Posts

Chief Operating Officer of network security company charged with cyberattack on Gwinnett Medical Center | USAO-NDGA

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


ATLANTA – Vikas Singla has been arraigned on charges arising out of a cyberattack conducted on Gwinnett Medical Center in 2018. Singla was indicted by a federal grand jury on June 8, 2021.

“Cyberattacks that target important infrastructure, like healthcare, pose a serious threat to public health and safety,” said Acting U.S. Attorney Kurt R. Erskine. “In this case, Singla allegedly compromised Gwinnett Medical Center’s operations in part for his own personal gain.”

“Criminal disruptions of hospital computer networks can have tragic consequences,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “The department is committed to holding accountable those who endanger the lives of patients by damaging computers that are essential in the operation of our healthcare system.”

“This cyberattack on a hospital not only could have had disastrous consequences, but patient’s personal information was also compromised,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI and our law enforcement partners are determined to hold accountable, those who allegedly put peoples health and safety at risk while driven by greed.”

According to Acting U.S. Attorney Erskine, the indictment, and other information presented in court: Vikas Singla, the Chief Operating Officer of a metro-Atlanta network security company that served the healthcare industry, allegedly conducted a cyberattack on Gwinnett Medical Center that involved:

  • Disrupting phone service,
  • Obtaining information from a digitizing device, and
  • Disrupting network printer service.

The indictment further alleges that the cyberattack was conducted, in part, for financial gain. 

Vikas Singla, 45, of Marietta, Georgia, made his initial appearance before U.S. Magistrate Judge Linda T. Walker.  Singla was charged with 17 counts of intentional damage to a protected computer and one count of obtaining information from a protected computer. Members of the public are reminded that the indictment only contains charges. The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a…

Source…

Live From RSAC: AppSec’s Future and the Rise of the Chief Product Security Officer

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec???s future and the need for a new Chief Product Security Officer (CPSO) role.

Wysopal started by quoting entrepreneur Marc Andreessen saying, ???Software is eating the world,??? to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators ??ヲ software is everywhere.

If we look back at the rise of software, it was largely used originally to automate manual processes in the back office of businesses, like banking software for a teller. But now, we are using software to deliver products to a customer, like a mobile banking application. So as Wysopal stated, ???There???s not just more software. There are different kinds of software.???

And this software that???s being released as products to customers has added risk. Using the mobile banking application as an example, Wysopal noted that it???s riskier to use a customer-facing application to conduct your banking than it is to go to the bank and have a teller use the back-end software. More people have access to the mobile banking application, and anyone in the world could connect to the APIs.

And the risk associated with software products is only going to continue to grow. Consider the way we are creating apps now: APIs are the bloodstream. Each microservice, serverless, container, or public API is more attack surface. Applications that connect with social networking create more attack surface. Migrating to new software and forgetting to retire legacy software leads to more attack surface.

And there is risk with new software trends as well. For example, ubiquitous connectivity is the standard mode for any product now. Abstraction and componentization are also big trends. Instead of writing code, we now frequently use a library or write a script to instruct something else to be built. It???s great to build applications quickly, but it changes the way you have to think about security and supply chain.

Technology trends

That???s why we need a CPSO role, not just a Chief Information Security Officer (CISO). A CISO is…

Source…

SolarWinds CEO gives chief security officer authority and air cover to make software security a priority


New leader is also making changes to the software development process to make it harder for attackers to find vulnerabilities.

istock-1128503636.jpg

Image: iStock/Andreus

SolarWinds CEO Sudhakar Ramakrishna is making changes at the board level and in daily operations to change the company’s security mindset. The company launched a Secure by Design initiative in response to the recent cybersecurity attack. This project is designed to build security into the design phase of software development and to make security an ongoing instead of an after-the-fact priority. 

During a panel discussion about cybersecurity, Ramakrishna said he used his experience as an engineer and a manager to shape the company’s response to the attack. He created a cybersecurity committee for the board that includes him and two sitting board members. He also said that he has given the company’s chief security officer the power to stop any software release if necessary to address security concerns.

“We’re providing independence, confidence and air cover to build a level of comfort and create a seat at the table,” he said. 

He said companies have to raise the profile of security officers to the board level to illustrate the importance of the role to the entire company. 

“Otherwise it just becomes a cost line item in the P&L,” he said.

Ramakrishna described his plan for changing the company’s security culture during a “Big Breaches” panel discussion with the authors of a new book and several industry security experts.

In a discussion about how to reduce the frequency of these attacks, Jimmy Sanders, head of security for Netflix and ISSA International Board of Directors, said that the industry needs to adopt a different approach to security, one that requires bad actors to succeed with an attack multiple times to gain access instead of just once.  

SEE: Identity theft protection policy (TechRepublic Premium)

Ramakrishna said his company is experimenting with an approach like this. The…

Source…

SD Times news digest: GitHub’s first chief security officer, VS 2019 remote debug support, and Android Sleep API released

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


GitHub hired Michael Hanley as its first chief security officer to focus on developer-first security. 

“Good security and the speed of the business are not opposing concepts when met with thoughtful design and a customer-centric approach. I believe that security done well allows us to go further, faster, and more confidently than ever before,” Hanley wrote in a blog post.

Previously, Hanley was the vice president of security at Duo Securitym and the chief information security officer at Cisco. 

VS 2019 remote debug support
Visual Studio 2019 offers remote debug support for MSBuild and CMake projects targeting Windows and Linux.

Developers can now debug on their production machines with no development tools installed other than the remote debugger, they can target less common developer environments as well as environments where Visual Studio is unavailable. 

Microsoft automatically deploys the Universal CRT and VCRuntime libraries which are to automatically deploy dependencies along with the built binaries from the project.

Additional details on the remote debug support are available here.

Android Sleep API released
Android’s Sleep API is an Android Activity Recognition API that surfaces information about the user’s sleep through ‘sleep confidence’, which is reported at a regular interval up to 10 minutes, and a daily sleep segment that appears when a user wakes up.  

The API gets this information through on-device AI that detects light and motion on a device through sensors.

The Sleep API is available now on the latest version of Google Play Services. 

Apache weekly update 
Last week, the Apache Software Foundation saw the release of Apache Commons Net 3.8.0 which implements the client side of many basic Internet protocols.

Other releases and updates this week included Qpid Broker J 7.1.12 and J 8.0.4, Beam 2.28.0, BookKeeper 4.13.0, Directory Studio 2.0-0-M16, Lucene 8.8.1 and Solr 8.8.1, and MyFaces Core v2.3-next-M5.

Additional details on all of the latest releases are available here.

Source…