OPM Breach – What Went Wrong?

Posted by Lia Konieczny on Sep 23, 2016 10:58:06 AM

Trending_News_Blog_Post.jpg

Recently, a congressional investigation conducted by the U.S. House of Representatives’ Committee on Oversight and Government Reform reported that the two major data breaches suffered by the U.S. Office of Personnel Management (OPM) in 2014 and 2015 were indeed preventable and in fact, made worse by lax security regulations and ineffective management. The OPM is an organization that manages aspects of federal employment, such as background checks, for most government agencies. These massive attacks resulted in the compromise of sensitive data belonging to more than 22 million people.

Read More

Topics: Breach

New NERC-CIP Security Standards: Focus on Supply Chain Risks

Posted by Adam Byars on Sep 22, 2016 9:53:11 AM

Erics_4PrioritiesforCybersecurity_Blog_Post.jpg

On July 21, 2016 the North American Electric Regulatory Commission (NERC) was given a directive to develop new risk management standards aimed at addressing risks to the information systems in the supply chain of electric system assets. The new standards will cover risks related to remote vendor access, software integrity and authenticity, vendor risk management, procurement controls, and more.

Read More

Topics: nerc-cip

Don’t Let CUI Fly Away…

Posted by Michael Bailie on Sep 21, 2016 10:23:52 AM

PAMDFARSReq_Blog_Post.jpg

If you have been following the CyberSheath blogs, you might have seen an increased focus on the updated DFARS regulations. These protocols dictate the newly imposed federal requirement for compliance with the NIST 800-171 controls for government contractors who process, transmit or store controlled unclassified information (CUI). The December 2017 deadline for compliance is fast approaching and contractors are required to meet the requirements of the regulation or face possible penalties. The federal government has continued to prioritize its cybersecurity initiatives and isn’t slowing down.

Read More

Topics: DFARS

Part One: In-Depth Look at PAM Controls for DFARS Requirements

Posted by James Creamer on Sep 12, 2016 11:51:14 AM

James_Series_Part_1.jpg

In previous blogs, CyberSheath security analysts have identified new cyber security requirements from the recent changes to DFARS and have provided solution overviews for meeting those requirements and regulations. The series “In-Depth Look at PAM Controls for DFARS Requirements” will expand on previously mentioned regulations and provide a more granular look at how privileged account management solutions can play an important role in meeting DFARS requirements.

Read More

Topics: CyberArk, Security Assessment, DFARS, PAM

SMS Authentication Is Not Secure: German Hackers Spy On US Congressman

Posted by Adam Byars on Aug 30, 2016 9:45:15 AM

Erics_2_Essential_Security_Program_Elements_Blog_Post.jpg

 

Serious concerns about potential security flaws in the current global cellular network have been suspected for several years, but have been mostly disregarded as theoretical. In February 2014, suspicions grew significantly when a phone call by a US Ambassador was mysteriously leaked onto YouTube, believed to have been intercepted by someone using the suspected flaws in Russia. Since then, security research teams have confirmed the flaws are very real and made their findings public but have gotten relatively little attention, like the study released in February by AdaptiveMobile.

Read More

Securing Electronic Health Records: Report from HHS Reinforces Need for Contingency Plans

Posted by Ross Moir on Aug 29, 2016 9:06:22 AM

Erics_Healthcare5Actions_Blog_Post.jpg

Type “EHR” and “information security” into Google and you will find tons of Internet websites, news articles, and even YouTube videos on touting the various plusses and minuses of electronic health records, or EHR.  In the last few years, the EHR has become the physician’s best friend, as it helps provide better care, better population health and lower heath care costs.  While EHRs might be changing the way hospitals and practice offices operate, there are still issues with using EHRs securely.   According to the HHS Office of Inspector General, nearly “60 percent of hospitals participating in the federal meaningful use incentive program reported an unplanned disruption in their record systems in 2014 and 2015.” [Note that the meaningful use program is a federally backed program designed to encourage adoption of EHRs by doctors and hospitals].  It is also important to note that most of the reported unplanned disruptions were caused by hardware failure, not from cyber attacks.  While hardware failures are a concern, cyber attacks should also be at the top of the list.  Hospitals are facing an increasing number of directed cyberattacks aimed at disrupting and disabling the IT and health record infrastructure. 

 

Read More

Topics: Cyber Attack, EHR

Kaspersky Report: Malicious Insiders Uncommon, But Devastating

Posted by James Creamer on Aug 25, 2016 11:01:47 AM

Ransomware_Blog_Post.jpg

Security researchers at Kaspersky Labs released their Threat Intelligence Report for the Telecommunications Industry Monday, revealing the top attack vectors against Internet Service Providers (ISPs) and Cellular Service Providers (CSPs). The report found that attackers commonly target employees with blackmail. Surprisingly enough, the report found that there are a number of employees that help voluntarily too. Threat actors have been identifying employees from a combination of publically available and data breach information, while dark web forums are full of employees offering their services in exchange for payment and often aide in the blackmailing process. Hacker-recruiters leverage the employee’s access to exfiltrate sensitive information.

Read More

Topics: PAM

Sandboxing: In the Ring with Ransomware

Posted by James Creamer on Aug 18, 2016 3:02:20 PM

iStock_12386748_LARGE.jpg

Shakur Stevenson, U.S. Olympic Boxer, is set to advance to the Championship bout of the Men’s bantam 56 kg weight class. The young prospect has already secured at least a silver medal for the U.S, and is looking to break the gold medal drought, which hasn’t been won by an American since 2004 in Athens. Staying ahead of your opponent is key in boxing; having the ability to react quickly and counter are instrumental to a fighter. Those same qualities are imperative to organizations too, and should be baked into one’s security posture; and today, one of the toughest opponents is ‘Ransomware’.

Read More

Topics: ransomware

Easier and Faster Two-Factor Authentication from Google: How to Enable Google Prompt

Posted by Adam Byars on Aug 17, 2016 12:33:17 PM

Risk_Register_Blog_Post.jpg

Two-factor authentication is an immensely more secure option for securing your accounts than just using a password. The process has typically been as simple as putting in a spontaneously generated code that is provided to you via an app or SMS, in addition to your password. The extra time that it takes to fetch and type in the generated codes ensures that your account stays secure even if your password is compromised, offering an extra layer of account security. The extra time is also why astoundingly few people take advantage of two-factor authentication.

Read More

Topics: cybersecurity

One APT to Rule Them All: ProjectSauron Remained Hidden for 5 Years

Posted by Ross Moir on Aug 11, 2016 10:03:44 AM

Ransomware_Blog_Post.jpg

 

Researchers and security experts at Kaspersky Labs and Symantec have identified a new type of malware platform that has been so advanced and secretive that very few details are just coming to light now.  ProjectSauron as the malware has been named, has been active since at least 2011. What distinguishes ProjectSauron from other APTs and zero day exploits is that it has operated virtually undetected for five years and has multiple modules that can be installed based on needs of the attacker(s).  Security professionals are stopping short of naming its country of origin but suspect that the advanced persistent threat (APT) malware could “…probably have been developed only with the active support of a nation-state,” according to ARS Technica

Read More

Topics: ProjectSauron, malware