Tag Archive for: spotlight

Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber Risk

/in


The agricultural equipment industry has long considered itself immune from cyber attacks. After all: farm equipment wasn’t Internet-connected and the software and protocols that it used were obscure. Besides: farms- and farm equipment held little in the way of sensitive personal or financial data that cybercriminals could easily monetize. 

But a lot has changed in the agriculture sector in the last decade. And farm country’s cybersecurity bill has come due…in a big way. A presentation at the annual DEF CON hacking conference in Las Vegas, scheduled for Sunday, will describe a host of serious, remotely exploitable holes in software and services by U.S. agricultural equipment giants John Deere and Case-IH. Together, the security flaws and misconfigurations could have given nation-state hackers access to- and control over Deere’s global product infrastructure, access to sensitive customer and third party data and, potentially, the ability to remotely access critical farm equipment like planters and harvesters that are the lynchpin of the U.S. food chain. 

Opinion: my Grandfather’s John Deere would support our Right to Repair

A video of the presentation, “The Agricultural Data Arms Race Exploiting a Tractor Load of Vulns,” was posted on YouTube by conference organizers on Thursday. It is the most detailed presentation, to date, of a range of flaws in Deere software and services that were first identified and disclosed to the company in April. The disclosure of two of those flaws in the company’s public-facing web applications set off a scramble by Deere and other agricultural equipment makers to patch the flaws, unveil a bug bounty program and to hire cyber security and embedded device security talent. 

Sick Codes (@SickCodes), an independent security researcher who declines to use his real name in public statements, worked with researchers from the group Sakura Samurai including wabaf3t; D0rkerDevil; ChiefCoolArrow; John Jackson; Robert Willis; and Higinio “w0rmer” Ochoa. Together, the group uncovered 11 other flaws in Deere software and applications and  that the group shared with the company as well as CISA, the Cybersecurity…

Source…

Ransomware onslaught shines spotlight on patient data privacy shortcomings

/in


In recent weeks, multiple industries have experienced the devastating consequences of ransomware attacks. A May ransomware attack on Colonial Pipeline — one of the largest pipeline operators in the U.S. — triggered widespread shortages of gas and jet fuel. In June, the world’s largest meat processor shut down nine American plants after being hit.

These organizations and others that provide essential public services or infrastructure are increasingly prevalent targets for ransomware attacks, in which system access is blocked, held hostage, and restored in exchange for a ransom. The reason bad actors target businesses at the heart of American life is simple: entities are more tempted to pay huge sums of money when the stakes are high.

“Pharmaceuticals, hospitals, healthcare, public companies, organizations that don’t have the talent and skills to defend themselves — they’re getting sucker punched,” said Kevin Mandia, CEO of cybersecurity firm FireEye, at a Wall Street Journal cybersecurity conference.

Healthcare’s weak spot
In healthcare, where immediate, uninterrupted availability of patient data is critical to the delivery of quality care, ransomware attacks put organizations between a rock and a hard place: they can either reward and encourage criminals by paying the ransom, or allow care quality to hang in the balance as limited internal staff works to regain system access. Hospitals and health systems that choose the latter — resisting the ransom — could be locked out of their EHRs for weeks. Because EHRs play a central function in determining a patient’s course of treatment, coordinating care, and ensuring adherence to treatment regimens, blocked access can be devastating from a quality standpoint.

However, the damage of health data hostage situations can extend far beyond point-of-care issues. Patient records contain immutable, highly sensitive information that can be used to commit identity theft and other kinds of fraud long after it’s first breached. Thus, it’s not hard to grasp why compared to other industries, organizations in healthcare are among the most likely to consider paying a ransom to restore data access in the event of an attack,…

Source…

DHS, White House turn spotlight on ransomware — Defense Systems

/in


threat detection

Cyber

DHS, White House turn spotlight on ransomware

  • By Justin Katz
  • May 05, 2021

The Department of Homeland Security and the White House are putting the spotlight on combatting ransomware, actively developing plans to confront the issue.

DHS has assembled a task force with representatives from the Cybersecurity and Infrastructure Security Agency, Secret Service, Coast Guard and Immigration and Customs Enforcement’s Homeland Security Investigations unit, according to Security Secretary Alejandro Mayorkas. The new task force is part of the secretary’s planned “60-day sprint” on ransomware that was announced in March as the first in a series of new efforts.

“Beyond CISA…the entire federal government is stepping up to face this challenge,” Mayorkas said at an April 29 event hosted by the Institute for Security and Technology. “The White House is developing a plan dedicated to tackling this problem,” and the Justice Department recently established its own task force focused on ransomware, he confirmed.

Ransomware “has disproportionately impacted the healthcare industry during the COVID pandemic, and has shut down schools, hospitals, police stations, city governments, and U.S. military facilities,” according to a new report by IST featuring recommendations for the Biden administration on combatting ransomware.

Some of the report’s recommendations include establishing a U.S. government “Joint Ransomware Task Force,” forming an international coalition focused on ransomware, sanctioning countries that fail to take action against threat actors and designating ransomware a national security threat.

Mayorkas earlier this month issued a joint statement with Attorney General Merrick Garland and counterparts in the United Kingdom, Australia, New Zealand and Canada on the threat ransomware poses.

“Ransomware is a growing cyber threat which compromises the safety of our citizens, the security of the online environment, and the prosperity of our economies. It can be used with criminal intent, but is also a threat to…

Source…

RiskSense Ransomware Spotlight Report Reveals Surge in Weaponized Vulnerabilities, New Targets and RaaS

/in


RiskSense Ransomware Spotlight Report Reveals Surge in Weaponized Vulnerabilities, New Targets and RaaS

Source…