Threat Intelligence Blog

This weekly brief highlights the latest threat intelligenceThreat Intelligence: Evidence-based knowledge about an existing hazard designed to help organizations understand the risks common and severe external threats, used to inform decisions regarding the subject’s response. LookingGlass Cyber (n) - Actionable, relevant, and timely information that can help when assessing the security posture of an organization. A little more left. No no, that’s now too far... news to provide insight into the latest threats to various industries.

Operational Risk

“Hackers reportedly tried to steal 55 million roubles ($940,000) from a Russian state bank using the SWIFT international payments messaging system. The attempted attack reportedly occurred December 19, but “customer funds have not been affected.” Sources familiar with the situation had previously said that the bank had spotted the attack and had been able to partly prevent it, and that as a result the hackers only withdrew around $100,000.”

 –Reuters

Technology

“A bipartisan group of lawmakers in the Senate has introduced a bill designed to protect the technical integrity of American elections as the nation moves toward midterm season. Introduced in the Senate, the bill known as the Secure Elections Act is sponsored by Republican Senators James Lankford, Susan Collins and Lindsey Graham, as well as Democratic Senators Amy Klobuchar, Kamala Harris and Martin Heinrich. “While there is no indication that the Russians were able to change vote totals, we know that Russian actors repeatedly tried to breach state election systems or public websites,” Senator Collins said in a statement accompanying the bill. “Our bipartisan legislation will strengthen the integrity of our election process by ensuring that local voting officials have the information and financial resources they need to secure their voting systems. ” In similar statements, all of the Senators involved with the bill affirmed that until the U.S. further secures and standardizes its election systems, Russia will continue to pose an existential threat to American democracy. The bill would require federal agencies to promptly share election-related cyber threats with state and local governments, adjust security clearance for state officials that would need to have access to relevant information that might be classified, give states grants to modernize their election systems and create a set of cybersecurityCybersecurity: A set of security techniques that are designed to protect the integrity of computer systems, programs and data from theft and damage to their hardware, software or other information as well as the disruption and misappropriation of their services. LookingGlass Cyber (n) - Professional paid ninjas who protect the cyber world from cyber attacks. Everybody is doing it, but we have the double black belt with the Versace logo. So yeah, we’re really good. guidelines to protect election systems, including voting machines.”

Tech Crunch

Insurance + Healthcare

“Compared to the mega-breaches that hit the healthcare sector in 2015 and 2016, the top 10 breaches reported for 2017 were far smaller. The 10 largest incidents of 2017 reported so far affected a combined total of just 2.6 million individuals. And as of Dec. 21, a total of 335 health data breaches impacting more than 4.9 million individuals had been added to the federal breach tally in 2017.”

Bank Info Security

Defense

“Amid warnings that Russia is launching more aggressive online attacks, the British Government Communications Headquarters (GCHQ) has revealed that Britain has developed sophisticated cyberweapons capable of crippling a hostile state.  The Intelligence and Security Committee, the watchdog that oversees the intelligence agencies MI5, MI6 and GCHQ, revealed that Britain’s cyber-defense plans were ahead of schedule, with almost double the number of new capabilities, which include ability to attack other country’s communications, weapons systems and infrastructure.”

 


Additional Posts

The CyberWire Daily Podcast: Down the BadRabbit Hole

LookingGlass Threat Researcher, Marcelle Lee recently wrote on the BadRabbit ransomware strain. ...

Weekly Threat Intelligence Brief: December 19

This weekly brief highlights the latest threat intelligence news to provide insight into the latest ...