Posted April 7, 2015
Welcome to the Cyveillance Weekly Cyber Security Trends Report
Since threat intelligence is constantly evolving, we publish this weekly cyber security trends report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
Top Cyber Security Incidents
- The FBI has invoked the broader powers afforded by the Foreign Intelligence Surveillance Act, or FISA, to surreptitiously gather evidence against two Chinese siblings accused of plotting to steal patented seed from Iowa cornfields, according to court records. Stealing hybrid seeds enhanced with traits such as drought resistance doesn’t pose the same immediate threat as a suicide bomber, but the FBI treats economic espionage and similar trade secret theft as dangerous threats to national security.
- As more mega-breaches occur, cyber-insurers will more closely assess the security risks of potential clients, leading more organizations to improve their information security programs, attorney John Yanchunis predicts. “When companies are unable to get insurance … you’re going to see companies adopting better security systems,” says Yanchunis of the Florida-based law firm Morgan & Morgan, who’s representing consumers in several breach-related lawsuits. Those cases include one of the class action suits filed against Premera Blue Cross in the wake of a hacking incident that affected 11 million individuals.
- President Barack Obama signed an Executive Order on Wednesday, April 1 allowing the use of economic sanctions for the first time against perpetrators of destructive cyber-attacks and online corporate espionage. The move will let the Treasury Department freeze the assets of overseas individuals and entities identified as the source of cybercrimes. The federal government also will be able to bar U.S. citizens and companies from doing business with those targeted for sanctions.
Legal and Regulations
- In an attempt to verify compliance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule, the Office of Civil Rights (OCR) for the United States Department of Health and Human Services piloted privacy and security audits of covered entities in 2011 and 2012 (the “Phase 1 Audits”). Phase 2 Audits will likely begin soon. In the meantime, covered entities and business entities should take advantage of the delay by reviewing their current HIPAA compliance programs.
- Online retailers battling with fraud prevention are losing out on genuine sales by treating their customers like criminals, according to a new report by ThreatMetrix. While the cost of online orders lost to fraud is said to be around £2.92 billion, ThreatMetrix says that retailers could be losing out on an ever greater sum by employing fraud protection services that can’t identify genuine customers. According to the report, titled ‘Are You Treating Your Customers Like Criminals’, authentication protocols and password prompts which cause basket abandonment could be as much as ten times more costly than fraud.
- “The GitHub website, heavily frequented by coders and technical users, reported on Wednesday that it was operating normally for the first time in several days after attacks blamed on China.”
- For the past two years, a cyberespionage group that likely operates from Lebanon has hacked into hundreds of defense contractors, telecommunications operators, media groups and educational organizations from at least 10 countries. The still-active attack campaign was uncovered and analyzed recently by security researchers from Check Point Software Technologies, who dubbed it Volatile Cedar. The company’s researchers found evidence that the attackers started their operation in late 2012, but have managed to fly under the radar until now by carefully adapting their tools to avoid being detected by antivirus programs. Unlike most cyberespionage groups, the Volatile Cedar attackers do not use spear phishing or drive-by downloads to gain a foothold into their victims’ networks. Instead they target Web servers and use them as initial entry points.
– PC World