-
Adversity temporarily visits a strong man but stays with the weak for a lifetime. -
Adversity temporarily visits a strong man but stays with the weak for a lifetime.Comment
-
Re: How Russia hacked the Democrats email
50/50 Trump will resign as President from the Mar-a-Lago golf course one day before Inauguration Day. VP Mike Pence will become President for a day and given Trump a full pardon.
... until then Trump's loud actions are to insure that the Biden Presidency will have to contend with Trumpism as long as possible after Jan 20 2021.Comment
-
Re: How Russia hacked the Democrats email
Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day
Johnson & Johnson is one of six COVID-19 research companies that have been recently targeted by North Korean state-sponsored hackers.
Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day | ZDNet
Marene Allison, the Chief Information Security Officer at Johnson & Johnson, one of the companies involved in the research and development of a COVID-19 vaccine, said this week that healthcare organizations like her employer are seeing cyber-attacks from nation-state threat actors "every single minute of every single day."
Allison's comments come after on Wednesday, the Wall Street Journal reported that Johnson & Johnson was one of six COVID-19 research companies that have been targeted by North Korean hackers seeking vaccine information.
"Healthcare companies literally have seen an onslaught [of cyberattacks] since March 2010," Allison said on Thursday in an online panel at the Aspen Cyber Summit.
"That is the day that the Chinese actually started a hard knock of most of the healthcare in the United States."
"Meredith and I, and in all CISOs and healthcare [organizations], are seeing attempted penetrations by nation-state actors, not just North Korea, every single minute of every single day," Allison said, referring to Meredith Harper, CISO at Eli Lilly, another pharmaceutical company involved in the COVID-19 response, also present on the online panel.
The Johnson and Johnson CEO said that "with the vaccine in development," her company is now "on a grander stage."
Allison also said that her company doesn't "have the resources to know where [an attack] came from," or what attackers are actually going after, but instead has been working and relying on H-ISAC and CISA to identify and classify cyber-attacks.
All in all, Allison said Johnson & Johnson saw a 30% uptick in cyber-attacks targeting the company, but that they couldn't tell how much was COVID-19-related.
"There's only going to be so many people who could get information and turn it into a vaccine," she said.
"Then we're going to have the group of people who just decide that 'well I don't want the world to have a vaccine'.
"For us, inside, it's really not much of a difference," Allison said.Comment
-
Re: How Russia hacked the Democrats email
Lightning does strike twice: If you get hacked once, you'll probably be attacked again within a year
Businesses might feel that if they're targeted cyber criminals once, it won't happen again - but analysis of incidents shows that more often than not, attackers come back looking for more.
Lightning does strike twice: If you get hacked once, you'll probably be attacked again within a year | ZDNet
The Crowdstrike Services Cyber Front Lines report uses analysis of real-world cases where the cybersecurity company has been brought in to help combat cyber attacks and it reveals that in over two thirds of of cases where there were outside intrusions onto the network, cyber criminals will attempt to break into the same network within one year.
According to Crowdstrike, 68% of companies encountered another "sophisticated intrusion attempt" within 12 months – although in each of these cases, the second attack was prevented from compromising or otherwise gaining access to the network.
While organisations might feel that if they're hit by a cyber attack once – whether that's malware, ransomware, business email compromise, phishing or something else - then they won't be targeted again, if anything it's the opposite that's true.
Cyber criminals come back probably because they are hoping that an organisation has not learned the lessons of the first attack and has perhaps even left the same vulnerabilities in place that allowed the initial cyber attackers to breach the network.
"It is tempting to think of intrusions as a lightning strike — a blinding flash that is unlikely to strike the same place twice. Unfortunately, intrusion attempts are rarely a one-time event," said the report.
Comment
-
Re: How Russia hacked the Democrats email
FireEye, one of the world's largest security firms, discloses security breach
FireEye suspects it was the victim of a nation-state hacking group.
FireEye, one of the world's largest security firms, discloses security breach | ZDNet
FireEye, one of the world largest security firms, said today it was hacked and that a "highly sophisticated threat actor" accessed its internal network and stole hacking tools FireEye uses to test the networks of its customers.
Mandia described the attacker as a "highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack."
"Based on my 25 years in cyber security and responding to incidents, I've concluded we are witnessing an attack by a nation with top-tier offensive capabilities," Mandia said in a statement released after markets closed.
"This attack is different from the tens of thousands of incidents we have responded to throughout the years," the FireEye top exec added.
"The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus.
"They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past."
But despite the gloomy news, FireEye is not the first major security firm that got hacked by a nation-state group. Kaspersky disclosed a similar breach in 2015; RSA Security was also hacked in 2011 by a nation-state actor later linked to China; and Avast got hacked twice, the first time in 2017, and again in 2019.
"We have come to expect and demand that companies take real steps to secure their systems, but this case also shows the difficulty of stopping determined nation-state hackers."Comment
-
Re: How Russia hacked the Democrats email
These photos are individuals who work for the Russian military and are on the FBI's most wanted list for their attacks on the US election in 2016.Comment
-
Re: How Russia hacked the Democrats email
The Washington Post reported Sunday that Russian government hackers targeted Commerce as well as the Treasury Department and other government agencies, according to people familiar with the matter, who requested anonymity because of the sensitivity of the matter.
The paper reported the FBI is investigating and that the same Russia-linked group breached the elite cybersecurity firm FireEye, which just last week disclosed an attack compromising the so-called "Red Team" tools it uses to protect cybersecurity clients, including government customers.
https://www.cnn.com/2020/12/13/politics/us-agencies-investigating-hacking-data-breach/index.html
The US Commerce Dept & Treasury Dept both use MS365 for the bulk of their daily internal email communications. There is a secondary email system for the communication of classified documents. It is undisclosed which email system(s) were breached.Comment
-
Re: How Russia hacked the Democrats email
For a really good insight into how hackers are attacking businesses large and small for profit, you need to take your time and watch this hour long video presented by a Chamber of Commerce.
Fredericton Chamber of Commerce Webinar - YouTube
Who would have thought that RaaS (ransomware as a service) is a thing.
One other thing that is happening is only 5% of hackers are ever prosecuted.
The FBI does not bother to dispatch any resources for cyber crimes under $250,000 , they will only record your complaint.
The Canadian RCMP (national police force)admits they just do not have enough resources to investigate most cyber crimes.
Therefore, with the proliferation of RaaS, some members of the massively newly unemployed are turning to cyber crimes to generate an income.Comment
-
Re: How Russia hacked the Democrats email
IT software provider SolarWinds downplayed a recent security breach in documents filed with the US Securities and Exchange Commission on Monday.
SolarWinds disclosed on Sunday that a nation-state hacker group breached its network and inserted malware in updates for Orion, a software application for IT inventory management and monitoring.
https://www.zdnet.com/article/sec-filings-solarwinds-says-18000-customers-are-impacted-by-recent-hack/
The trojanized Orion update allowed attackers to deploy additional and highly stealthy malware on the networks of SolarWinds customers.
But while details about how hackers pivoted from SolarWinds to customer networks via the tainted Orion malware have now come to light, SolarWinds has not yet said how hackers breached its own network.
SolarWinds said that it also learned from Microsoft about a compromise of its Office 365 email and office productivity accounts.
The company said it's currently investigating if the attackers used access to the email accounts to steal customer data.
The SolarWinds Orion platform hack is slowly turning out to be one of the most significant hacks in recent years.
Currently, the SolarWinds security breach has been linked to hacks at US security firm FireEye, the US Treasury Department, and the US Department of Commerce's National Telecommunications and Information Administration (NTIA).
The hack is, however, expected to be much, much worse. Forbes reported today that SolarWinds is a major contractor for the US government, with regular customers including the likes of CISA, US Cyber Command, the Department of Defense, the Federal Bureau of Investigation, the Department of Homeland Security, Veterans Affairs, and many others.
In addition, FireEye, which is investigating the incident as part of its own security breach, said the attackers also compromised targets all over the world, and not just in the US, including governments and private sector companies across several verticals.
Citing industry sources, Reuters reported today that despite a broad install base for the Orion platform, the attackers appear to have focused only on a small number of high-value targets, leaving most Orion customers unaffected.
Comment
-
Re: How Russia hacked the Democrats email
Repercussions of Russian Hacks on US Departments of Treasury & Commerce // Malcolm Nance - MSNBC
Repercussions of Russian Hacks on US Departments of Treasury & Commerce // Malcolm Nance - MSNBC - YouTube
"Russia maybe doing a broad cross gov't campaign to access US security systems ahead of the end of the Trump administration"Comment
-
Re: How Russia hacked the Democrats email
Are you still boycotting questions that don't further your agenda or are you willing to answer one? Let's give it another shot?
Since you're so concerned about Russian hacking....what are your thoughts on Hillary keeping an illegal server in her bathroom?Adversity temporarily visits a strong man but stays with the weak for a lifetime.Comment
Comment