Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

US Department of Justice reignites the Battle to Break Encryption

Every 5 to 10 years, the government and law enforcement agencies try to pass a law that provides easy access or a “back door” to encryption keys because criminals use encryption and this makes arrest and prosecution harder.  The problem is that anything that weakens encryption for criminals weakens it for all of us.  And nothing prevents criminals for using their own home-brewed encryption solutions in violation of this proposed law.  If criminal investigations were easy, we wouldn’t need cops.  Come on man, do your job!  And try doing it the right way.  Wednesday’s article on WyzGuys.

Email Bomb: How to Hide from Attack?

Do you receive thousands of unnecessary emails to your email address every day? Most likely, you were exposed to an “email bomb attack,” a type of DDoS attack.  Read more…

Ransomware Attack Leads To Woman’s Death

With so many hospitals and other healthcare centers being targeted by cyber extortionists, it was only a matter of time before a ransomware attack led to someone’s death. Discover what happened and the implications this sad development has for healthcare providers and other types of organizations.

With the number of ransomware attacks against healthcare providers rising year after year, it was only a matter of time before one of these attacks led to someone’s death. Sadly, a woman died from a series of events triggered by a ransomware attack at a German hospital.

When Dusseldorf University Hospital’s IT systems crashed on September 10, 2020, it decided to close the doors for some of its services. Besides canceling doctor appointments, the hospital postponed surgeries and told the public not to visit. It also stopped accepting patients in its emergency room, which resulted in them being sent to other hospitals. A woman with a life-threatening condition was one of the patients shuttled elsewhere. She was sent to a hospital in Wuppertal, which was about 20 miles away. This delayed treatment by about an hour, which resulted in her death.  Read more…

Ransom campaign threatens organizations with DDoS attacks

All the organizations that contacted security provider Radware after receiving an extortion letter were hit by Distributed Denial of Service attacks.  In this campaign, organizations receive extortion messages from criminal groups going by the names “Fancy Bear,” “Armada Collective,” and “Lazarus Group.”  Full article…

There’s a Whole War Going On: The New HBO Film Tracing 10 Years of Cyber Attacks

‘There’s a whole war going on‘: a new film tracing a decade of cyber-attacks was just released by HBO on October 16, 2020. It’s the most powerful budget ammo I have found these last 10 years. There are quite a few reviews, but I liked the one in The Guardian the best, here is a short excerpt:

“In early 2010, scientists at a uranium enrichment plant in Natanz, Iran, watched their infrastructure malfunction at an unprecedented, inexplicable rate. Technicians inspected their equipment, but could find no explanation for why the plant’s centrifuges – machines to isolate the uranium isotopes needed for nuclear power – were spinning at irregular rates, and then failing.

Five months later, cybersecurity responding to a seemingly separate network malfunction in Iran inadvertently discovered the culprit: a malicious string of code which instructed computers, and the centrifuges they controlled, to vary in speed until their parts broke down, while simultaneously mimicking normal operator instructions, as if playing security footage on a loop in a heist movie. It was computer malware capable of physical, real-world destruction – the world’s first digital weapon, originating from US national intelligence.

Stuxnet, as the worm came to be known, marked a sea change in international relations – the first known time a country deployed an offensive cyber weapon to inflict damage rather than collect surveillance, and the precipitating event of The Perfect Weapon, a new HBO documentary on the past decade of insidious, troubling escalation of international cyberwarfare.

With Stuxnet, which is thought to have been developed by America’s National Security Agency as early as 2005, the United States “crossed the Rubicon”, David E Sanger, a longtime national security correspondent for the New York Times, says in the film. “The United States has basically legitimized the use of cyber as a weapon against another country against whom you had not declared war. It pushes the world into an entirely new territory.”

The Perfect Weapon, like Sanger’s book of the same name, traces in succinct, clinical style the Pandora’s box of chaos-sowing, digital tits for tats in the wake of the Stuxnet reveal, from hacks that garnered enormous and arguably outsized media attention – the leak of Democratic National Committee emails in the run-up to the 2016 election by Russian hackers, the 2014 Sony hack and its flurry of gossipy work emails – and lesser-known but still critical developments in what is essentially a multinational, virtual cold war.

“There’s a whole war going on right underneath our noses that is state-sponsored,” John Maggio, the film’s director, told the Guardian. “The actual act may be carried out by ‘criminals’, but they’re sponsored by states – by Iran, by North Korea, by China, by Russia, and by America against their adversaries.”

And guess who finds themselves in the trenches of this cyber cold war? Right, you got it, that’s us in IT. Your organization simply cannot afford not to build a strong human firewall and this movie makes the case for you. Tell your C-level folks to watch it and increase your InfoSec budget!

Russian “government hackers” charged with cybercrimes by the US

What can we learn from the US DOJ indictments against the “Sandworm Team”?

NSA Releases Advisory on Chinese State-Sponsored Actors Exploiting Publicly Known Vulnerabilities

Original release date: October 20, 2020

The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.



About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.