Cyber attack spreads globally, thought to use leaked NSA hacking tools

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

An exten­sive cyber attack struck com­put­ers across a wide swath of Europe and Asia on Fri­day, and strained the pub­lic health sys­tem in Britain, where doc­tors were blocked from patient files and emer­gency rooms were forced to divert patients. The  ran­somware attack exploit­ed a vul­ner­a­bil­i­ty that was dis­cov­ered and devel­oped by the Nation­al Secu­ri­ty Agency. The hack­ing tool was leaked by a group call­ing itself the Shad­ow Bro­kers, which has been dump­ing stolen NSA hack­ing tools online begin­ning last year. Microsoft rolled out a patch for the vul­ner­a­bil­i­ty last March, but hack­ers took advan­tage of the fact that vul­ner­a­ble targets—particularly hospitals—had yet to update their sys­tems. The mal­ware was cir­cu­lat­ed by email. Reuters report­ed that employ­ees of Britain’s Nation­al Health Ser­vice were warned about the ran­somware threat ear­li­er on Fri­day. By then, it was already too late. Attacks on hos­pi­tals and telecom­mu­ni­ca­tions com­pa­nies were being report­ed in Britain and 11 oth­er coun­tries, includ­ing Turkey, Viet­nam, the Philip­pines, Japan, with the major­i­ty of affect­ed com­put­ers in Rus­sia. The com­put­ers all appeared to be hit with the same ran­somware, and sim­i­lar ran­som mes­sages demand­ing about $300 to unlock their data. Source: The New York Times

Possible travel ban on digital devices could put data at risk

Air pas­sen­gers fly­ing between the Unit­ed States and Europe soon may have to go with­out large elec­tron­ic devices, as a ban on such devices already in effect for sev­er­al Mid­dle East and North African air­ports dra­mat­i­cal­ly expands. The Depart­ment of Home­land Secu­ri­ty is con­sid­er­ing ban­ning elec­tron­ics larg­er than a cell­phone on all transat­lantic flights. That could severe­ly dis­rupt trav­el plans, affect­ing every­one from busi­ness trav­el­ers hop­ing to get work done on a lap­top to vaca­tion­ers try­ing to watch a movie on an iPad. The Glob­al Busi­ness Trav­el­ers Alliance, a trade group rep­re­sent­ing cor­po­rate trav­el man­agers, is con­cerned that the ban could cre­ate prob­lems for busi­ness fliers. They’re trained to keep their devices in their sight at all times for secu­ri­ty pur­pos­es since they may con­tain sen­si­tive data. Bri­an Sumers of trav­el indus­try busi­ness site Skift says busi­ness trav­el­ers fly­ing in from the Mid­dle East are uneasy about stor­ing lap­tops full of con­fi­den­tial infor­ma­tion in the plane’s car­go hold. Trav­el­ers might delay nonessen­tial trips to Europe. Requir­ing lap­tops and tablets to be checked with lug­gage also could cause safe­ty con­cerns, with poten­tial­ly dan­ger­ous lithi­um-ion bat­ter­ies stored in the car­go hold. Sources: Mar­ket Watch, CBS News

Feel like someone’s watching? You might be right

The FBI warned of a mas­sive increase in busi­ness email com­pro­mise phish­ing scams, in which crim­i­nals study vic­tims using social engi­neer­ing tech­niques. From Jan­u­ary 2015 to Decem­ber 2016, there was a 2,370 per­cent increase in iden­ti­fied exposed loss­es, accord­ing to the Inter­net Crime Com­plain Cen­ter. More than 40,200 domes­tic and inter­na­tion­al inci­dents occurred from Octo­ber 2013 through Decem­ber 2016, with an exposed dol­lar loss of more than $5 bil­lion. Asian banks in Chi­na and Hong Kong are the pri­ma­ry des­ti­na­tions of fraud­u­lent funds. Source: CIO Dive

Despite risk, some insurers don’t talk cyber protection with clients

Research from CFC Under­writ­ing found more than half of U.K.-based small and medi­um-size busi­ness­es said their insur­ance bro­ker has not raised the issue of cyber insur­ance. CFC’s Graeme New­man said 90 per­cent of cyber claims come from busi­ness­es with less than 50 mil­lion pounds ($65 mil­lion) in rev­enue and they get more than one claim every day. Cyber offens­es account for more than half of the crime total in the nation, but there is a lack of aware­ness around the issue. Source: Insur­ance Busi­ness Magazine

Microsoft sends out quick fix to squash email bug

Microsoft released an urgent update to stop hack­ers from tak­ing con­trol of com­put­ers with email. The bug, in Microsoft anti-mal­ware soft­ware such as Win­dows Defend­er, could be exploit­ed with­out the recip­i­ent even open­ing the mes­sage. The fix was pushed out hours before the soft­ware giant’s month­ly Tues­day secu­ri­ty update. The bug affects Win­dows 8, 8.1, 10 and Win­dows Serv­er oper­at­ing sys­tems. Source: BBC

Europe’s top export might be hack attacks

Cyber crime attacks launched from Europe reached more than 50 mil­lion in the first quar­ter, dou­ble the vol­ume com­ing out of the Unit­ed States, accord­ing to the Threat­Metrix Q1 Cyber­crime Report. Italy, France, Ger­many and the U.K. account­ed for half of all attacks orig­i­nat­ing out of the region. Europe’s open bor­ders allow res­i­dents to eas­i­ly open bank accounts out­side of their home coun­try, mak­ing cyber crime eas­i­er. Polit­i­cal and finan­cial uncer­tain­ties, com­bined with orga­nized crime rings and ecom­merce, also con­tribute to the vol­ume. Source: Dark Read­ing

They shopped till they dropped (into a holding cell)

Six peo­ple were arrest­ed in an iden­ti­ty-theft case, accused of using forged cred­it cards to rack up $150,000 in lux­u­ry cos­met­ics at Macy’s flag­ship store in in New York City’s Her­ald Square, offi­cials said. The defen­dants alleged­ly used cred­it card infor­ma­tion stolen from more than a dozen cus­tomers at major banks. The crew spent thou­sands on high-end prod­ucts, accord­ing to a state­ment from the Man­hat­tan Dis­trict Attorney’s Office. Source: The New York Post

Got a little problem over the border, eh?

Police say they’ve bust­ed an iden­ti­ty theft ring in the Toron­to, Ontario, Cana­da, area that alleged­ly caused $10 mil­lion in loss­es to res­i­dents in Cana­da and abroad. The cross-bor­der inves­ti­ga­tion involved Toron­to police, the Roy­al Cana­di­an Mount­ed Police and U.S. agen­cies. Two men have been arrest­ed and war­rants are out for two oth­ers. Police say they seized about $300,000 worth of goods that includ­ed lux­u­ry watch­es, jew­el­ry and about 90 pairs of shoes. Source: Huff­in­g­ton Post Canada

Senate tells White House to get moving on cybersecurity

Sen­a­tors urged the Trump admin­is­tra­tion to devel­op a com­pre­hen­sive strat­e­gy for deter­ring and respond­ing to cyber threats, voic­ing con­cerns about vul­ner­a­bil­i­ties in U.S. infra­struc­ture. Mem­bers of a Sen­ate pan­el heard tes­ti­mo­ny on Capi­tol Hill from experts on threats to inter­net-con­nect­ed devices and crit­i­cal infra­struc­ture, with many law­mak­ers point­ing to a height­ened risk of hack­ing and cyber espi­onage. Source: The Hill

French president-elect says non, non to Russian hackers

Hack­ing attacks blamed on a Russ­ian cyber intel­li­gence unit failed at dis­rupt­ing the cam­paign of French Pres­i­dent-elect Emmanuel Macron. Time­ly warn­ings by the U.S. Nation­al Secu­ri­ty Agency alert­ed Macron’s cam­paign team to the Russ­ian threat. Macron’s bare-bones tech­nol­o­gy team cre­at­ed dozens of false email accounts, com­plete with pho­ny doc­u­ments, to con­fuse the attack­ers. Source: Defense World

Server problem causes health records to be exposed

Med­ical records of at least 7,000 peo­ple com­pro­mised in a data breach involv­ing Bronx Lebanon Hos­pi­tal Cen­ter in New York dis­closed patients’ men­tal health and med­ical diag­noses, HIV sta­tus, and sex­u­al assault and domes­tic vio­lence reports. Oth­er infor­ma­tion in the com­pro­mised records, which online secu­ri­ty experts said spanned 2014 to 2017, includ­ed names, home address­es, addic­tion his­to­ries and reli­gious affil­i­a­tions. The leak was caused by a mis­con­fig­ured Rsync back­up serv­er host­ed by iHealth, a com­pa­ny that offers records man­age­ment tech­nol­o­gy. Source: NBC News

Restaurant might get indigestion from data breach lawsuit

Bell­wether Com­mu­ni­ty Cred­it Union filed a class-action law­suit against Chipo­tle and is seek­ing dam­ages relat­ed to the restau­rant company’s recent data secu­ri­ty breach. The suit is the lat­est in a chain of class-action com­plaints filed against retail­ers and restau­rant com­pa­nies, such as Arby’s, Wendy’s, Home Depot and Tar­get. The com­plaint alleges the breach com­pro­mised names, cred­it and deb­it card num­bers, card expi­ra­tion dates, card ver­i­fi­ca­tion val­ues, and oth­er infor­ma­tion of Chipo­tle cus­tomers nation­wide. Source: Cred­it Union Times

Trump’s re-election website pulls controversial privacy policy

The web­site for Pres­i­dent Trump’s 2020 pres­i­den­tial cam­paign made an about-face on its pri­va­cy pol­i­cy after ques­tions arose about its col­lec­tion of data on users’ loca­tions. The website’s pri­va­cy pol­i­cy said, “We may also col­lect oth­er infor­ma­tion based on your loca­tion and your device’s prox­im­i­ty to ‘bea­cons’ and oth­er sim­i­lar prox­im­i­ty sys­tems.” Pri­va­cy advo­cates wor­ry the tech­nol­o­gy can be used to iden­ti­fy indi­vid­u­als and track their move­ments. Hours after CBS News con­tact­ed the cam­paign about how it intend­ed to use the data, lan­guage refer­ring to the devices was removed. Source: CNet