This week’s essential cybersecurity and privacy news for the cyber-aware and the cyber-concerned. Designed to educate, support, and advocate.
Stan’s Top of the News
In major cybersecurity news this week, NIST has released Cybersecurity Framework 2.0 (CSF). Here is a link to the updated CSF along with an Aspen Institute webinar on its release.
- NIST Releases Version 2.0 of Landmark Cybersecurity Framework: The agency has finalized the framework’s first major update since its creation in 2014. … NIST’s cybersecurity framework (CSF) now explicitly aims to help all organizations — not just those in critical infrastructure, its original target audience — to manage and reduce risks. … NIST has updated the CSF’s core guidance and created a suite of resources to help all organizations achieve their cybersecurity goals, with added emphasis on governance as well as supply chains.
- The Cybersecurity Framework at 10…and Beyond: The Aspen Institute. Join Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio to learn what’s next for the Framework, and reflect on how it changed the way we assess, implement, and even talk about cybersecurity. During the session, attendees will also hear from the NIST leaders who drove both the original CSF and the forthcoming Version 2.0, Adam Sedgewick and Cherilyn Pascoe. Finally, industry leaders and experts will talk about the process and how they see the new CSF impacting their cybersecurity and that of the nation as a whole. (80 minute video)
Also top of the news this week, SecureTheVillage kicks-off the first IT Service Provider / MSP cohort of our innovative LA Cybersecure program.
- IT and Managed Service Providers in LA Join SecureTheVillage Program as Key to Business and Nonprofit Security as Second Cohort of Innovative Pilot Program Kicks-Off: SecureTheVillage’s innovative LA Cybersecure Program Provides Education, Tools, Coaching, and Community to Empower Small Businesses and Nonprofits to Defend Themselves in a way that, until now, only Big Businesses have Been Able to Achieve. The newest Cohort enables IT and Managed Service Providers (IT/MSPs) to expand the reach of the Program exponentially.
Small and Midsize Organizations. Take your security to the next level. Apply Now! If you’re a small business, nonprofit, or IT / MSP in the greater Los Angeles area, apply NOW for LA Cybersecure, a pilot program with coaching and guidance that costs less than two cups of coffee a week. https://securethevillage.org/la-cybersecure-pilot/ The LA Cybersecure Pilot Program is funded by a grant from the Center for Internet Security (CIS) Alan Paller Laureate Program.
Family Protection Newsletter: Did you know we created the Family Protection Newsletter for non-cyber experts? For your parents, friends, those who need to protect themselves in a digital world. Sign up or share with a friend! Click here to learn more and quickly add to your free subscription!
How Hackable Are You? Take our test. Find out how hackable you are and download our free updated 13-step guide.
- How Hackable Are You? Think your defenses are strong. Find out as SecureTheVillage tests you on five basics. Please take our short test as your answers will help you and guide us to improve community safety.
Upcoming events. Please join us.
- Los Angeles Cybersecurity Workforce Coalition: The monthly meeting of the workforce coalition, Tue, March 5, 1:00 pm – 2:00 pm PT. The LA Cybersecurity Workforce Coalition is for employers, educators, government, nonprofits, and others with a professional interest in the cybersecurity workforce challenge.
Quick Survey. Please Help the Cyber Readiness Institute.
The Cyber Readiness Institute (CRI) is conducting a survey to gauge the state of cyber readiness among small and medium-sized businesses (SMBs). The non-profit organization is asking SMBs, as well as cross section of industry experts to participate to better understand the awareness of cyber issues, the implementation of cyber hygiene practices, and the incentives that drive SMBs. The survey will run until the end of February. We encourage you to take just 10 minutes to share your perspectives. Your input will help CRI advocate for improved cybersecurity preparedness among SMBs. Here is the link to the survey: https://www.surveymonkey.com/r/CGDYNW7.
Please Support SecureTheVillage.
- We need your help if we’re to build a world of CyberGuardians TM. Please donate to SecureTheVillage. Thank you. It takes a village to secure the village. TM.
Cyber Humor
Cybersecurity Nonprofit of the Week … Open Cybersecurity Alliance
Kudos this week to the Open Cybersecurity Alliance (OCA). The Alliance works with other organizations to make sure cybersecurity tools work effectively with the other technology buried deep inside the Internet. That the Internet is as secure as it is owes a lot to OCA and their commitment to Internet security. We’re happy to spotlight OCA so our readers can better appreciate the work being done by nonprofits like OCA. Like SecureTheVillage, the Open Cybersecurity Alliance is a member of Nonprofit Cyber.
Section 2 – Let’s Be Careful Out There. And Let’s Help Others Who Aren’t Yet Cyber-Aware.
Pig butchering is in the news again this week. John Oliver has an excellent discussion although the language may be unsuitable for some. Meanwhile a researcher estimates that pig butchering scams have stolen more than $75 billion.
- Pig Butchering Scams: Last Week Tonight with John Oliver (HBO): John Oliver discusses a popular internet scam, why it’s easier to fall for it than you might think, and, of course, boner alerts.
- Pig-Butchering Scams Net More Than $75 Billion, Study Finds: Pig-butchering scammers have likely stolen more than $75 billion from victims around the world, far more than previously estimated, according to a new study.
An analysis by Consumers Report shows major vulnerabilities in several smart doorbells. Buyer beware.
- Your Smart Video Doorbell May Not Be Secure, Consumer Reports Testing Shows: Some models sold at major online retailers may have ‘terrible’ flaws, the nonprofit says
Section 3 – Cybersecurity and Privacy News for the Cyber-Concerned.
National Cybersecurity
- U.S. Limits Sales of Americans’ Personal Data to China, Other Adversaries: Biden signs an executive order aimed at restricting data brokers’ ability to sell sensitive information overseas. … President Biden limited sales of some categories of sensitive U.S. data to China and other adversarial countries in a bid to stymie the covert flow of rich streams of Americans’ personal information overseas.
- Biden administration opens investigation into foreign-made smart car components, particularly from China: The US Commerce Department is opening an investigation into the national security risks posed by foreign-made hardware and software in smart cars, particularly Chinese-made technology, the department announced Thursday. … The new investigation — which could lead to regulations restricting the use of certain car parts in the US — reflects growing concern within the Biden administration that countries like China could exploit navigation data or connections to car-charging stations, for example, to collect intelligence or sabotage infrastructure.
- Chinese Hacking Against U.S. Infrastructure Threatens American Lives, Officials Say: U.S. officials say Beijing is preparing to set off potentially damaging cyberattacks in any future conflict, including over Taiwan. … The U.S. government said it had disrupted a uniquely dangerous and potentially life-threatening Chinese hacking operation that hijacked hundreds of infected routers and used them to covertly target American and allied critical infrastructure networks. … Senior officials described the operation in unusually blunt terms as part of an evolving and increasingly worrisome campaign by Beijing to get a foothold in U.S. computer networks responsible for everything from safe drinking water to aviation traffic so it could detonate, at a moment’s notice, damaging cyberattacks during a future conflict, including over Taiwan.
- Russia cyber spies behind SolarWinds breach adopting new tactics, warn Five Eyes agencies: The Russian cyber spies behind the SolarWinds breach are adapting their techniques to hack into organizations that have moved their networks into cloud-hosted environments, Western officials are warning.
- LockBit ransomware returns, restores servers after police disruption: The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector. … In a message under a mock-up FBI leak – specifically to draw attention, the gang published a lengthy message about their negligence enabling the breach and the plans for the operation going forward.
- Leaked Hacking Documents Show China’s Focus on Tracking Ethnic Minorities: Files from a cybersecurity firm opens a window into how Beijing uses surveillance to impose political controls inside and outside its borders. … A man living in New York got a call in 2020 from police in the southern Chinese city of Shenzhen, who wanted to know if he knew anything about an account on Twitter, the social media site now known as X. … The man had immigrated to the U.S. after being born in China’s western region of Xinjiang, where the ethnic minority Uyghurs and other groups have faced mass detentions and other rights abuses. After arriving in the U.S., he began speaking out about the plight faced by Uyghurs. … He didn’t know at the time he got the call that he had been targeted for a hack.
The cyberattack on United Healthcare continues to disrupt access to prescriptions, even as the company struggles to get out from under.
- Cyberattack on UnitedHealth still impacting prescription access: “These are threats to life”: A cyberattack on the health technology provider Change Healthcare is wreaking havoc nationwide, as some hospitals and pharmacies cannot get paid, and many patients are unable to get prescriptions. … Change Healthcare is a subsidiary of the UnitedHealth Group, one of the nation’s largest healthcare companies. In a federal filing this week, UnitedHealth said that Change Healthcare first discovered the hackon Feb. 21, disconnecting impacted systems “immediately.” … “So I mean we’ve seen a lot of claims coming through as a rejected claim, where obviously the insurance provider are not able to pay because of this attack,” said Amrish Patel, a pharmacist in Dallas, Texas. “Elderly patients that have a fixed income, and they’re trying to get their medicine…unfortunately there’s no way around it at this point.” … Change Healthcare says it processes 15 billion transactions annually, touching one in three U.S. patient records. … “I can tell you that this cyberattack has affected every hospital in the country one way or another,” said John Riggi, national advisor for cybersecurity and risk at the American Hospital Association. … “It’s not a data crime, it’s not a white-collar crime, these are threats to life,” Riggi added.
- UnitedHealth creates brand new ePrescribing site as temp hack fix: UnitedHealth Group (UHG) says a new Change Healthcare’s ePrescribing service – launched Friday to combat the extensive pharmacy delays blanketing the nation since last week’s cyberattack forced a system shutdown – is now live. … “We have completed standing up a new instance of Change Healthcare’s Rx ePrescribing service,” a UnitedHealth spokesperson told Cybernews just minutes before the site officially went live across the nation Friday afternoon. … The service went live for all Change Healthcare customers “effective 1 p.m. CT, Friday, March 1, 2024.” the UHG spokesperson said.
- Health insurance giant roiled by cyberattack sets up loan program for cash-strapped health providers: Change Healthcare, the health insurance IT giant disrupted for days by a cyberattack, on Friday announced plans for a temporary loan program to get money flowing to health care providers affected by the outage. … t’s a stop-gap measure meant to give some financial relief to health care providers, which analysts say are losing millions of dollars per day because of the outage. … The temporary loan program will help health care providers with “short-term cash flow needs,” Change Healthcare said in a statement. “Once standard payment operations resume, the funds will simply need to be repaid,” the company said.
In other cybercrime news
- Ransomware gang seeks $3.4 million after attacking children’s hospital: A ransomware gang is seeking $3.4 million after attacking a children’s hospital in Chicago, forcing staff to resort to manual processes to provide care to patients. … The attack on Lurie Children’s Hospital was announced earlier this month, when officials said they had been forced to take their entire network offline due to an unspecified “cybersecurity matter.”
- Exclusive: Seminole County Public Schools taken for $1.3 million in email phishing scheme: Seminole County Public Schools recently became the victim of an email phishing scheme. … School district officials, the Seminole County Sheriff’s Office, and the Secret Service are not releasing many details about the crime to Channel 9. … However, an SCPS source told Channel 9 that the online scheme built the district out of a little more than $1.3 million which came out of the district general fund.
Section 4 – Down the Technology Rabbit Hole.
- CISA cautions against using hacked Ivanti VPN gateways even after factory resets: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets.
- Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns: Six years on, routers remain a favorite post for concealing malicious activities.. … The FBI and partners from 10 other countries are urging owners of Ubiquiti EdgeRouters to check their gear for signs they’ve been hacked and are being used to conceal ongoing malicious operations by Russian state hackers.
