Update that Ransomware plan…
Why you can’t bank on backups to fight ransomware anymore
Ransomware operators stealing data before they encrypt means backups are not enough.
Just a few months after staging a ransomware exercise for its member credit unions, the Credit Union National Association (CUNA) experienced what a spokesperson described as a "business disruption issue"—caused by ransomware, according to a source that spoke with TechCrunch's Zack Whittaker.
… CUNA's recovery demonstrated that the organization had taken the threat of ransomware seriously internally as well as in the exercise it staged with member credit unions. But it also shows that even organizations that believe they're prepared for ransomware attacks can take painful business hits from ransomware, even when its effects are contained.
… Having good backups and responding quickly to the execution of ransomware malware can help limit the damage done by an attack, but ransomware operators are beginning to adapt as well—in ways that fundamentally change the model of ransomware attacks.
… Unfortunately, that sort of model is being blown up by the Maze and Sodinokibi (REvil) ransomware rings, which have adopted a model of using stolen data as leverage to ensure customers will make a payment. Even in cases where a victim can relatively quickly recover from a ransomware attack, they still will face demands for payment in order to avoid the publication or sale of information stolen by the attackers before the ransomware was triggered.
(Related) Makes me wonder what their operational logs actually log.
eHealth discovers Sask. files sent to suspicious IP addresses in Europe
There's a chance that personal health data belonging to Saskatchewan residents could have been compromised in a ransomware attack.
Files from some of its servers have been sent to suspicious IP addresses, according to eHealth CEO Jim Hornell.
… This is the latest development in the ransomware saga. Initially, CBC News was told the attack began Jan. 5, 2020. However, Hornell revealed that the virus first entered the eHealth system on Dec. 20, 2019. Employees didn't discover there was a problem until they tried to open files on Jan. 6, 2020 and were asked for bitcoin in exchange for unlocking the files.
In January, Hornell said personal data was secure despite the ransomware hit. Now, it appears the organization can't be sure and "may never know" if personal data was affected.
The files exchanged were encrypted and password protected by the attacker, which means the exact content of those files is unknown.
Hornell said the affected server primarily contained administrative files, like emails. However, he said it's not clear if the affected server was in communication with other servers.
Testing today. What happens when they unleash everything?
https://www.databreaches.net/russia-unleashes-new-weapons-in-its-cyber-attack-testing-ground-report/
Russia Unleashes New Weapons In Its ‘Cyber Attack Testing Ground’: Report
Zak Doffman reports:
“Ukraine is, by and large, a Russian cyber attack testing ground,” Vitali Kremez tells me. The head of SentinelLabs has just penned a new reportinto the actions Russian cyber threat group “Gameredon” is taking against Ukraine, and the wider implications of this. “We assess with high confidence,” Kremez says, “that the Russian targeting and approach towards Ukraine is preparatory and will be replicated across other targets related to the Russian government.”
Read more on Forbes.
(Related) Is every hack a test of a cyber weapon?
Facebook's official Twitter and Instagram accounts were hacked
Facebook's official social media accounts appear to have been hacked by a group that has previously compromised accounts belonging to HBO, the New York Times and, most recently, the NFL and a number of its football teams.
We’ll get it figured out soon.
Modified CCPA Regulations Released—Comments Due February 24
On Friday, February 7, 2020, the California Attorney General (CA AG) released notice of changes to the California Consumer Privacy Act (CCPA) draft regulations. Initial draft regulations were published for public comment on October 11, 2019 (as previously covered by Hogan Lovells here).
… Redlineand cleanversions of the modified regulations, along with documents and other information the CA AG relied upon in modifying the draft regulations and the initial proposed regulations, are available on the CA AG’s CCPA website.
It could never happen here, could it?
Coronavirus brings China's surveillance state out of the shadows
… Chinese have long been aware that they are tracked by the world’s most sophisticated system of electronic surveillance. The coronavirus emergency has brought some of that technology out of the shadows, providing the authorities with a justification for sweeping methods of high tech social control.
Artificial intelligence and security camera companies boast that their systems can scan the streets for people with even low-grade fevers, recognize their faces even if they are wearing masks and report them to the authorities.
If a coronavirus patient boards a train, the railway’s “real name” system can provide a list of people sitting nearby.
Mobile phone apps can tell users if they have been on a flight or a train with a known coronavirus carrier, and maps can show them locations of buildings where infected patients live.
(Related) If you can’t get through an obstacle, go around.
Opinion | The Government Uses ‘Near Perfect Surveillance’ Data on Americans
“When the government tracks the location of a cellphone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user,” wrote John Roberts, the chief justice of the Supreme Court, in a 2018 ruling that prevented the government from obtaining location data from cellphone towers without a warrant.
“We decline to grant the state unrestricted access to a wireless carrier’s database of physical location information,” Chief Justice Roberts wrote in the decision, Carpenter v. United States.
With that judicial intent in mind, it is alarming to read a new report in The Wall Street Journal that found the Trump administration “has bought access to a commercial database that maps the movements of millions of cellphones in America and is using it for immigration and border enforcement.”
The data used by the government comes not from the phone companies but from a location data company, one of many that are quietly and relentlessly collecting the precise movements of all smartphone-owning Americans through their phone apps.
… Since that data is available for sale, it seems the government believes that no court oversight is necessary. “The federal government has essentially found a workaround by purchasing location data used by marketing firms rather than going to court on a case-by-case basis,” The Journal reported. “Because location data is available through numerous commercial ad exchanges, government lawyers have approved the programs and concluded that the Carpenter ruling doesn’t apply.”
Perspective.
Corporate America has a 1%, too, more influential than ever
The five biggest U.S. stocks — Apple, Microsoft, Google’s parent company, Amazon and Facebook — have grown so explosively that they account for nearly 18% of the S&P 500 index by market value, when they make up just 1% of its population. Never before have five companies held such powerful sway over the index, according to Morgan Stanley strategists.
No comments:
Post a Comment