ITMG Insider Threat News – January 4, 2021

itmgnews010421

UK judge to rule on US extradition for WikiLeaks’ Assange

WikiLeaks founder Julian Assange will find out Monday whether he can be extradited from the U.K. to the U.S. to face espionage charges over the publication of secret American military documents. District Judge Vanessa Baraitser is due to deliver her decision at London’s Old Bailey courthouse at 10 a.m. Monday. If she grants the request, then Britain’s home secretary, Priti Patel, would make the final decision. Whichever side loses is expected to appeal, which could lead to years more legal wrangling.

Microsoft says hackers viewed its source code

Microsoft said Thursday that the suspected Russian hackers behind a massive US government security breach also viewed some of the company’s source code. The unauthorized access does not appear to have compromised any Microsoft services or customer data, the company said in a blog post. But an investigation showed that the attackers took advantage of their access to Microsoft’s systems to view company code. “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft said. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”

HP predicts cyberattacks to become more targeted in 2021

The sudden shift in telecommuting caught many organizations by surprise — and unprepared. This opened up many vulnerabilities in cybersecurity that many cybercriminals exploited and continue to attack. Technology company HP sees a wide range of security threats that will put companies at a disadvantage. In its 2021 predictions, HP predicts that human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise, and whaling attacks will see an increase this year. “COVID-19 has weakened organizational security. Remote access inefficiencies, VPN (virtual private networks) vulnerabilities, and a shortage of staff that can help the business adapt mean data is now less secure,” said Joanna Burkey, chief information security officer, HP. “We can expect to see hackers identifying and taking advantage of any holes in processes that were created, and still exist after everyone left the office.”

Beware of paying that ransomware threat

At a time when the U.S. healthcare system is already overwhelmed by the COVID-19 pandemic, hospitals and healthcare companies have been hit with an unprecedented number of ransomware attacks. A joint cybersecurity advisory issued on October 29, 2020 by the FBI, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the Department of Health and Human Services warns that it will only get worse, assessing that there is “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” Ransomware has already demonstrated its capability to disrupt and devastate organizations beyond healthcare companies:  large corporations, small businesses and startups, municipalities and government entities are all vulnerable. In 2020 alone, victims of the 11 biggest ransomware attacks spent over $144 million on investigations, restorations and preventative measures, in addition to actual ransom payments.

SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?

Every massive breach comes with a trail of lawsuits and regulatory ramifications that can last for years. Home Depot, for instance, only last month settled with a group of state attorneys general over its 2014 breach. The SolarWinds security incident that U.S. officials have pinned on state-sponsored Russian hackers is unlike anything that came before, legal experts say, meaning the legal liability could take even longer to resolve in court.

NIST Shares Best Practice Security Guidance for Vulnerable PACS

Best practice NIST guidance is designed to support healthcare providers in securing PACS. Multiple reports have shown the highly vulnerable tech has exposed millions of medical images. The Office for Civil Rights is urging healthcare organizations to review recently released NIST cybersecurity guidance for Picture Archiving and Communication System (PACS). The best practice insights are designed to secure the highly vulnerable technology. PACS servers are widely used in healthcare to archive medical images, as well as allowing entities to share these records with other providers. However, the tech is riddled with vulnerabilities, including the use of the DICOM protocol. Flaws in DICOM could allow an attacker to install malicious code into imaging files and infect patient data. Meanwhile, reports from Greenbone Networks in 2019 found PACS were leaking billions of medical images. One year later, a HealthITSecurity.com exclusive report confirmed US providers have not yet secured millions of medical images.

Cybersecurity Must Be the Top Priority for the Board in 2021

The impact will be felt from top to bottom within the organization. Put simply: businesses can no longer afford to ignore cybersecurity. Alongside new technologies, the geopolitical arena will continue to be complex, turbulent and fragile in 2021. Economic conditions will also have an impact as governments look to invest in technology to stimulate growth while the power and influence big tech giants have on politics and society will lead to social disillusionment. Privacy regulations and environmental factors will also have their role to play in creating the overall security picture.

Combating the Insider Threat Among Us

Security can be a difficult topic to talk about. This is especially true for organizations combating insider threats. Can social deduction games break the ice? Recently a game called “Among Us” garnered mass popularity across the internet. It’s especially popular among streamers and on video platforms like Twitch and YouTube. The description from the developers tells us to “Join your crewmates in a multiplayer game of teamwork and betrayal!” The basic premise is that as a player, you have a crew.  Some of your crew are imposters, trying to sabotage the rest of the team. Meanwhile, the “good” part of the crew is just trying to do their job and get home. Playing, watching and theorizing about the game though, gives off a certain vibe as a social engineer. The game hints at something we deal with day-to-day. Before we get into the connection though, let’s explain a little more about the game, and the history of social deduction games.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading