April Cyber Briefs

Worldwide news of cyber crime, research and more

This month’s briefing from our colleagues at the Multi State Information Sharing and Analysis Center includes a report from CyberEdge that 55 percent of the organizations it surveyed were the victims of ransomware in 2017, and news that West Virginia plans to use block chain technology to allow overseas military personnel to vote over the internet.

Google Chrome will mark non-HTTPS sites as “not secure” starting in July

Beginning in July 2018, with the release of version 68 of Google Chrome, Chrome will designate all non-HTTPS websites as “Not secure” in the address bar of the Chrome web browser, which will affect 29 state and many lcocal government websites. As of March 9, 2018, only 21 state governments actively utilize the Hyper Text Transfer Protocol Secure (HTTPS) for their websites. This push to using the HTTPS protocol comes as a result of Google’s stated goal of ensuring a more secure encrypted web and is the final group of websites that will be identified as “Not secure” if they are using only HTTP.

Intel to release chips with full fix for Meltdown vulnerability

Intel will release new chips that will contain a full fix for the Meltdown vulnerability and a partial fix for the Spectre vulnerability, which allow attackers to exploit speculative execution within the processor. Meltdown will be resolved via hardware updates to the chip. The update will also fix both variants of the Spectre vulnerability, though the first variant will still require software mitigations. The updated chips are expected to ship in the second half of 2018.

Verizon report: 58 percent of PHI data breaches involved insiders

Verizon released their 2018 PHI Data Breach Report. Verizon found that 58% of data breach incidents involved insiders, making healthcare the only industry in which insiders are the biggest threat. Databases and paper documents were the most targeted objective in data breaches affecting hospitals. Of all malware affecting hospitals, ransomware accounted for 70% of all malware incidents. Basic security measures are still lacking in hospitals, as Verizon found that there were several instances of hospitals storing protected health information (PHI) unencrypted.

Report finds 55 percent of organizations surveyed were victims of ransomware

The CyberEdge Group conducted a survey and found that 55% of responding organizations were victim to successful ransomware infections in 2017, which was a 6% drop from 2016. The survey also found that only half of organizations that paid ransoms successfully recovered compromised data. The top industries affected by ransomware in 2017 were education, telecommunications and technology, manufacturing, retail, finance, government, and healthcare.

West Virginia to allow overseas military personnel to vote over internet

West Virginia will allow military personnel deployed overseas and their families to vote over the Internet. Votes will be recorded on a blockchain and voters will verify their identity via biometric tools. All votes will be on the same blockchain, allowing the blockchain to prove mathematical proof of integrity. This will allow voters to verify if their vote was recorded, vote anywhere in the world, and reduce the likelihood of a miscount. The pilot will be tested for the May 8 primary elections with 2 counties and if successful, West Virginia will allow all eligible statewide military voters to use it during the November general elections.

115th Congress releases report on cybersecurity

Congress released their “Cybersecurity: Selected Issues for the 115th Congress” report that discussed basic definitions of cybersecurity, the role of federal agencies in addressing threats, and a discussion of issues that may be of interest to Congress. The report covers a variety of topics to provide context and a framework for future discussion on the selected issues. Relevant issues to Congress included protecting critical infrastructure, data breaches, education and training, encryption, information sharing, insurance, international issues, the Internet of Things (IoT), oversight of federal information technology systems, and incident response.

FEMA Continuity Resource Toolkit addresses cybersecurity

The U.S. Federal Emergency Management Agency (FEMA) released their Continuity Resource Toolkit, which offers disaster continuity guides that include cybersecurity. In the 2018 Continuity Guidance Circular, FEMA identified that telework disaster continuity would be affected by a destructive cyber attack. FEMA also discussed implementing proper access control for sensitive data to mitigate the potential damage during a disaster. The guidance also recommended establishing a cybersecurity plan that includes communication methods that do not rely on public infrastructure, such as Radio Frequency-based communications.