Posted November 18, 2014
Welcome to the Cyveillance Weekly Trends Report
Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.
- A dozen farm groups and agribusinesses agreed on ten principles for data privacy and security in the emerging field of agricultural Big Data. They include an assurance that technology companies will not use farm data to speculate illegally in commodity markets. Other guidelines say farmers own the information generated on their land, that farmers can retrieve their data from technology companies, that companies will disclose if they share farm data with others, and companies will protect the privacy of the data.
- Healthcare data encryption is becoming an increasingly hot topic, especially as more providers implement Electronic Health Records (EHRs) and work to develop strong BYOD policies across their organizations. No one wants to make headlines for a healthcare data breach, especially if the cause was easily avoidable. By making sure that data is encrypted when it is stored locally on devices – data at rest – and when it is sent from one device to another – data in motion – healthcare organizations can ensure that patients’ protected health information (PHI) is safe from unauthorized users.
- Chinese government hackers are suspected of breaching the computer networks of the United States Postal Service (USPS), compromising the data of more than 800,000 employees. The intrusion was discovered in mid-September.
- The US State Department has taken the unprecedented step of shutting down its entire unclassified email system as technicians repair possible damage from a suspected hacker attack. A senior department official said Sunday that activity of concern was detected in the system around the same time as a previously reported incident that targeted the White House computer network. That incident was made public in late October, but there was no indication then that the State Department had been affected.
- A Chinese security news outlet reports malware targeting Android devices that was caught on November 11, 2014, hence dubbed as “Double-11 SMS Thief.” The malicious Trojan is able to disguise itself as an application associated with China Mobile and lure users to download it. Once installed, the malware is able to intercept text messages containing online bill pay and banking information.
- Germany’s foreign intelligence agency plans to spend millions to penetrate the secure connection technologies used by social networks, banks, and online shops.
Legal and Regulations
- In an effort to push retailers to adopt heightened security for credit and debit cards, President Barack Obama signed an executive order mandating chip-and-PIN technology for government cards. While the order applies only to government-issued cards and card terminals, the President took the opportunity to urge all stakeholders to “drive the economy towards more secure standards to safeguard consumer finances and reduce their chances of becoming victims of identity theft – America’s fastest growing crime.”
- The Wall Street Journal published a report claiming that the U.S. Justice Department is “snagging [mobile data belonging to] a large number of innocent Americans’” via technology that can identify criminal suspects using planes. The WSJ cites sources who claim that the U.S. Marshals Service is using fake cell towers on airplanes — dubbed ‘dirtboxes’ — in order to access data from phones located on the ground.
Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization.