Tag Archive for: chief

Daixin ransomware poses critical threat to healthcare, says AHA cyber chief

/in


The American Hospital Association’s senior advisor for cybersecurity said the Daixin ransomware poses a significant risk to the healthcare sector. (U.S. Air Force)

Reports consistently note the rising risk to patient safety after a ransomware attack. But the most pressing variant facing healthcare is Daixin, a technologically advanced, stealthy, and long-lasting malware attributed to China, according to American Hospital Association’s Senior Advisor for Cybersecurity and Risk John Riggi.

Riggi spoke to sector leaders during a University of California San Francisco Stanford Center of Excellence in Regulatory Science and Innovation discussion on Tuesday, outlining the risk areas providers should be working to address into the foreseeable future.

He also had a stern warning for provider organizations still dragging their feet on implementing multi-factor authentication across the enterprise, particularly as threat actors continue to target critical infrastructure and supply chain partners in force.

“If we’re not doing MFA at this point, it would be hard to defend both civilly and regulatory the actions against you as it is a very, very basic technique at this point,” said Riggi. “The White House has implored us to implement basic cybersecurity procedures, which alone at a very low costs could prevent a significant portion of ransomware attacks.”

MFA should be at the top of the list for securing all remote access points into the organization, as the threat of ransomware and other cyberattacks continue to plague the sector and cyber insurance becomes less and less of a guarantee, he added.

Versions of Daixin have been used in attacks in various forms over the last decade, with researchers observing a resurgence of a refined variant in February 2022. Symantec described the threat “as the most advanced piece of malware” they’d ever seen from China-backed attackers. Daixin is used in both “smash-and-grab operations” and for stealthy operations.

The most prevalent goal of these attacks appears to be espionage, hijacking legitimate TCP/IP service and listening on port 80 for traffic patterns it can interpret as commands.

In healthcare, Daixin has claimed multiple victims that…

Source…

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says

/in


Fraud Management & Cybercrime
,
Ransomware

Ciaran Martin Warns 2023 Will See Increased High-Profile Attacks

Akshaya Asokan (asokan_akshaya) •
January 18, 2023    

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says
Ciaran Martin, Oxford University professor and former NCSC CEO (Image: ISMG)

Ransomware continues to be the United Kingdom’s most prominent cybersecurity threat, and the country can expect to see a surge in destructive attacks in 2023, warns the former head of the UK’s national cybersecurity agency.

Ciaran Martin, now an Oxford University professor, says while overall ransomware activities across the world slumped in 2022, attacks are likely to surge in the coming months. He adds that recent hacks against The Guardian newspaper and the British Royal Mail are an example of these early-stage attacks.

See Also: Live Webinar | Navigating the Difficulties of Patching OT

Martin, who was the U.K. National Cyber Security Centre’s CEO until 2020, points out one of the contributing factors behind the success of ransomware continues to be that most criminal groups operate out of Russia, which he says is a “safe haven” for the crooks to “operate with impunity.”

“Cyber criminals thrive in weaker states, they don’t thrive in France, in the United States or Canada,” Martin tells Information Security Media Group during the Cyberthreat UK conference this week. “So, for the foreseeable future, I think this region is likely to be a source of significant cyber.”

The 23% decline in ransomware attacks in 2022, which is based on a SonicWall report, is likely tied to disruption caused by the ongoing war in Ukraine and Russia, with most ransomware operators in the region being forced to flee or join as conscripts in the state security service, he says.

“In 2023, the early signs, sadly, are that there’s a bit more of it…

Source…

Wil Clark named SIU’s chief information officer

/in


CARBONDALE, Ill. — Wil Clark, who has served as Southern Illinois University Carbondale’s chief information officer on an interim basis since December 2021, has been named to the permanent position, effective, November 4.

Clark came to SIU as the technology services director within the Office of Information Technology (OIT) in September 2017 and has been interim chief information officer and interim director of Institutional Effectiveness, Planning and Research since last December. Clark was hired following a nationwide search.

The CIO serves as the chief fiscal and administrative officer of the OIT and participates as a member of Chancellor Austin A. Lane’s executive cabinet.

“We are excited for Wil to lead the many facets of our technology and information department,” Lane said. “He has demonstrated an ability to work with all departments to help enable their success through better and different use of technology. He will play a key role as we continue to implement Imagine 2030.”

Wil Clark Photo

Photo Provided

/

University Communications and Marketing

Wil Clark

The CIO also provides leadership in IT and information security, including strategic planning, managing the Office of Information Technology, project management, purchasing and vendor relations. The CIO also works collaboratively with administrators, deans, directors, faculty, academic and administrative staff and students in identifying and implementing effective uses of technology and in enhancing information security.

“The opportunity to make an impact at SIU Carbondale was the most attractive aspect of this position,” Clark said. “As with many public institutions, SIU must leverage its resources, centers of excellence, reputation and skills to bring its best product in teaching, learning, research and service. My personal values align greatly with the mission of higher education.”

Clark oversees more than 80 full-time employees in the OIT in addition to 60 student employees. He has more than 25 years of experience in public sector education “aligning technology to facilitate university goals…

Source…

Former Uber security chief convicted on charges of covering up a hack in 2016

/in


Former Uber chief security officer Joe Sullivan has been found guilty of charges that he covered up a 2016 cyberattack where a hacker downloaded the personal information of more than 57 million people. The information stolen from Uber included names, email addresses, and phone numbers for more than 50 million Uber riders and 7 million drivers, as well as driver’s license numbers for another 600,000 drivers.

As reported by the New York Times and Washington Post, the jury convicted Sullivan on two counts: one for obstructing justice by not revealing the breach to the FTC and another for misprision, which is concealing a felony from the authorities.

This is believed to be the first time a company executive faced criminal prosecution over a hack.

He’d faced three counts of wire fraud, but prosecutors dismissed those charges in August. Sullivan had served as a security executive at other companies, including Facebook and Cloudflare, and, as the Post points out, in this case, he was pitted against the same San Francisco US attorney’s office where he had previously worked prosecuting cybercrimes.

The hack itself was described by the prosecution in their original complaint (PDF), noting that it almost exactly mirrored a 2014 breach of Uber that, at the time of the incident, the FTC was already investigating the company over. As the trial began in September, Uber’s systems were breached again in a hack linked to an alleged former member of the Lapsus$ ransomware group, forcing it to temporarily take some internal systems offline.

The 2016 breach occurred when two outsiders trawling Github found credentials giving them access to Uber’s Amazon Web Services (AWS) storage, which they used to download its database backups. The hackers then contacted Uber and negotiated a ransom payment in exchange for a promise to delete the stolen information, paid out in $100,000 worth of Bitcoin, and treated as part of the company’s Bug Bounty program. They eventually pleaded guilty to hacking the company in 2019.

Uber’s new CEO testified he “could not trust” his chief security officer.

As the Times notes, this is believed to be the first time a company executive faced criminal prosecution over a…

Source…