Cybersecurity stories and insights for the second week of December 2017

Bitcoin: $64m in Cryptocurrency Stolen in 'Sophisticated' Hack, Exchange Says 

News Link: https://www.theguardian.com/technology/2017/dec/07/bitcoin-64m-cryptocurrency-stolen-hack-attack-marketplace-nicehash-passwords   

Comment: NiceHash, a cryptocurrency mining organization that pools the distributed resources of global 'miners', was hacked at a cost of $64 million. The skyrocketing valuation of cryptocurrency, which now exceeds $420B (was only $14B a year ago) is getting the attention of cybercriminals. Let us not forget the axiom "Where there is value there will be crime". Users, miners, and organizations must increase security practices as the value goes up.   

Ransomware Slows North Carolina County Government to a Crawl  

News Link: http://www.wral.com/deadline-looms-for-decision-by-hacked-north-carolina-county/17165343/   

Comment: Not a win, but not a total loss either. North Carolina county government declines a hacker's ransom demand. The key can be found in the managers statement "I am confident that our backup data is secure and we have the resources to fix this situation ourselves,". That my friends is Disaster Recovery and Business Continuity at its finest. When you can say No-Thanks to extortionists, it is a good day.    Yes, it would obviously better if they did not get hacked in the first place, but eventually it will happen to everyone. Those who are able to respond and recover quickly are the winners in that scenario.   

From Denial to Opportunity – The Five Stage Cyber Security Journey  

News Link: https://www.belfasttelegraph.co.uk/service/sponsored-articles/from-denial-to-opportunity-the-five-stage-cyber-security-journey-36376915.html   

Comment: The most accurate description of the Five Cybersecurity Stages that organizations progress through.  1. Denial of Risk  2. Worry and Spend  3. False Confidence  4. Hard Lessons of Reality  5. True Leadership (or crash back to #1).  Recommended read for the day.   

100,000-Strong Botnet Built on Router 0-Day Could Strike at Any Time 

News Link: https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/   

Comment: Did you think Mirai botnet writers were done? Say hello to Satori, the next gen IoT botnet which is already 100k strong. Successful malware, such as Mirai, always evolves over time. It is just the next move in the adversarial game between cybersecurity professionals and cyber attackers. Satori has some new features and is not just trying to exploit default passwords. It is a glimpse into the future of IoT malware.        

1.4 Billion Clear Text Credentials Discovered in a Single Database

News Link: https://medium.com/4iqdelvedeep/1-4-billion-clear-text-credentials-discovered-in-a-single-database-3131d0a1ae14   

Comment: Apparently this is where old passwords go to retire. Hackers aggregating 1.4 billion login/passwords, exposed from previous breaches, and sharing them to the threat community.  Such a large number of records, made openly available, makes for an interesting resource to both attackers and security researchers.       

The Hackers Behind Some of the Biggest DDoS Attacks in History Plead Guilty

News Link: https://motherboard.vice.com/en_us/article/d3xykq/hackers-behind-mirai-ddos-botnet-plea-guilty    

Comment: A win for the good guys! Mirai authors plead guilty. That code hijacked tens-of-thousands of IP cameras, DVD players, and other insecure IoT devices as part of a massive Denial-of-Service botnet. Responsible for some of the largest DDOS attacks and severely impacted Internet on the East coast last year. Sadly, this is just the beginning for IoT based attacks. New variants are already active to fill the void.   

Majority of U.S. Doctors Report Having a 'Cybersecurity Incident'

News Link: https://www.secureworldexpo.com/industry-news/u.s.-doctors-cybersecurity   

Comment: Doctor, it hurts when you suffer a data breach! 83% of doctors report having a "cyber incident". Healthcare is vulnerable to cyber attacks. As patients, we must talk to our medical providers about the privacy of our data (records, cameras in exam rooms) and potential risks for medical devices (pacemakers, implanted defibrillators, IV pumps, and many others). We own our health, we must also advocate for our privacy and safety. Patient concerns drive healthcare innovation   

Image Sources: 

• https://www.theguardian.com/technology/2017/dec/07/bitcoin-64m-cryptocurrency-stolen-hack-attack-marketplace-nicehash-passwords 
• http://www.wral.com/deadline-looms-for-decision-by-hacked-north-carolina-county/17165343/ 
• https://www.belfasttelegraph.co.uk/service/sponsored-articles/from-denial-to-opportunity-the-five-stage-cyber-security-journey-36376915.html 
• https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/ 
• https://medium.com/4iqdelvedeep/1-4-billion-clear-text-credentials-discovered-in-a-single-database-3131d0a1ae14 
• https://motherboard.vice.com/en_us/article/d3xykq/hackers-behind-mirai-ddos-botnet-plea-guilty 
• https://www.secureworldexpo.com/industry-news/u.s.-doctors-cybersecurity     

Interested in more? Follow me on your favorite social sites for insights and what is going on in cybersecurity: LinkedIn, Twitter (@Matt_Rosenquist), YouTube, Information Security Strategy blog, Medium, and Steemit