Cyber Attacks, Threats, and Vulnerabilities
The WannaCry Ransomware Pandemic: Attribution, Kill Switches, Crimes, and Torts (The CyberWire) Organizations continue their recovery from the WannaCry ransomware pandemic amid warnings that the first wave is unlikely to be the last. Enterprises that failed to protect themselves against the known vulnerabilities that enabled the worm to spread the crypto ransomware are thought by legal observers to bear considerable risk of civil litigation. There are also some preliminary gestures toward attribution, with some seeing the hand of the Lazarus Group (associated with North Korea's government) behind the campaign.
'Targeted attack gone wrong': Was the WannaCry ransomware epidemic an accident? (International Business Times UK) Hackers' bitcoin wallets may prove they were 'unprepared' for such a widespread attack.
Security Firms See Potential North Korea Link to Ransomware Attack (VOA) Thousands of computers hit in Asia as workers signed on for the first time since the attacks spread Friday
Researchers: WannaCry ransomware shares code with North Korean malware (Cyberscoop) The ransomware known as WannaCry that spread rapidly to 300,000 machines in 150 countries over the past few days shares code with malware written by a group of North Korean hackers known as the Lazarus Group. While the shared code is important, experts warned that it’s far from proof about who created and launched the ransomware attacks.
NHS computer hack: North Korea and Russia are implicated as phishing attack is ruled out (WIRED UK) The NHS computer hack using Wanna Decryptor ransomware shut down IT systems with 75,000 attacks in 99 countries
WannaCry and Lazarus Group – the missing link? (SecureList) A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag...
Cyber attack: Latest evidence indicates 'phishing' emails not to blame for global hack (The Telegraph) Latest evidence suggests "phishing" emails are unlikely to have caused the global cyber attack that wreaked havoc at dozens of NHS trusts and hit hundreds of thousands of computers in 150 countries.
New variant of WannaCry ransomware surfaces (CRN Australia) Already stopped from doing damage, says Check Point.
Bitdefender: Recent WannaCry attack is only the first in a series of similar ones (Romania Insider) The recent WannaCry ransomware attack, which spread to more than 100 countries, is only the beginning in a series of similar attacks.
Future cyberattacks will be more complex (Deccan Herald) The components of the global cyberattack that seized thousands of computer systems recently may be more complex than originally believed, a Trump administration official said on Sunday, and experts warned that the effects of the malicious software could linger for some time.
North Korea linked to WannaCry attack, as experts say the NHS should have done more to protect itself (Computing) The Lazarus Group, resposible for the Sony pictures hack of 2014, suspected of perpetrating WannaCry hack
In Ransomware Attack, Where Does Microsoft’s Responsibility Lie? (New York Times) For years, the company has tried to change the perception that its software was vulnerable to hackers. A global cyberattack renewed those issues.
WannaCry could spark lawsuits, but Microsoft not to blame (CRN Australia) Legal experts say software vendor is free from guilt.
What Is WannaCry? Analyzing the Global Ransomware Attack (Recorded Future) What is WannaCry and how does it work? We provide analysis and insight for what has become the largest ransomware attack in history.
WannaCry: here’s what we know now about the outbreak (Naked Security) As the dust settles after Friday’s outbreak, things are becoming clearer and it seems this was an unsophisticated use of a sophisticated tool
What’s next after ‘massive disruption’ from cyber-attack? A view from the trenches (Miami Herald) As the cyber-attack continues to spread around the globe causing massive damage for universities, hospitals, automakers and many other businesses including FedEx, only one thing is certain: It won’t be the last, says Yuri Frayman, CEO of Aventura-based cybersecurity company Zenedge.
Protecting Your Organization from the WCry Ransomware (Fortinet Blog) Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate...
What We Know About the WannaCry Ransomware Attack and What You Should Do To Protect Yourself (Securonix) By now, anyone in cybersecurity and many who are not, know that on Friday, May 12, 2017, a large-scale ransomware cyberattack involving the #WannaCry aka WannaCrypt aka WannaCrypt0r 2.0 aka Wanna Decryptor was launched, infecting over 230k systems in 150+ countries.
WannaCry? Three Actions You Can Take Right Now to Prevent Ransomware (Tenable) By now everyone has heard about the ransomware called Wanna, WannaCry or WCry spreading across the globe and locking down the data of some of the world’s largest companies
Understanding the Effect of DoublePulsar and WannaCry Across Industries is the Key to Protecting your Supply Chain (BitSight) This blog examines how the DoublePulsar vulnerability and the WannaCry ransomware worm are affecting major industries.
5 Emergency Mitigation Strategies to Combat WannaCry Outbreak (Data Breach Today) Drop everything and patch all Windows devices against the SMB flaw or else shut them down, security experts warn in the wake of the global outbreak of WannaCry
WannaCry: Sizing Up the Impact in India, Asia (InfoRisk Today) Researchers say India apparently is one of the top five countries affected by the WannaCry ransomware outbreak, which has infected more than 200,000 endpoints
Europol estimates that WannaCry cyber attack has hit about 2,00,000 systems in 150 countries (Tech2 ⋆ New York city blog) Friday’s cyber attack hit 200,000 victims in at least 150 countries and that number could grow when people return to work on Monday, the head of the European Union’s police agency said on Sunday. Cyber security experts say the spread of the virus dubbed WannaCry – “ransomware” which locked up computers in car factories, hospitals, …
The Latest: More US firms believed hit by cyberattack (KLTV) The latest on the global extortion cyberattack that hit dozens of countries (all times local):
WannaCry: What's the Impact on U.S. Healthcare? (Data Breach Today) As organizations around the globe – including hospitals in the United Kingdom - recover from the WannaCry ransomware campaign, healthcare entities in the United
Wanna Decrypter 2.0 ransomware attack: what you need to know (Naked Security) Security experts are firefighting the global outbreak of ransomware that is apparently exploiting a recently patched flaw in Windows
Global cyber attack: Here's how experts are analysing it (Money Control) In an interview to CNBC-TV18, S Ramadorai, Former Chairman of Tata Consultancy Services (TCS) shared his readings and outlook on global cyber attack.
Wanna Cry Ransomware Outbreak Paralyses 2 Lakh Computers Across 150 Countries; India Issues Red Alert (Trak.in - Indian Business of Tech, Mobile & Startups) Wanna Cry, the deadly ransomware which has affected more than 2 lakh computers across 150 countries, has been declared as a critical threat in India. Computer Emergency Response Team of India (CERT-In) has red alert warning against this ransomware, which denotes maximum threat level.
The Latest: 29,000 Chinese institutions hit by cyberattack (Fox Business) The Latest on the global extortion cyberattack that hit dozens of countries on Friday
WanaCry Observations: Big Worm = Big Problems (Anomali) NOTE: Anomali is continuing to investigate and monitor the WanaCry worm and will update this page as we have more information to share. Visit www.anomali.com/wanacry for the latest.On the morning of Friday May 12th a new ransomware threat emerged infecting tens of thousands of computers across the globe at an alarming rate.Figure 1 - WanaDecrypt0r 2.0 Pop up window and splash screen.Named “Wana Decrypt0r 2.0” (a.k.a “WannaCry”, "WCry"), the ransomware was unique
WannaCry benefits from unlearned lessons of Slammer, Conficker (Naked Security) We’ve been here before with malware – so why was WannaCry able to cause such havoc around the world?
The Windows worm is back – and this time it’s serious (Naked Security) Worms are a malware tactic from back in the day – but they still remain tricky to mitigate against
()
Security resellers rally to halt WannaCry ransomware outbreak in Australia (CRN Australia) Channel partners worked through the weekend to protect customers.
'WannaCry': update systems warn Africa's security specialists (ITWeb Africa) The global ransomware attack 'WannaCry', described by cyber security experts as the biggest recorded of its kind and which affected global networks over the weekend, has triggered warnings for African business owners and organisations to be vigilant and update their systems.
WannaCry: How To Defend Against The Ransomware Attack (ValueWalk) WannaCry is arguably the most frightening ransomware attack the world has ever seen. Since Friday, it has hit more than 200,000 victims in
WannaCry? Latest cyberattack is ‘just the beginning’ (Arab News) “This is just the beginning. We are in a cyberwar as we speak,” said Amir Kolahzadeh, founder and chief executive of internet security firm IT Sec. “We expect to see more sophisticated attacks, possibly with targeted demographics or location. Our smart buildings, our smart cars, our smart everything is a target.”
CISO Lessons From The World's Biggest Ransomware Attack (CXO Today) What is termed by experts as the ‘biggest ransomware attack in history’ has put cyber security professionals to a rigorous weekend saving credentials.
Keeping Third-Party Risk First in Cybersecurity (PYMNTS.com) As companies expand and interact with an ever-widening web of vendors, third-party risk deepens as data is shared and, potentially, exposed. In the latest Topic TBD, Gayle Woodbury, managing director at Crowe Horwath, weighed in with PYMNTS’ Karen Webster on why risk control needs to have broad horizons.
Cyberattack has not affected U.S. government, White House says (PBS NewsHour) A global cyberattack has now affected an estimated 300,000 machines in 150 countries.
The United States Is Not Ready for a Cyber-Pearl Harbor (Foreign Policy) The weekend’s massive “ransomware” attack exposed the glaring vulnerabilities in our cybersecurity readiness.
U.S. Cyber Command: Russia hacking “the new normal” (Defense Systems) The head of U.S. Cyber Command argues stronger data protection needed in new threat environment.
Reporters dox WannaCry ransomware kill switch guy (Network World) What kind of sickness causes publications to show gratitude by doxing the “hero” responsible for stopping the WannaCry ransomware attack?
Breach at DocuSign Led to Targeted Email Malware Campaign (KrebsOnSecurity) DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems.
Analysis of Chrysaor Keylogging Mechanism Shows Power of Simple Malicious Code (McAfee) Many attacks on mobile devices use social engineering to initially infect a victim’s system. They download malware and elevate privileges by exploiting vulnerabilities. Mobile malware often uses persistence mechanisms to hide and monitor the victim’s behavior.
Who’s targeting you on Facebook? A browser extension wants your data (Naked Security) But hang on – what happens to the data the campaign collects via its Chrome extension to learn more about election ads on Facebook? We asked the founders
Stealing Windows credentials using Google Chrome (Help Net Security) Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways...
Ecommerce: Credit card stealing malware (Media Trust) Ecommerce payment security processes breached resulting in unauthorized access to sensitive information.
Vietnam-Aligned Hackers Attack Foreign Firms, FireEye Says (Bloomberg.com) Cyber espionage attacks against foreign companies operating in Vietnam have been traced to a group of hackers “aligned with Vietnamese state interests,” according to a report from cyber-security provider FireEye.
Cyber Trends
Cybersecurity Studies in Threat Hunting (Bricata) This post reviews several recent cyber security studies including threat hunting, the deluge of alerts, ransomware, insider threats and the skills gap.
Marketplace
Cybersecurity stocks rise in the wake of WannaCry ransomware attack (CRN Australia) Increased trading for Cisco, Sophos and FireEye.
Inside Yahoo's Terrible, Horrible, No Good, Very Bad Security Year (PCMAG) At TechCrunch Disrupt, Yahoo Chief Information Security Officer Bob Lord talks Yahoo's massive data breach and state-sponsored Russian hacking.
Navy buys electronic warfare management system (C4ISRNET) The deal includes 38 ALQ-213 tactical threat displays for the Navy, with 27 going to the U.S. Navy, three to the U.K. and eight to Australia.
Akamai CSO Details Cyber-Security Challenges and Improvements (eWeek) Akamai Technologies operates one of the world's largest content delivery networks (CDNs), as well as providing organizations with security services including distributed denial-of-service (DDoS) protection and web application firewall (WAF) capabilities.
AKUA raises $3 million to bring IoT to shipping containers (Technical.ly Baltimore) The CyberPoint International spinout is looking to disrupt supply chain management. This could be a Baltimore story worth watching.
MasterPeace LaunchPad Showcases Cutting-Edge Technologies During Spring Demo Day (BusinessWire) MasterPeace LaunchPad celebrated a successful spring demo day, which took place on Wednesday, May 10 from 5:00-7:00pm. Attendees were joined by a notable group of state and local influencers and industry speakers to discuss the growing Maryland Cyber startup eco-system.
Quantum entrepreneurs show their stuff (TechSPARK.co) Three of the entrepreneurs on this year’s programme at the Quantum Technology Enterprise Centre (QTEC) have been discussing their technology developments. The entrepreneurs have been using quantum technology to develop handheld sensors to measure water quality and detect bacteria in hospitals, for detecting gas leaks from pipelines via drones and for quantum cryptography. You may …
Austrade, Data61 to promote Australian blockchain talent in New York | ZDNet (ZDNet) Australia will be sending 26 representatives to Consensus 2017 in New York later this month to showcase what the nation has to offer in blockchain technology.
Mosaic451 Opens New Cybersecurity Headquarters in Heart of Phoenix (WMC 5 Action News) Bespoke managed security services provider upgrades facilities with state of the art Security Operations Center to support its worldwide cybersecurity services
Digital Defense, Inc. Named Top Security Company in Skyhigh Cybersecurity Post (PRWeb) Analyst reports, surveys and market share studies put VMaaS leader on top.
CRN Honors LookingGlass' Laurie Potratz with Women of the Channel Distinction (BusinessWire) LookingGlass™ Cyber Solutions, a leader in threat intelligence-driven security, announced today that CRN®, a brand of The Channel Company...
Forcepoint Expands Operations in Europe with New Sales Leadership (PRNewswire) Stefan Maierhofer joins as Area Vice President of Sales for Central and Eastern Europe
Products, Services, and Solutions
Dunbar Releases First Open Source Active Response Platform for Cybersecurity (BusinessWire) To address the security risks caused by "alert fatigue," and to extend enterprise-grade incident management capabilities to businesses of all sizes, Dunbar Security Solutions today launched Cyphon, the industry’s first open source active response platform for collecting data, identifying cyber-attacks and tracking all subsequent work performed.
Guidance Software Announces EnCase® Endpoint Security Version 6 (BusinessWire) Guidance Software, the makers of EnCase®, the gold standard in forensic security, today announced EnCase® Endpoint Security Version 6, a significant redesign of the company’s flagship endpoint detection and response (EDR) product.
eGlobalTech Announces Availability of "DevOps Factory ™" Across U.S. Federal Government, Accelerating Delivery of Secure IT Solutions (PRNewswire) With advanced security and cloud deployment automation tools, this proven DevOps framework provides secure, scalable and cost-effective IT solutions for federal customers
Announcing a USB Drive Appliance to Protect Against Ransomware (PRNewswire) The hacker attacks that hit global networks with ransomware in a dozen nations last Friday, crippling operations from telecommunications and transportation to hospitals, underscores the need for effective protection from malware such as this.
Technologies, Techniques, and Standards
What is NIST's guidance on lightweight cryptography? (SearchSecurity) A recent report on lightweight cryptography from NIST offers recommendations for cryptographic standards. Here's a closer look at the findings and advice.
Protecting Patient Information in the Age of Breaches (University of Illinois at Chicago) In recent times, over 1,000 health care organizations have experienced network breaches causing overwhelming amounts of protected health data to be compromised. Infiltrating the networks of health care facilities is an alarming trend among hackers, but what is the allure? Health care facilities carry some of the most sensitive reserves of data files across the board, supplying hackers with the kind of sensitive information that has limitless potential to not only effect the health care organization that they have infiltrated, but also the patients involved in the breach.
Assessing and Mitigating Risks for Electronic Health Records (University of Illinois at Chicago) Electronic Health Records (EHR) have become common in the US with nine out of every 10 physicians surveyed saying that they have adopted the technology. In fact, EHR adoption and usage has more than doubled from 42% in 2008 to 87% in 2016. What’s more, up to 90% of hospitals have already integrated EHR technology into their systems. American consumers have also jumped onto the digital health bandwagon. In fact, by 2018, 50% of mobile device users will have downloaded 3.4 billion health apps, industry experts forecast. Some of these apps link to wearable devices that track metrics such as steps taken, distance covered, and even heart rate. Industry analysts expect the Internet-of-things era to usher in more ways of capturing and accessing health data.
Cloud Encryption: Bring Your Own Key Is No Longer Enough (IT Security Guru) ‘Trust’ can be both a terrific enabler and a severe inhibitor in cloud services adoption.
Research and Development
Deep Secrets and the Thrill of Discovery | Quanta Magazine (Quanta Magazine) The biologist and author Sean B. Carroll recounts the joys of unexpected revelations.
Academia
OnlineSchoolsCenter.com Name Best Online Schools for Master's in Cyber Security Degree Programs (PRNewswire) OnlineSchoolsCenter.com has released their picks of the 20 best online...
Legislation, Policy, and Regulation
How Germany Is Tackling Hate Speech (Foreign Affairs) In April 2017, the German cabinet passed new legislation that enables Germany to fine social media companies up to 50 million euros ($55 million) for not reacting swiftly enough to reports of illegal content or hate speech.
US and allies on high alert as cyberattacks threaten 2017 elections (WJLA) Democratic societies have long been seen as the champions of free speech and the open exchange of information, but those very qualities have increasingly become a vulnerabilities in the digital age, where cyberspace is being used to undermine confidence in
Lead Story – Preventing “A Cyber Pearl Harbor” (Hawaii Herald) Three-star Army General with Hawai‘i roots is leading the charge
Post-WannaCry, Microsoft Slams Spy Agency Exploit-Hoarding (Data Breach Today) Microsoft's chief legal officer has slammed U.S. spy agencies, warning that civilians are at risk if governments stockpile libraries of software vulnerabilities
To Path, or Not to Patch? (Niskanen Center) The world is reeling from tens of thousands of ransomware attacks across almost 100 countries. The attack infected computers at hospitals, companies, and even government ministries in Russia, forcibly encrypting users’ files and demanding ransom be paid in order to access the contents.
Tales From the Crypto Community (Foreign Affairs) If the allegations that the NSA worked to weaken international cryptographic standards and deliberately introduced backdoors into security-critical software and hardware are correct, then the agency has harmed the computer security of the United States (and the world) as much as any malicious attacks to date.
Countering 'little green men': Pentagon special ops studies Russia ‘gray zone’ conflict (Defense News) The Pentagon is studying gray zone conflict – otherwise known as hybrid warfare – beginning with a focus on Russia and later moving on to study Iran and China.
Litigation, Investigation, and Law Enforcement
Trump revealed highly classified information to Russian foreign minister and ambassador (Washington Post) The president was boasting of the “great intel” he receives when he discussed intelligence provided by a U.S. partner.
White House pushes back against report Trump shared classified info with Russians (POLITICO) "The president did not disclose any military operations that were not already publicly known," national security adviser H.R. McMaster says.
Second Circuit Declares Retailer Victory in Data Breach Case (Sidley Austin LLP) The U.S. Court of Appeals for the Second Circuit ruled on May 3 that a plaintiff who claimed that her credit card information was stolen in a data breach, but who failed to point to any particular out-of-pocket expense or inconvenience, does not have Article III standing to sue.
Chelsea Manning to return to active duty after prison release (Army Times) Pvt. Chelsea Manning is getting out of prison on Wednesday, and because her court-martial conviction is still under appeal, she'll be staying in the Army for the forseeable future.