Posts

Chief Operating Officer of network security company charged with cyberattack on Gwinnett Medical Center | USAO-NDGA

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


ATLANTA – Vikas Singla has been arraigned on charges arising out of a cyberattack conducted on Gwinnett Medical Center in 2018. Singla was indicted by a federal grand jury on June 8, 2021.

“Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety,” said Acting U.S. Attorney Kurt R. Erskine. “In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”

“Criminal disruptions of hospital computer networks can have tragic consequences,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”

“This cyberattack on a hospital not only could have had disastrous consequences, but patient’s personal information was also compromised,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed.”

According to Acting U.S. Attorney Erskine, the indictment, and other information presented in court: Vikas Singla, the Chief Operating Officer of a metro-Atlanta network security company that served the healthcare industry, allegedly conducted a cyberattack on Gwinnett Medical Center that involved:

  • Disrupting phone service,
  • Obtaining information from a digitizing device, and
  • Disrupting network printer service.

The indictment further alleges that the cyberattack was conducted, in part, for financial gain. 

Vikas Singla, 45, of Marietta, Georgia, made his initial appearance before U.S. Magistrate Judge Linda T. Walker.  Singla was charged with 17 counts of intentional damage to a protected computer and one count of obtaining information from a protected computer. Members of the public are reminded that the indictment only contains charges. The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a…

Source…

Apple’s software chief blames Mac security to keep grip on iPhone App Store

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Apple Inc.’s top software engineer criticized the security of his own Mac operating system in a bid to explain why the company shouldn’t be forced by a judge to loosen its hold over iPhone and iPad app distribution, as Epic Games Inc. is demanding.

Craig Federighi, Apple’s senior vice president of software engineering, testified Wednesday at a trial in federal court in Oakland, California, that his experience with imported malware on the macOS system shows how security would be eroded if the company allowed iPhone and iPad users to install software from the web or other stores, as it does on the Mac.

“Today we have a level of malware on the Mac that we don’t find acceptable,” primarily because the system allows users to install software that isn’t vetted by Apple, Federighi said. That makes it less secure than iOS and iPadOS, the operating systems that power the iPhone and iPad, he said.

Allowing apps from other stores or places on the iPhone would create a “very, very bad situation for our customers,” including “a huge decrease in their safety,” Federighi said. He also said iPhones and iPads have security protections, including the App Store review process, to keep the products free from malware.

Later in his testimony, Federighi said that despite its malware problems, the Mac is the safest choice among personal computers and is more secure than those running Microsoft Corp.’s Windows operating system.

Federighi said that the rival Android operating system, which allows third-party stores, faces similar security challenges. “It’s well understood in the security community that Android has a malware problem.” Apple’s iOS, on the other hand, has succeeded in blocking malware, he said.

Responding to a hypothetical situation in which third-party app download stores would be allowed, Federighi said that Apple’s “security stack” is built end-to-end in a way that it would be challenging to let third parties in to manage user security and privacy. He would have “grave concerns” if Apple had to hand off control over security to third parties, he said.

Earlier in the trial, Epic tried to make the point that if installing software…

Source…

Live From RSAC: AppSec’s Future and the Rise of the Chief Product Security Officer


Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec???s future and the need for a new Chief Product Security Officer (CPSO) role.

Wysopal started by quoting entrepreneur Marc Andreessen saying, ???Software is eating the world,??? to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators ??ヲ software is everywhere.

If we look back at the rise of software, it was largely used originally to automate manual processes in the back office of businesses, like banking software for a teller. But now, we are using software to deliver products to a customer, like a mobile banking application. So as Wysopal stated, ???There???s not just more software. There are different kinds of software.???

And this software that???s being released as products to customers has added risk. Using the mobile banking application as an example, Wysopal noted that it???s riskier to use a customer-facing application to conduct your banking than it is to go to the bank and have a teller use the back-end software. More people have access to the mobile banking application, and anyone in the world could connect to the APIs.

And the risk associated with software products is only going to continue to grow. Consider the way we are creating apps now: APIs are the bloodstream. Each microservice, serverless, container, or public API is more attack surface. Applications that connect with social networking create more attack surface. Migrating to new software and forgetting to retire legacy software leads to more attack surface.

And there is risk with new software trends as well. For example, ubiquitous connectivity is the standard mode for any product now. Abstraction and componentization are also big trends. Instead of writing code, we now frequently use a library or write a script to instruct something else to be built. It???s great to build applications quickly, but it changes the way you have to think about security and supply chain.

Technology trends

That???s why we need a CPSO role, not just a Chief Information Security Officer (CISO). A CISO is…

Source…

Russian spy chief rebuffs “pathetic” SolarWinds hack accusations

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


The head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in last year’s SolarWinds cyber attack which saw hackers infiltrate the networks of hundreds of companies as well as nine US governmental agencies.

SVR director Sergei Naryshkin told the BBC that he is “flattered” by the accusations from US and UK authorities that claim  Moscow had orchestrated such a sophisticated hack, yet added that he could not “claim the creative achievements of others as his own”.

“These claims are like a bad detective novel,” he told the BBC‘s Moscow correspondent Steve Rosenberg, who asked Naryshkin about the SVR’s links to the hacking group known as APT29, Cozy Bear, or the Dukes, which have been accused of carrying out the cyber attack.

Naryshkin described “all these claims about cyber attacks, poisonings, hacks, interference in elections which are blamed on Russia” as “absurd, and in some cases so pathetic”. 

Instead, he suggested that the SolarWinds hack might have been orchestrated by the West, which could have used similar tactics to those exposed by former National Security Agency contractor Edward Snowden. He leaked documents detailing the US and UK intelligence services’ efforts to “insert secret vulnerabilities into commercial encryption software” with the help of ISP providers and tech companies.

“I don’t want to assert that this cyber attack was carried out by a US agency but the tactics are similar,” said Naryshkin, who also questioned the evidence obtained by the US and UK intelligence agencies that linked the attack to Moscow.

President Donald Trump previously stated that the SolarWinds hack might have been orchestrated by the Chinese state and accused media outlets of being “petrified of discussing the possibility that it may be China”. However, the FBI, CISA, ODNI, and the NSA claimed that the Advanced Persistent Threat (APT) actor behind the incident is “likely Russian in origin”.

The statement prompted Russia’s National Coordination Center for Computer Incidents (NKTSKI) to issue a warning to Russian businesses, claiming that the new Biden administration could carry out reprisal attacks on critical infrastructure. 

Last…

Source…