Threat Intelligence Blog

Posted May 17, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Insurance/Healthcare

“As a new story about hospital ransomware or a stolen laptop containing PHI seemingly emerges every day, it comes as no surprise that healthcare data breaches have steadily increased in frequency and severity since 2010.

Researchers at the Ponemon Institute and ID Experts found that the volume of healthcare data breaches has not declined in the past six years, which has substantially affected the industry’s financial resources and reputation.

HealthIT Security

Financial Services

“The hacktivists collective, Anonymous had launched a 30-day operation called OpIcarus, against “all central banks” and major financial institutions, claiming that it would be one of the biggest attacks in its history. The hacktivist group, who have collaborated with fellow hackers Ghost Squad Attackers, are targeting bank websites worldwide.

It started with the Bank of Greece with Anonymous successfully being able to bring the website down. However, a Bank of Greece official said: “The attack lasted for a few minutes and was successfully tackled by the bank’s security systems. The only thing that was affected by the denial-of-service attack was our website.”

– Tech Worm

Legal and Regulations

Georgia Attorney General Sam Olens has come out in support of federal data breach preemption as a more realistic way to ask companies to comply with regulatory requirements in the wake of a breach or data loss incident.  His statement comes on the heels of California Attorney General Kamala Harris’ report that the burden on companies to comply with the patchwork of state data breach laws is too heavy, and that state laws should be harmonized to lessen that burden.

Speaking at the National Association of Attorneys General summit May 3, Olens asserted, “I frankly think it’s absurd that there are 30 or 40 different state laws on cybersecurity and breach.””

– Technology Law Dispatch

Retail

In the latest battle over chip-enabled plastic, Wal-Mart Stores Inc.sued Visa Inc. for the right to choose how customers verify debit-card purchases at the checkout counter.

The retail giant wants customers to verify their purchases with a personal identification number when they use a chip-enabled debit card. In the lawsuit, filed in New York state court Tuesday, Wal-Mart said Visa has prohibited it from requiring PINs only, forcing the retailer to allow customers to use a signature in those transactions.

Wall Street Journal

Technology

“Google employees’ personal details have been spilled by a vendor who handles the company’s benefits management.

Somebody working at the third-party vendor accidentally breached the employees’ information by sending an email with sensitive data to a benefits manager at another company.

On Monday, Google sent a data breach notice to an undisclosed number of employees. That letter was also posted to the Californian Attorney General’s website.

Naked Security

Law Enforcement

“As big data transforms industries ranging from retailing to health care, it’s also becoming a more important tool for police departments, which are turning to data and analysis in an effort to boost their effectiveness.

Known as predictive policing, the practice involves analyzing data on the time, location and nature of past crimes, along with things such as geography and the weather, to gain insight into where and when future crime is most likely to occur and try to deter it before it happens.”

Wall Street Journal

Additional Posts

Are Public Disclosures of Exploit Kits Helping or Hurting the Cyber Landscape?

By: Michael Perry The demand for threat intelligence has given rise to many companies publishing ...

LookingGlass Weekly Phishing Report: May 16, 2016

PHISHING REPORT: TOP TARGETS Week of May 8 – May 14, 2016 In this week’s phishing report, we ...