Posted April 25, 2018
This weekly brief highlights the latest threat intelligence news to provide insight into the latest threats to various industries.
“According to an alert from the US Department of Homeland, over the last three years, hackers apparently enlisted by Russia have tried to seize control of the flow of worldwide internet traffic. The attacks had the potential to paralyze airports, cripple government websites and electricity grids, as well as hack banking systems. The alert marked the first time the UK and US have teamed up to issue a cyber-threat warning. According to US and UK intelligence agencies, since 2015, Russia is understood to have methodically targeted network infrastructure devices such as routers, switches, firewalls, network intrusion detection systems.”
Insurance and Healthcare
“There has been a month-over-month increase in healthcare data breaches. In March 2018, 29 security incidents were reported by HIPAA covered entities compared to 25 incidents in February. Even though more data breaches were reported in March, there was a fall in the number of individuals impacted by breaches. March 2018 healthcare data breaches saw 268,210 healthcare records exposed – a 13.13% decrease from the 308,780 records exposed in incidents in February.”
Information Security Risk
“The 2016 data breach that Uber made public in November 2017 impacted over 25 million riders and drivers in the United States, the Federal Trade Commission (FTC) reveals. Hackers managed to access data stored on an Amazon Web Services (AWS) account and steal names, email addresses and mobile phone numbers of customers around the world. Now, the Commission says the ride-sharing company has agreed to expand the proposed settlement and that it will be subject to additional requirements. The complaint alleges that attackers downloaded unencrypted files that provided them with access to over 25 million names and email addresses, 22 million names and mobile phone numbers, and 600,000 names and driver’s license numbers of U.S. individuals.”
“A new strain of malware allows hackers to take action screenshots and steal passwords, to download files and even steal the contents of cryptocurrency wallets. Named ‘SquirtDanger’ after a dynamic-link library (DLL) file consistently served by its distribution servers, the malware is written in C Sharp and has multiple layers of embedded code. The malware is set up to perform its tasks on an infected PC every minute in order to hand the attacker as much information as possible. Given SquirtDanger is for sale for any user who wants to buy it, so no specific industry is under attack. Attackers gain access to a wide variety of functions through the malware, including taking PC screenshots, sending, downloading and deleting files, and stealing passwords.”