Cybersecurity News of the Week, June 14, 2020

SecureTheVillage Calendar

TownHallWebinar: The Art of the Litigation Hold, Complimentary CLE Webinar from Leadership Council Member Driven. June 17 @ 2:00 pm – 3:00 pm EDT

TownHallWebinar: Security and Privacy in the New Normal from AITP-LA. June 18 @ 6:00 pm – 8:00 pm PDT 

Financial Services Cybersecurity Roundtable: Cyber and the Insider Threat – June 2020. June 19 @ 8:00 am – 10:00 am PDT

STVHappyHour: A CIO and a Cyberinsurance Broker Walk Into a Bar … June 23 @ 4:30 pm – 5:30 pm PDT

TownHallWebinar: Up On Cyber 2020. June 25 @ 8:00 am – 12:30 pm PDT

Leadership Council Meeting, July 8: Special Guest Dr. Vinton Cerf, Father of the Internet. July 8 @ 12:00 pm – 1:30 pm PDT

TownHallWebinar: Personal Cyber Security with Dr. Steve Krantz. July 21 @ 1:00 pm – 2:30 pm PDT Calabasas Senior Center Calabasas, CA

Individuals at Risk

Identity Theft

Kohl’s must give records to identity theft victims: Imagine a thief used your information to buy things at Kohl’s – or used your Kohl’s credit card to go on a shopping spree. You’d want to get the records to prove it and clear up your good name. The law says you’re entitled to do exactly that. That’s what the FTC’s latest settlement with Kohl’s is about. Hamlet Hub, June 12, 2020

Cyber Privacy

The Cybersecurity 202: Cybersecurity experts give a modest thumbs up to the Apple-Google coronavirus alert system: Apple and Google struck the right balance between protecting privacy and combating the coronavirus in a tool they released to help alert people who’ve been exposed to the disease, according to a majority of cybersecurity experts. Washington Post, June 12, 2020

Cyber Danger

Crooks hijack “Black Lives Matter” to spread zombie malware: Community-focused cybersecurity website abuse.ch has warned of a malware spreading campaign that is using “Black Lives Matter” to draw victims in. NakedSecurity, June 11, 2020

FBI Alerts public – Increased use of mobile banking apps could lead to exploitation … Things to do to stay safe: As the public increases its use of mobile banking apps, partially due to increased time at home, the FBI anticipates cyber actors will exploit these platforms. FBI, June 10, 2020

Cyber Update

Microsoft Patch Tuesday, June 2020 Edition: Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. None of the bugs addressed this month are known to have been exploited or detailed prior to today, but there are a few vulnerabilities that deserve special attention — particularly for enterprises and employees working remotely. KrebsOnSecurity, June 9, 2020

Cyber Defense

Two-factor authentication: A cheat sheet: A password alone will not protect sensitive information from hackers–two-factor authentication is also necessary. Here’s what security pros and users need to know about two-factor authentication. TechRepublic, June 11, 2020

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

Here’s what that Capital One court decision on attorney-client privilege means for corporate cybersecurity: When a judge ruled last month that Capital One must provide outsiders with a third-party incident response report detailing the circumstances around the bank’s massive data breach, the cybersecurity world took notice. cyberscoop, June 11, 2020

Ransomware attack: Why a small business paid the $150,000 ransom: The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems. TechRepublic, June 8, 2020

Information Security Management

Restarting America: Reengineering Cybersecurity for the New Reality: As the response to COVID-19 continues, many companies in America and across the globe are preparing to restart operations, but it won’t be business as usual. CIO, June 12, 2020

Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware: Industrial control networks are coming under attack from a range of ransomware attacks, security researchers have warned, after an experiment revealed the speed at which hackers are uncovering vulnerabilities in critical infrastructure. ZDNet, June 11, 2020

Cyber Threat

Beazley Report: The enduring threat of ransomware … COVID-19-related phishing scams likely to dominate Q2: Ransomware attacks continue to blight organizations of all sizes and sectors. The number of incidents involving ransomware reported to Beazley Breach Response (BBR) Services in the first quarter of 2020 increased by 25% compared to Q4 2019. While no industry was immune, manufacturing experienced the steepest increase of all – up 156% quarter on quarter. Beazley, June 9, 2020

Secure The Human

Council Post: Cyber Defenders: Rebranding Cybersecurity For Non-Techies: Let’s face it. Talking to people about cybersecurity can be difficult. Unlike technology, which security leaders can manage quite well, people have feelings. You can’t append new rules to people as easily as you can a firewall. And while people want to do the right thing, typically it’s been a challenge to link security to the right knowledge and skills. Forbes, June 12, 2020

Cyber Defense

Inside Stealthworker: How It Compromises WordPress, Step-by-Step: A new wave of attacks using old malware is threatening WordPress sites that don’t have strong password policies. The Edge, June 12, 2020

Cybersecurity in Society

Cyber Crime

Podcast host downloads malicious app from Google store, loses 7 years of Bitcoin savings: Entrepreneur Eric Savics had been saving up Bitcoin for seven years. He lost his entire $113,000 stash in twenty minutes. Decrypt, June 13, 2020

The rapid increase in pandemic-related cybersecurity claims … As of the end of March, the FBI has investigated more than 1,200 complaints of COVID-19-related cybercrimes: COVID-19 has resulted in one of the largest work-from-home situations in U.S. history. As hackers discover new ways to exploit the security vulnerabilities created by the pandemic, cybersecurity is under new levels of stress, resulting in a substantial increase in cybersecurity risks for businesses. PropertyCasual360, June 12, 2020

DoppelPaymer Ransomware Strikes NASA Contractor, 2,583 Servers Held Hostage, Data Leaked: DoppelPaymer ransomware gang published a blog post to congratulate SpaceX and NASA for their first successful human-operated rocket launch. Shortly after, the criminals broke the news that they had infected the network of one of NASA’s IT contractors. The online post said DoppelPaymer ransomware had successfully breached the network of Digital Management Inc. (DMI), a Maryland-based company providing managed IT and cyber security services on demand. Other firms affected by the NASA contractor breach include major Fortune 100 firms that use the firm’s services. The ransomware gang posted 20 archives on the dark web to prove its claims. CPO, June 12, 2020

Lion warns of beer shortages following ransomware attack: It said it survived COVID-19, but ransomware had other plans for the Australian beverage giant’s supply operations. ZDNet, June 12, 2020

Robotics Company Falls Prey to Ransomware Attack: Ransomware gang REvil strikes a US-based robotics firm, leaking their sensitive data on the dark web. CoinTelegraph, June 12, 2020

Cyber Crime — Florence Alabama

City Pays Ransom Despite Pre-Ransomware Outbreak Hack Alert: The attack sounds like it was ripped from a script for the television show “24”: Hackers have infiltrated a government network, and they’re just days away from unleashing crypto-locking code. Viewers can practically hear the countdown. BankInfoSecurity, June 12, 2020

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity: In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet. KrebsOnSecurity, June 9, 2020

Cyber Attack

NSA Releases a Cybersecurity Advisory on Russian Hackers Takeover Through Special Crafted Emails: The National Security Agency (NSA) has warned of elite Russian military hackers actively exploiting a popular email program to infiltrate computer systems within the United States. The Russian military hacking group, Sandworm Team, operates as part of the Russian General Staff Main Intelligence Directorate’s (GRU) Main Center for Special Technologies. Sandworm has been in operation for more than a decade and has carried out sophisticated cyberattacks against governments, telecommunications, and energy sectors in Ukraine, Poland, the European Union, and NATO. The group was responsible for the NotPetya attacks in 2017, which resulted in the loss of billions of dollars in North America, Europe and Asia. It also carried out large-scale attacks against private websites in the country of Georgia. Sandworm enjoys Russian backing as the state-sanctioned threat actor carrying out Russian cyberwar campaign. CPO, June 4, 2020

Cyber Defense

Cyber Command creates new malware sharing portal with National Guard: A new portal created by U.S. Cyber Command and the National Guard provides a two-way interface for sharing malware and gain better insights into cyber threats facing the nation, according to a June 9 release from the command. FifthDomain, June 10, 2020

Know Your Enemy

Italian company exposed as a front for malware operations: Italian company CloudEyE is believed to have made more than $500,000 from selling its binary crypter to malware gangs. Know Your Enemy, June 12, 2020

Honda Hackers May Have Used Tools Favored by Countries … A recent cyberattack that disrupted the operations of the company may have been the first time criminals used sophisticated software previously known to be used by state agents: A computer virus hit the Japanese automaker Honda this week, disrupting its internal computer networks, forcing it to shut factories across the globe and leaving employees cut off from email or internal servers. The New York Times, June 12, 2020

Cyber Freedom

Amid Pandemic and Upheaval, New Cyberthreats to the Presidential Election. Fear of the coronavirus is speeding up efforts to allow voting from home, but some of them pose security risks and may make it easier for Vladimir V. Putin, or others, to hack the vote: With the general election less than 150 days away, there are rising concerns that the push for remote voting prompted by the pandemic could open new opportunities to hack the vote — for President Vladimir V. Putin of Russia, but also others hoping to disrupt, influence or profit from the election. The New York Tines, June 7, 2020

Cyber Enforcement

Fifteen Defendants Plead Guilty to Racketeering Conspiracy in International Cyber Fraud Scheme: Fifteen defendants have pleaded guilty to-date for their roles in a transnational and multi-million dollar scheme to defraud American victims through online auction fraud. DOJ, June 11, 2020

Facebook Helped the FBI Hack a Child Predator … Facebook paid a cybersecurity firm six figures to develop a zero-day in Tails to identify a man who extorted and threatened girls: For years, a California man systematically harassed and terrorized young girls using chat apps, email, and Facebook. He extorted them for their nude pictures and videos, and threatened to kill and rape them. He also sent graphic and specific threats to carry out mass shootings and bombings at the girls’ schools if they didn’t send him sexually explicit photos and videos. Vice, June 10, 2020

Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service: The co-owners of vDOS, a now-defunct service that for four years helped paying customers launch more than two million distributed denial-of-service (DDoS) attacks that knocked countless Internet users and websites offline, each have been sentenced to six months of community service by an Israeli court. KrebsOnSecurity, June 7, 2020

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge