Weekly Threat Intelligence Brief: October 26, 2016

Posted October 26, 2016

This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.

Insurance/Healthcare

“The majority of corporate healthcare attorneys have found that healthcare cybersecurity threats are increasing, and that they are being called upon more often to evaluate whether a security incident implicates reporting obligations.

A survey conducted by Bloomberg Law and the American Health Lawyers Association (AHLA) found that 97 percent of respondents expect their involvement in cybersecurity matters to increase over the next three years. Furthermore, approximately 70 percent said that they are working to develop their own data security expertise as the healthcare cybersecurity demands increase.”

– HealthIT Security

Legal and Regulations

“In a decision dated 19 October 2016, the Court of Justice of the European Union (CJEU) has provided much needed clarification on a long-standing issue in EU data protection law.

A German politician brought an action concerning websites operated by the Federal Republic of Germany that stored personal data, including IP addresses, on logfiles for two weeks. The question before the CJEU was – are IP addresses personal data? According to Article 2(a) of EU Directive 95/46 “personal data” is any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly from the data.”

– Lexology

Retail

“The number of compromised online shops keeps rising

Willem de Groot, co-founder of byte.nl, a webhosting provider for (among other things) Magento shops, has been keeping an eye on the situation for over a year, and the situation keeps getting worse.

His November 2015 scanning of 255K online stores around the world revealed 3501 compromised shops. The same scan in September 2016 showed 5925.”

– Help Net Security

Technology

“Attackers controlling a vast collection of internet devices unleashed several massive attacks on Friday that left dozens of popular websites, including Twitter Inc. and Netflix Inc., unreachable for parts of the day.

Web-technology provider Dynamic Network Services Inc., known as Dyn, said its domain-name-system services were subject to a massive denial-of-service attack starting at 7:10 a.m. EDT on Friday. After the first onslaught was resolved, Dyn reported another wave of attacks that caused disruptions through the day.”

– Wall Street Journal

Law Enforcement

“In what’s believed to be an unprecedented attempt to bypass the security of Apple iPhones, or any smartphone that uses fingerprints to unlock, California’s top cops asked to enter a residence and force anyone inside to use their biometric information to open their mobile devices.

FORBES found a court filing, dated May 9 2016, in which the Department of Justice sought to search a Lancaster, California, property.”

– Forbes

Defense

“Investigators have traced a series of malware infections on the systems of two European companies back to a Chinese threat actor, with clues linking the attacks to the same group that was behind the Anthem and OPM hacks.

The targets of these two attacks are the US subsidiary of a French company that provides energy management services and a European-based drone maker.

The French company is of importance because it builds critical infrastructure for the US Department of Defense (DoD), says ThreatConnect, the cyber-security firm that uncovered the malware infections.”

– Softpedia

You May Also Be Interested In…

• [WEBINAR] Operationalizing Threat Intelligence: ESG Analyst Research, Insight, Use Cases
• [Data Sheet] LookingGlass Cyber Threat Center
• [Data Sheet] Information Protection