Threats

now browsing by tag

 
 

Cyber security #experts discuss #mitigating #threats, say #universities can #play a key #role in #protecting the #country against a #cyber attack

Former U.S. Director of National Intelligence and Navy Vice Adm. Mike McConnell advocated today for stronger protection of digital data transfers and for universities to play a key role in filling cyber security jobs.

McConnell was among the keynote speakers at the 2018 SEC Academic Conference hosted by Auburn University. The conference, which is ongoing through Tuesday, is focused on the topic of “Cyber Security: A Shared Responsibility” and brings together representatives from the SEC’s 14 member universities along with industry experts in the area of cyber security.

McConnell is encouraging the use of ubiquitous encryption as a solution for stronger data protection.

“As we go to the cloud…ubiquitous encryption of some sort would be used so that if anybody accessed that data, you can’t read it. If you’re moving [the data] from point A to point B, it scrambles so you can’t read it,” he said.

McConnell understands that stronger data security can come at a cost for others, including law enforcement who may need to access data within a device during a criminal investigation.

“What I’m arguing is the greater need for the country is a higher level of [data] security. If that’s the greater need, then some things of lesser need have to be sacrificed. So when I say ubiquitous encryption, that’s what I’m attempting to describe. It is protecting the data that is the very lifeblood of the country,” McConnell said.

McConnell also addressed how academia can help in securing the nation from cyber attacks.

“We have about 300,000 job openings across the United States for which there are no cyber security-skilled people to fill those jobs,” he said. “Universities are debating academically ‘What is cyber security?’ and ‘How do you credit the degrees?’ and ‘How do you get consensus on what it is and what it should do?’”

He urged universities to move more quickly on coming to a consensus so they can get certified and accredited to start producing students who can fill those jobs.

Glenn Gaffney, executive vice president at In-Q-Tel, also spoke to the role higher education institutions can play in cyber security during his keynote address at the conference.

“It is at the university level where we don’t have to take a top-down approach,” Gaffney said, adding that universities can work together, through research and student involvement, to create proactive solutions to cyber security. “This is where the next generation of leaders will be developed. It’s here that these dialogues must begin. This is the opportunity.”

Ray Rothrock, CEO and chairman of RedSeal Inc., was the day’s third speaker, presenting on the topic of “Infrastructure: IoT, Enterprise, Cyber Physical.” Rothrock also held a signing for his new book, “Digital Resilience: Is Your Company Ready for the Next Cyber Threat?”

Attendees at the conference are exploring computer and communication technology; the economic and physical systems that are controlled by technology; and the policies and laws that govern and protect information stored, transmitted and processed with technology.

Students at each SEC member university participated in a Cyber Challenge and presented posters displaying their work in the area of cyber security.

advertisement:

The post Cyber security #experts discuss #mitigating #threats, say #universities can #play a key #role in #protecting the #country against a #cyber attack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

A #whole new #ball game: #Sports world #adapts to #growing #cybersecurity #threats

Imagine the fallout if the NHL was hacked and its star players — think Sidney Crosby, Auston Matthews and Connor McDavid — had their home addresses, phone numbers and other personal information made accessible online.

It’s an all-too-familiar scenario for Canadian lacrosse player Kevin Crowley, who was among the victims of a data breach that affected Major League Lacrosse last summer, when a spreadsheet with the personal details of every player in the league and former players was mistakenly made available to an unintended audience.

“To be completely candid, we talked about it on our team and I don’t think anyone was all that surprised that something like that could have happened,” said the 29-year-old New Westminster, B.C., native, who was a No. 1 draft pick in the MLL and the National Lacrosse League.

“As lacrosse players we’re not making millions of dollars a year, but I can imagine if an NHL or NFL or NBA player got their account hacked, that’d be a much bigger deal in terms of what they could probably take out of their accounts.”

Cybersecurity has become a growing concern in sports leagues and players’ associations around the world in the wake of several data breaches and unrelenting waves of hacking attempts.

Just days before the MLL hack went public last August it was also revealed the Russian cyberespionage group Fancy Bears had obtained what it said was confidential medical data on soccer players who had drug exemptions for the 2010 World Cup. The group released a similar trove of documents about a year earlier that it said revealed drug test results of tennis star Serena Williams and others from the World Anti-Doping Agency. WADA confirmed at the time that it had been hacked.

On Wednesday, the U.K.-based cybersecurity company Darktrace announced it is now providing the NHL Players’ Association with an artificial intelligence-powered service to help protect player data such as personal contacts and contract details.

“For most sporting leagues, their information in many ways is their currency,” said Darktrace spokesman David Masson.

“It’s the data about their organization, how they work, how they train, how they pay, how much they receive, it’s all in there and for many of them there’s potential of theft, reputational damage, there’s potential for the network to be brought down.”

Stephen Frank, who has been the NHLPA’s director of technology and security since 2012, recalls there were no real hacking threats on the web back when he started on the job. In those days, each player in the league was set up with a dial-up internet account to stay in touch with the union.

Nowadays, there are huge concerns around social media-linked attacks and phishing attempts that involve being hacked after clicking on an innocent-looking link.

“These players are deep-pocketed, high net-worth individuals of some status, so whether it’s someone trying to exploit them through ransom or someone who wants to undermine the integrity of their online social media, phishing is generally still the most visited route of a bad actor,” Frank said, adding the threats linked to social media are multi-faceted.

“There is the whole side of getting their account breached and taken over, there are impersonation accounts that can be very detrimental to a player’s brand and/or employability, but you also have a situation where you have followers retweeting and inserting nefarious links that will confer malware.”

Given that today’s young players are digital natives who were typically active on social media before becoming stars, there’s an important need to educate about “proper online hygiene” and security trends, starting with a rookie orientation program, Frank said.

“Top to bottom, young players through old, I would say (all players) are very educated,” he said.

“We also stress the importance of their brand, perhaps not only as a rookie but throughout their career and life after hockey as well. We take it very seriously, the players are well-educated from the day they step into the league from the day they depart.”

advertisement:

The post A #whole new #ball game: #Sports world #adapts to #growing #cybersecurity #threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Many #employees know #little about #cybersecurity #threats

Companies are surrounded by cybersecurity threats, but many are not making it a priority to educate employees about them, a survey says.

Nearly half (46%) of entry-level employees don’t know whether their company has a cybersecurity policy, according to research firm Clutch.

The survey demonstrated a lack of awareness that can put companies at risk for IT security breaches. Nearly two-thirds of employees (63%) said they don’t know whether the quantity of IT security threats their companies face will increase or decrease over the next year. Additionally, among entry-level employees, 87% said they don’t know how the number of threats will shift in the next year.

The survey also found that employees are less likely to recognize IT services as the primary area of security vulnerability at their company. Instead, they cited theft of company property as the primary threat to company security, ahead of unauthorized information and email phishing scams.

The findings are a bit ironic, because “most cyberbreaches are caused by employees, inadvertently,” Robert Anderson, co-chair of the cybersecurity and data privacy group at Lindabury, McCormick, Estabrook & Cooper, P.C., told FierceCEO.

“There is a tendency for businesses to not put the emphasis on employees, but they are the greatest vulnerability,” Anderson said.

Read More….

advertisement:

The post Many #employees know #little about #cybersecurity #threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity’s #Top 3 #Threats #Intertwine

Botnets, ransomware, and simple attack methods dominate the threat landscape and build on each other to drive effectiveness.

Cybercrime is a business, and hackers are looking for cheap strategies to maximize impact and minimize cost. Simple attack methods are one of three key themes permeating version 23 of the Microsoft Security Intelligence Report, which was released today.

This edition of the biannual report spans enterprise and consumer cloud services, and analyzes the 400 billion emails, 450 billion authentications, and scans of 18+ billion webpages and 1.2 billion devices that Microsoft does each month. The three key topics are botnets, hacker tactics, and ransomware.

Interestingly, researchers point out, these three areas overlap with one another. Ransomware (along with Trojans and backdoors) was a common form of malware distributed by the Gamarue botnet, which Microsoft helped take down in 2017. The threat is also embedded in weaponized documents embedded in phishing emails, a simple and effective form of cyberattack.

Here, we dig into each of the threats Microsoft prioritized:

Bringing Down Botnets
Microsoft’s Digital Crimes Unit (DCU) has been taking down botnets since the Conficker botnet disruption in 2008. In November 2017, it coordinated the takedown of the Gamarue botnet (also known as Andromeda), the culmination of an effort that started in December 2015.

Read More….

advertisement:

The post Cybersecurity’s #Top 3 #Threats #Intertwine appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The #country is #woefully unprepared for #cyber #threats

Source: National Cyber Security News

Whether it’s an attack on the banking infrastructure or disinformation campaigns on social media, the United States is “woefully unprepared” to combat cyber attacks and disinformation campaigns, Senator Mark Warner said on Saturday.

Speaking at the SXSW festival, Warner said it’s time to consider the liability of tech platforms and software makers.

Warner, the top Democrat on the Senate Select Intelligence Committee, outlined a four-part “cyberdoctrine,” actions the government could take to address cybersecurity threats.

He suggested the establishment of basic rules for cyber aggressions, like those in place for nuclear weapons. Warner also called for using the government’s purchasing power to force tech product makers to adopt security standards, and said the United States should reallocate some defense resources into the cyber domain.

“One of the things I want to do is bring together parliamentarians of all the Western nations that have been attacked,” he said. “The West ought to start seeing if we can get some commonality,” around cybersecurity efforts.

Cybersecurity is not a partisan issue, Warner said, adding that Republicans and Democrats understand the threats posed by cyber attacks and disinformation campaigns.

Tech companies aren’t doing enough to combat abuse of their platforms for disinformation, Warner said.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Cyber #security #threats #pervasive says #APRA

Source: National Cyber Security News

The year 2017 was a rough one for cybersecurity. From the WannaCry ransomware attack to the Equifax hack, 2017 was a harsh reminder of the importance of having strong IT practices and an incident response plan.

So what does 2018 have in store? SecureWorks, one of our partners and the nation’s largest cybersecurity firm by number of clients, compiled some of the top 2018 predictions from various industry analysts. These cover everything from security services, IoT, integrated platforms, GDPR, skills shortage, detection and response, and machine learning, to automation and orchestration. Here’s a summary of the predictions:

1. Companies will be using vendors that offer an integrated platform approach to security.

advertisement:

It’s predicted that by 2020, 30 percent of security spending will be on vendors that provide an integrated platform approach to security. With countless security solutions, and the ever-evolving threat actor, organizations want to find solutions that most effectively mitigate risk and reduce complexity.

2. Machine learning and cognitive software will be utilized more by organizations.

By 2020, 50 percent of security telemetry will be made more useful through machine learning and cognitive software, which will ingest and curate it into actionable and intelligent data at record speed. By 2021, requirements for greater efficiency in threat response will drive 20 percent of buyers to heavily weight automation in buying criteria.

Read More….

View full post on National Cyber Security Ventures

Cyber Security #breakfasts to help #businesses deal with #security #threats

Source: National Cyber Security – Produced By Gregory Evans

Cyber security is to come under the spotlight as police demonstrate a live hack to encourage businesses to protect themselves.

The safety of the online world is a hot topic with threats from hackers, criminals, activists, terrorists and even disgruntled employees who target vulnerable firms.

Now the North East Cyber Crime Unit (NERSOU) has teamed up with local police forces to host ‘cyber breakfasts’ in a bid to urge businesses to protect themselves against the growing menace of cyber-crime.

Detective Sergeant Martin Wilson from NERSOU, said: “North East businesses are underprepared when it comes to cyber threats, with many having no contingency plans in place for a crisis.

“Whilst it is easy enough to recognise an insecure window or an unlocked door, it is not always as easy to spot that your computer system has been compromised.

“The purpose of these breakfasts is simple, we want to show businesses how they can be vulnerable to a cyber-attack by demonstrating a live hack with the help of Waterstons, an IT consultancy based in Durham.

“This may all sound like doom and gloom but it is not, we can give you the support to defend against these hacks and are offering a free vulnerability assessment service, which can give you an overview of your ICT weaknesses so you can fix them before cyber criminals find them.”

The free events will take place across the region in Durham City, Darlington and Barnard Castle and it will be a chance for businesses to speak to experts in cyber-crime and enable organisations in the North East to come together to share their experiences and learn from best practice.

“Cyber-crime has been on people’s radars for a while now but it is still an evolving global threat and attacks are incredibly disruptive. It is a growing part of the workload of policing in UK,” said DS Wilson whose team has recently expanded to deal with these type of crimes.

“We are a dedicated team of detectives here to protect businesses and members of the public,” he added.

The post Cyber Security #breakfasts to help #businesses deal with #security #threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Top #Three #Health Care #Cybersecurity #Threats for 2018

Source: National Cyber Security – Produced By Gregory Evans

The medical field has undergone massive digitization in recent years with the emergence of interconnected medical devices and the broader exchange of health care information. In less than a decade, nearly all hospitals and physician offices have adopted electronic health record (EHR) systems.[i] But the adoption and investment related to cybersecurity has been slow. According to the Health Care Industry Cybersecurity Task Force, “a majority of the health care sector made financial investments in cybersecurity only in the last five years.”[ii] This expansion of digitizing critical information without an investment in cybersecurity has, in large part, led to the current environment where health care providers are easy targets for attackers. In a 2017 report, the American Medical Association found that 8 out of 10 physicians had experienced a cyberattack in practice.[iii]

In fact, 2017 introduced some of the largest and most widespread cybersecurity attacks in recent memory. The health care industry was shown to be particularly vulnerable to these threats. In 2018, health care providers should be on the watch for the following threats and should take efforts to protect against them.

Ransomware will Continue to Plague Providers
Ransomware is malware that exploits vulnerabilities in a system to encrypt or remove access from the information contained on the system. The infected system displays a message informing users that their data will not be released unless they pay the demanded ransom. Industries where access to information is critical to providing services—such as health care–are particularly targeted by such attacks.

Health care providers will remember 2017 as the year of large ransomware attacks, starting with the WannaCry ransomware attack, which spread to over 150 countries and infected more than 400,000 machines in just two days.[iv] The United Kingdom’s National Health Service was hit hardest by this attack, causing it to cancel nearly 7,000 appointments – including operations – as a direct result of the attack.[v] Hospitals here in the U.S. were also affected by this attack, including medical devices such as Bayer’s MedRad device that assists in MRI scans.[vi] WannaCry was followed by another global ransomware attack in June 2017 known as NotPetya. Several hospital systems and other health care entities were impacted by this attack, including Merck, one the U.S.’s largest pharmaceutical manufacturers.[vii] Health care providers can expect to see more of the same in 2018, as neither their vulnerabilities nor their mitigation efforts have drastically changed.

Targeting of Connected Medical Devices
The potential vulnerabilities in medical devices have long been on the radar. Successful hacks dating back to 2011 have affected a variety of medical devices, ranging from insulin pumps to pacemakers.[viii] Medical devices connected to a broader computer network have been used as easy access points for attackers to gain unauthorized entry to the network. In 2013, the Department for Homeland Security (DHS) issued a warning that 300 medical devices tested for cybersecurity vulnerabilities all failed to meet minimum standards.[ix] This warning spurred the Food and Drug Administration (FDA) to issue recalls due to cybersecurity vulnerabilities and, in 2016, to issue cybersecurity guidance for medical devices.[x] This year, Congress took notice, and the Medical Device Cybersecurity Act of 2017 was introduced.[xi] Although the bill failed to pass, by all indications regulatory and legislative actions seeking to address this concern will continue in 2018.

In the meantime, medical devices remain extremely vulnerable. Unlike other devices that receive multiple and frequently automatic updates that may protect against certain security holes, medical device manufacturers remain slow to update their products, and the process for implementing updates may be less user friendly. Further, the fact that hospitals and similar health care entities “typically have 300-400% more medical equipment than IT devices”[xii] provides more possible targets for hackers seeking access to a provider’s networks.

Falsification of Electronic Medical Records
As an increasing number of providers deploy certain protections (backups, frequent updates, etc.) against ransomware and refuse to pay the demanded ransoms, cybercriminals undoubtedly will turn to other methods that could increase the potential harm to providers and lead to higher ransom payments. One change we may see in 2018 is the possibility that hackers, instead of making data within a medical record unavailable or encrypted, will simply change the stored data so that it is inaccurate.[xiii] If providers have no way of knowing what information in the medical record is accurate, substantial liability may arise from issuing a contraindicated prescription, amputating the incorrect leg, or being falsely alerted that a patient has flatlined. The possibility that these attacks could even more directly threaten life or safety of patients presents an opportunity for attackers to exploit and profit from ransom demands at a greater degree.

These three potential areas of cybersecurity concern, along with many others (such as mobile device and vendor security), will continue to trouble providers in 2018. As we head into the new year, health care entities should take steps to protect their information systems, the medical information they create, and the patients they serve.

The post Top #Three #Health Care #Cybersecurity #Threats for 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Advanced #threats and #insider security #threats top #enterprises’ #cybersecurity #concerns, finds #Alert #Logic survey

Source: National Cyber Security – Produced By Gregory Evans

Alert Logic, a Security-as-a-Service provider for the cloud, has announced the results of a survey conducted with 400 UK cybersecurity professionals to better understand the evolving cyber threat landscape UK companies face.

The survey found that respondents’ confidence in their organisations’ overall cybersecurity posture is moderate to high, with only a fifth (21%) indicating they are not at all, or only slightly, confident in their organisation’s security posture.

When asked about the top challenges facing their cybersecurity teams, respondents cited detection of advanced threats (62%) and detection and/or mitigation of insider threats (48%) as the two top security challenges. Furthermore, 41% lacked advanced security staff to oversee cyber threat management and nearly a third (27%) lacked confidence in their automation tools catching all cyber threats.

“Advanced cyber threats present the most arduous task for cybersecurity professionals, and the survey results bear this out,” said Oliver Pinson-Roxburgh, EMEA director at Alert Logic. “Cyber attacks are increasingly difficult to detect, as the security threats presented by malicious actors become increasingly bold and sophisticated, particularly when attacking web applications.”

Lack of budget (51%), skilled personnel (49%) and lack of security awareness amongst employees (49%) weighed in as the most significant obstacles facing cybersecurity teams, inhibiting their organisations from adequately defending against cyber threats. In addition, when asked about the business impact of security incidents, system downtime was highlighted as having the biggest impact.

Interestingly, revenue impact was only cited as a relatively minor factor (16%), suggesting that either security teams have evolved their maturity to effectively manage risk or lack full visibility into the downstream business impact of security incidents.

Respondents were asked about the likelihood of their organisation being compromised by a successful cyber attack in the next 12 months, compared to last year. Here, the survey found a remarkably even distribution of expectations. Roughly one third (32%) expected that a compromise was likely, while a slightly smaller number (29%) felt that a compromise was less likely.

“Lack of cybersecurity awareness and budget create a strain on an organisation’s ability to combat advanced cyber threats,” said Pinson-Roxburgh. “Organisations must foster an inclusive security culture, and consider security service models if they don’t have the budget for in-house expert security staff; otherwise organisations will continue to expose their IT infrastructure and their sensitive data to risks.”

The post Advanced #threats and #insider security #threats top #enterprises’ #cybersecurity #concerns, finds #Alert #Logic survey appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Heart-stopping #cybersecurity #threats — literally

Source: National Cyber Security – Produced By Gregory Evans

Heart-stopping #cybersecurity #threats — literally

When many Americans envision our nation’s cybersecurity vulnerabilities they imagine the susceptibilities of our nation’s physical infrastructure — a paralyzed power grid, a hijacked nuclear power plant — high-shock events that would decimate the lives of millions of Americans.

Of course, these are viable threats. In July, it was reported Russian hackers infiltrated the business systems of U.S. nuclear power and other energy companies, but as we incorporate internet-connected technology into every aspect of our lives — from what we wear to how we secure our home and drive our cars — cybersecurity becomes increasingly personal.

In our nation’s hospitals — one of our most unpredictable environments — technology helps provide better quality and more efficient health care, but its incorporation has left some of our most intimate data vulnerable.

In June, the NotPetya attack that struck Ukraine’s critical infrastructure quickly made its way across Europe and into the United States, and many of our hospital systems were forced to cancel operations. Unfortunately, attacks of this kind are not a one-time occurrence. In fact, since 2009, the health-care data of more than 127 million Americans has been compromised by cyber criminals, and medical data vulnerabilities are just the beginning.

As our physical and virtual worlds continue to meld, bad actors are not only attempting to steal sensitive information but also manipulate life-sustaining internet-connected medical devices, such as internal defibrillators, pacemakers and automated insulin pumps.

The interoperability of these devices is critical in helping doctors monitor patients and detect problems with implanted devices. However, the ability for these technologies to adapt through internet connectivity — their greatest strength — is also their greatest vulnerability.

Last year, an insulin pump manufacturer warned more than 100,000 patients that their devices were susceptible to cyber hacking that could enable an unauthorized accessor to issue commands to the pumps.

Just a few months ago, security researchers identified a vulnerability with more than 450,000 internal pacemakers that could allow a hacker to hijack the pacemaker and drain the battery or alter the device’s pacing.

As the number of internet-connected medical devices and their respective vulnerabilities continues to grow, we must proactively take substantive steps to bolster their security and protect the Americans who rely on them by establishing health-care industry guidelines for how to best to defend against these types of radical cyber assaults.

I was joined by my colleague, Rep. Susan Brooks (R-Ind.), in introducing the Internet of Medical Things Resilience Partnership Act, legislation that will bring public and private sector counterparts together to address the vulnerabilities of medical technologies by establishing a robust, yet malleable, comprehensible cybersecurity framework.

We cannot stand idly by while these imminent attacks threaten the American people. Failure to work collaboratively to address medical data vulnerabilities would be failing the patients — the millions of Americans — who rely on these life-sustaining devices.

The post Heart-stopping #cybersecurity #threats — literally appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures