Colonial pipeline attack ratchets up ransomware game
"Because the Colonial Pipeline is a significant energy artery of the United States, its strategic importance is such that the DarkSide group could not have been ignorant of the fact," Hamilton said. "Further, given this importance it is likely that this act was known to Russian government—either through direct communication or from intelligence gathering by the GRU and SRV."
Criminal group originating from Russia believed to be behind pipeline cyberattack
DarkSide typically targets non-Russian speaking countries, the source said. The attack has led the White House to form an interagency working group over the weekend to prepare for various scenarios, including whether additional steps need to be taken to mitigate any potential impact on fuel supply, a White House official said Sunday.
Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks
Four critical flaws, dubbed ProxyLogon, impact on-prem Microsoft Exchange Server 2013, 2016, and 2010. Patches, vulnerability detection tools, and mitigation instructions were made available in March, but it is still estimated that up to 60,000 organizations may have been compromised.
Report: Hacking attempts on healthcare agencies increased by more than 9,800% in 2020
A recent report from software firm VMWare Carbon Black estimates that its health care customers experienced a 9,851% increase in hacking attempts in 2020 compared to the previous year. And activity intensified with the COVID-19 pandemic, attempts spiking 87% from September to October.
New Medical ‘Right To Repair’ Legislation Endangers Patients
The bill [...] would force the manufacturers of complex medical devices—including MRI machines, ultrasound, CT scanners, and PET systems—to hand over confidential training materials and other service tools to unregulated third-party servicing businesses.
Providers supportive of push to overhaul HIPAA, but air serious concerns about data privacy, timing
"We question the need for these changes, particularly at this time," the American Medical Association wrote in its letter to HHS Office of Civil Rights. [...] "We urge OCR to reconsider implementing a massive change to patient privacy laws in the midst of this transition," the group wrote.
Building Immunity to Cyber-Attacks
“A really perfect example would be a neighborhood chiropractor, flower shop or electrical supply center, and these small businesses – and they may not necessarily be a Mom and Pop, they might have 100 or 500 employees – they don’t have the data management practices and hygiene a big national corporation has. Everybody beat up on Equifax for their massive breach, but when you see these breaches [of small businesses], they have raised so much more risk of fraud on a per-member or per-credit union basis.”
Ransomware gangs get more aggressive against law enforcement
Randy Pargman, who worked for the FBI for 15 years, said police departments need to do some "soul searching" about how they currently protect sensitive data such as background check files. He said many departments don't have the budget or staffing for sophisticated cybersecurity measures, but could still transfer sensitive files to external hard drives kept offline and used only when needed.
Massive hack exposes emails from top Lightfoot officials
DDoSecrets ultimately posted the voluminous collection of emails after realizing they contained information “the public should know,” Martinez said. “In light of the killing of Adam Toledo, we have decided to publish a cache of emails from the City of Chicago and the Chicago Police Department,” DDoSecrets noted in a post announcing the release.
City experiencing difficulties due to ransomware attack
The city of Tulsa’s information and security teams are working to address technical difficulties as a result of an apparent ransomware attack. In a statement released by the city on Saturday, no private resident information was compromised, though individuals will experience delays in network services.
Biden Plans an Order to Strengthen Cyberdefenses. Will It Be Enough?
The order, drafts of which have been circulating to government officials and corporate executives for weeks and summaries of which were obtained by The New York Times, is a new road map for the nation’s cyberdefense. [...] Violators would risk having their products banned from sale to the federal government, which would, in essence, kill their viability in the commercial market.
NIST and CISA Release Guidelines for Organizations and Vendors To Defend Against Software Supply Chain Attacks
The agencies also recommended using NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF) to identify, assess, and mitigate risks. [...] They also advised software vendors to implement the software development life cycle (SDLC) in their business processes.
The TSA Should Regulate Pipeline Cybersecurity
As I have argued before, after two decades of trying to make a voluntary partnership with industry work, this incident demonstrates that neither thoughts, prayers, nor information sharing is sufficient. It is time for the federal government to exercise its existing authority to regulate the cybersecurity of pipelines.
How North Korean APT Kimsuky Is Evolving Its Tactics
Between August and October 2020, CloudDragon launched a supply chain attack against a firm in the Korean cryptocurrency industry. Attackers went after a hardware wallet surface, which typically specializes in security but needs software to assist with blockchain on the Internet. Attackers created a malicious version of its management software and deployed it to the official website.
The US Needs to Impose Costs on China for Its Economic Warfare
The United States has failed to sufficiently deter China’s long-running campaign of cyber-enabled economic warfare. Beijing violated the Obama-era bilateral deal to cease economic espionage and then shirked the Trump-era agreement intended to recoup economic losses from its unfair trade practices. There are several components to a better deterrence policy, and it is time to find effective ways to impose costs on Beijing.
Hackers who shut down pipeline: We don’t want to cause “problems for society”
DarkSide claims to avoid targets in medical, education, nonprofit, or governmental sectors—and claims that it only attacks "companies that can pay the requested amount" after "carefully analyz[ing] accountancy" and determining a ransom amount based on a company's net income. Digital Shadows believes these claims largely translate to "we looked you up on ZoomInfo first."
Computer Chips Are the New Toilet Paper
Most people need toilet paper and computer chips every day, and yet we rarely think about either of them. [...] Computer chips aren’t so disposable, but they are equally essential as electronic brains for products like smartphones, cars, airplanes and most modern appliances. Chip shortages have stalled new car manufacturing, made rental cars harder to find and complicated business even for the dog washing industry.