Cryptologic Bytes Archives

Cybersecurity News: WannaCry and North Korea; Proofpoints brief on cyber threats in 2018; North Korean Bitcoin Heist; Holiday Online Shoppers at Risk; and more.

Cybersecurity News Bytes for the Week Ending 22 Dec 2017

U.S. Lays Blame for WannaCry on North Korea

In an announcement on 18 December, White House Homeland Security Adviser Tom Bossert stated that the United States holds North Korea officially responsible for the WannaCry ransomware attacks in Spring 2017. WannaCry affected victims in more than 150 countries. The largest impact was in the UK, where the ransomware disrupted operations of the National Health Service. The U.S. conclusion was supported by the UK and other countries as well as by Microsoft based on tracing the malware to cyber operatives affiliated with the North Korean government. (Wall Street Journal of 18 December 2017 and other media reports)

Global Businesses Not Addressing Cyber Risk

A new report by PricewaterhouseCoopers (PwC) documents the results of its 2018 Global State of Information Security Survey. While executives around the world understand the potential impacts a cyberattack would have on their business, 44% (9,500 executives in 122 countries) state that they have no overall strategy for information security. Almost half (48%) of those surveyed have no employee awareness training programs for cybersecurity, and more than half (54%) have no incident response plans. Many of those surveyed pointed out that commentary about “cyber Armageddon” and related hyperbole about the threat of cyber attacks is not helpful because it suggests that effective cybersecurity is impossible to attain or is so complex that it is overwhelming. and Advisen Cyber FPN

Holiday On-Line Shoppers Targeted by Cybercriminals

Cybersecurity researchers at California-based Proofpoint have noted an increase in the use of man-in-the-browser attacks to steal banking credentials from on-line shoppers in the UK and other countries. The attacks, which use the banking Trojan Zeus Panda (aka Panda Banker), have increased since November and coincide with the major shopping activities of Black Friday, Cyber Monday, and Christmas. On-line shopping sites for retail stores like Zara, specialized on-line retailers, and other organizations that do a lot of credit card business over the holidays. Information stolen via Zeus Panda includes victims’ credit card numbers, date of birth, Social Security Number, and answers to security questions. (zeus-panda-banking-trojan-targets-online-holiday-shoppers)

“Exploits Come and Go, but the Human Factor is Forever”

This is the title of a section in Proofpoint’s brief report on cyber threats for 2018. Among the report’s findings: ransomware will continue to be a problem; network-based attacks will continue to proliferate as hackers refine the use of previously known vulnerabilities and “leaked exploits;” theft of digital currency through crypto-miners will increase; and, as mentioned above, we will see the continued exploitation of humans who fall victim to phishing emails and social media attacks. Spoofing domain names and redirecting unsuspecting users to bogus websites is also expected to be a bigger problem in 2018. Proofpoint article

North Korea Suspected in Bitcoin Heist

South Korean officials believe that North Korean hackers were behind the robbery of the YouBit Bitcoin exchange. The exchange collapsed on 19 December because of the heist. North Korea has engaged in high-stakes financial crime for the past year or two, most famously in the theft of $81 million from the Bank of Bangladesh in 2016. Researchers believe that North Korea is using cyber theft to obtain funds for its nuclear development program, and digitial currency exchanges are just their latest target. According to law enforcement officials, South Korea experiences 1.5 million cyber attacks from North Korea each day. Dow Jones News Service via Advisen, 21 December 2017

Healthcare Sector Lacks Cybersecurity Leadership

A recent survey of 300 healthcare professionals found that 84% of healthcare provider organizations do not have a cybersecurity leader at the enterprise level. Most of the organizations surveyed had no plans to hire or promote anyone to a leadership position. Healthcare payer organizations are in better shape with 75% stating that they already have a senior cybersecurity professional or plan to hire one within the coming year. A second survey found better results among healthcare professionals, with 60% saying their organization had a senior cybersecurity professional. Common problems according to these surveys is the lack of senior talent in cybersecurity and the lack of attention at the Board level to security in general and cybersecurity in particular. FierceHealthCare via Advisen, 20 December 2017