CYBERCOM has gained in experience and developed capacity. But how ready is it to split its command, and can that be done without affecting its operations? More fundamentally, should splitting the command be a long-term goal?
https://www.airforcetimes.com/opinion/2020/12/29/now-is-not-the-right-time-to-split-nsa-and-cybercom/
India: A Growing Cybersecurity Threat
India's cyber capabilities are growing, at least partially in reaction to activities across the border in China. The rise of China and its apparent expansionist activity is likely to motivate Indian actors with varying levels of state support to act. This provides fertile ground for the development of national offensive cyber capabilities and crime.
https://www.darkreading.com/threat-intelligence/india-a-growing-cybersecurity-threat/a/d-id/1339676
Cyber crime has cost Russia $49 bln in 2020, Sberbank says
While banks, including Sberbank are better protected compared with other parts of the economy, phone fraud – when the client is asked by a person claiming to be a bank employee to provide a card’s data – is becoming more common, Kuznetsov said. He estimated Russians may lose as much as 10 billion roubles from phone fraud this year alone. He did not provide data for 2019.
https://financialpost.com/pmn/business-pmn/cyber-crime-has-cost-russia-49-bln-in-2020-sberbank-says
Russia blacklists German military, intel officers as cyberattack tensions rise
The move came in response to the EU's decision to ban Russian citizens accused of cyberattacks on the German parliament from entering its territory, the Russian Foreign Ministry said, without specifying who exactly or how many individuals were sanctioned. [...] The ministry also warned it was prepared to take further action if the German authorities "continue their confrontational line".
https://www.dailysabah.com/world/europe/russia-blacklists-german-military-intel-officers-as-cyberattack-tensions-rise
Government funding bill allows digital driver's licenses as Real ID
Under the new language, the Real ID Act of 2005, a post-9/11 law designed to create federal standards for personal identity documents, will expand its definition of state government-issued IDs to allow “driver’s licenses stored or accessed via electronic means, such as mobile or digital driver’s licenses.”
https://statescoop.com/government-funding-bill-allows-digital-drivers-licenses-real-id/
The year deepfakes went mainstream
In June, Welcome to Chechyna, an investigative film about the persecution of LGBTQ individuals in the Russian republic, became the first documentary to use deepfakes to protect its subjects’ identities. The activists fighting the persecution, who served as the main characters of the story, lived in hiding to avoid being tortured or killed. After exploring many methods to conceal their identities, director David France settled on giving them deepfake “covers.”
https://www.technologyreview.com/2020/12/24/1015380/best-ai-deepfakes-of-2020/
Keeping Up With the Uncertainty of Shifting Global Data Protection Regulations
Going into 2021, firms should, for example, continue revisit their data collection policies and only gather data required for business-as-usual activities, as well as ensuring that customer consent is built into data collection practices. A small data footprint will minimize the burden of management and reporting activities, as well as minimizing the likelihood and impact of security incidents.
https://www.infosecurity-magazine.com/opinions/uncertainty-global-data-protection/
The Butt Pajamas Will Follow You Forever
After I spent more time scrutinizing how, exactly, this ad turned up everywhere, the more sinister these weird advertisements started to look. In fact, by the end of things, I became convinced that these onesie ads were less about a onesie retailer no one had heard of before, and more about how hopelessly broken the adtech ecosystem is.
https://gizmodo.com/the-butt-pajamas-will-follow-you-forever-1845929307
|
