Posted December 2, 2014
Welcome to the Cyveillance Weekly Trends Report
Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
- Cybersecurity is one of the top 10 health technology hazards for 2015, according to a recent ECRI Institute report. Cybersecurity should be a top priority for healthcare organizations, especially with more facilities implementing EHRs and connecting to HIEs.
- Researchers have discovered one of the most sophisticated pieces of malicious software ever seen. The bug, named Regin, is said to have been created by a nation-state and has been used for six years against a range of targets around the world. Once installed on a computer, it can capture screenshots, steal passwords or recover deleted files. It has been used to spy on government organizations, businesses and private individuals, researchers said. The researchers also said the sophistication of the software indicates that it likely took months, if not years, to develop, and its creators have gone to great lengths to cover its tracks. Computers in Russia, Saudi Arabia and Ireland have been hit most.
Legal and Regulations
- Law enforcement agencies worldwide coordinated a global crackdown on cybercrime last week, arresting 118 people, Europol announced on Friday. The Europol, Interpol and Ameripol-coordinated action focused on airline ticket fraud and involved 45 countries, including the U.S., and more than 80 airports. The targets were airline tickets purchased using stolen or fake credit card data, a problem that costs the air travel industry $1 billion a year, Europol says. With representatives from airlines, credit card companies and industry associations, the operation identified suspicious transactions and sent alerts to transport hubs where officers could arrest suspects.
- A group of financially savvy computer hackers has been stealing data from more than 100 organizations, mainly targeting publicly traded health care, pharmaceutical and biotechnology companies, to gain insider knowledge and game the stock market. The news underscores the vulnerabilities of corporate computer networks and the many ways that cybercriminals use low-tech “social engineering” to further their aims. The cybercriminal group known as FIN4 “compromises the email accounts of individuals who regularly communicate about market-moving, nonpublic matters,” according to the “Hacking the Street” report from U.S. security firm FireEye, released Monday. The hackers are believed to be native English speakers based in North America or Western Europe.
- The U.K. government is once again amping up counter-terrorism rhetoric against Internet companies, with Prime Minister David Cameron telling Parliament yesterday that digital communications firms’ networks are “being used to plot murder and mayhem”, and asserting that web companies have a “social responsibility to act on this”.
- Sony Pictures is investigating whether a computer hacking attack on its servers may have been launched by North Korea in a bid to damage the studio’s upcoming comedy “The Interview,” sources told the tech site re/code.
Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization.