This is the ProactiveIT Podcast. This Week: The latest in IT and Cyber Security news plus Patch Tuesday, Coronavirus Tracking from your Phone, And Free Tools to Tackle WFH Challenges
This is Episode 25!
Hi Everyone and welcome to the Proactive IT Podcast. Each week we talk about the latest in tech and cyber news, compliance and more. We also bring you real world examples to learn from so that you can better protect your business and identity.
This podcast is brought to you by Nwaj Tech – a client-focused & security-minded IT Consultant located in Central Connecticut. You can find us at nwajtech.com.
Thanks for listening to this podcast. Show us some love on Apple or Google Podcasts. Subscribe and leave us some positive feedback. What are you waiting for?
Also, go join the Get HIPAA Compliance Facebook Group. Search for Get HIPAA Compliance
QOTW: How Can I Secure My Zoom Meetings?
Patch Tuesday Update:
Chrome 81 Released With 32 Security Fixes and Web NFC API
Firefox 75 released with Windows 10 performance improvements
Juniper Networks Releases Security Updates
Microsoft releases April 2020 Office updates with crash fixes
Hackers Can Compromise VMware vCenter Server Via Newly Patched Flaw
Oracle Tackles a Massive 405 Bugs for Its April Quarterly Patch Update
Microsoft April 2020 Patch Tuesday fixes 3 zero-days, 15 critical flaws
Intel April Platform Update fixes high severity security issues
Cyber Security News
This is the proactive IT podcast this week the latest in it in cybersecurity news, plus Patch Tuesday Coronavirus tracking from your phone and free tools to tackle work from home challenges. This is Episode 25 Hi everyone and welcome to the productive it podcast each week we talk about the latest in tech and cyber news compliance and more. We also bring your real world examples to learn from so that you can better protect your business and your identity. This podcast is brought to you by wash tech a client focused and security minded IT consultant Located in Central Connecticut, you can find a set in watch check comm that’s NWA j tech.com. All right, before we jump into things, I want to thank you for listening, wherever you’re listening to this, whether it’s Apple, Google, Stitcher, whatever podcast platform you’re listening to this on, if you could, like review, share, comment, whatever you can do to spread the word, it would be greatly appreciated. We really just are trying to educate people so that we can somehow reduce the amount of cyber attacks that exist today and educate people on on the opportunities that exist in the cyber world. Also, if you are in a HIPAA compliant business, speaking of education, go to Facebook and in a search type in get HIPAA compliance join that group. Because we do educate each and every almost daily, almost daily, I share something on there in that group. So it’s very educational for those of us in healthcare or those of us that are business associates of healthcare providers. Alright, let’s jump into the Patch Tuesday updates because it is Patch Tuesday this week was Patch Tuesday. So we have quite a bit of news we already talked about this month, Google Chrome was up updated to Chrome 81. Firefox was updated to 75. Both of those to address security concerns. Juniper Networks releases security updates. That was a week or two ago, Microsoft Office had some updates to adjust some crash fixes. And then VMware, I’m not sure if I reported that week. Last week, VMware vCenter, have vCenter Server had some updates to address address some flaws. So if you’re using VMware, I’ve received a bunch of emails on that for some reason. I don’t know why that’s the focus right now. But I did receive a bunch of emails from some of the vendors that I use about that as well. So it’s pretty significant. If you’re using VMware update it. This week, Oracle released a bunch of updates to tackle 400 And five bugs in their software. Not going to go into a lot of detail on that. But if you’re using Oracle in your environment, chances are you have Oracle, you have patches that you need to apply as soon as you can. Microsoft Of course released their Patch Tuesday updates this week, they address three zero days and 15 critical flaws on the zero day vulnerabilities or OneDrive for Windows elevation of privilege vulnerability, Adobe font manager library remote code execution, there are three of those phone vulnerabilities. And then there are 15 critical patches as well as a bunch of other patches. So the critical patches, mostly the same that we’ve talked about in the past, some remote code execution, some SharePoint chakra scripting engine and then scripting engine generally Hyper V remote code execution. So there are a few that need to be taken care of. Intel also released some updates until April platform update, including some high severity security fixes. And they include Intel nook for firmware until modular server compute module until data migration software until pro set wireless Wi Fi software until binary configuration tool and Intel driver and Support Assistant. So you’ll want to apply those as well. Adobe had a few updates. So the Adobe updates include updates for cold fusion after effects in digital editions. As I’m looking at this, the VMware did release another update for V realized log insight. So get that taken care of Cisco and Google released more updates. So Google, you should be Google Chrome is shut down at 1.0 point 404 4.113 For Cisco we have updates for IP phone web server, remote code execution and denial of service vulnerability multiple vulnerabilities in Cisco UCS, director in Cisco UCS Director Xpress four v four big data, wireless LAN controller 8802 point 11, generic advertisement service denial service vulnerability, wireless LAN controller, cap whap, denial service vulnerability, WebEx network recording player and Cisco WebEx player arbitrary code execution, vulnerability, mobility Express software, cross site request forgery vulnerability. I will t filled network director denial service vulnerability, Unified Communication manager path traversal vulnerability and arrow net service series access points client packet processing denial of service vulnerability so quite a few patches from Cisco this month, just released yesterday. So Cisco and Google, you should update those just came out yesterday. So update those and then of course Test and roll out your Microsoft patches and your your and your Intel patches as quickly as possible because some of these are active exploits. We did get a question of the week the question of the week was around how to protect zoom. And I did go over that last week in the podcast. So I’m just going to touch on that real quick. Again, the best things you can do just a few I wrote a blog post it’s a blog post is on watch tech COMM And wha tech comm 12 ways to secure your zoom meetings. 12 easy ways to secure your zoom meetings to be more specific but Tom probably the most important things is to add a password to your meetings, don’t share the meeting invitations publicly, like on social media and to enable the waiting room because waiting room means you have to approve anybody coming into the meeting. So that’s three of the 12. And there are more on that on the on the website. So go check that out. But that’s probably I would say those are probably the three best. And of course, there’s always password and two factor authentication that we’ve talked about ad nauseum on this podcast. So I’m not going to talk about it here. So hopefully that answers your question. Um, we’re gonna move on to the news. All right, first up on Zd net gambling company to set aside $30 million to deal with cyber attack Fallout. In the middle of a merger SP tech will have $30 million placed in escrow to deal with the repercussions of the past cyber attack. Online betting company SP tech will have to place 30 million in escrow as insurance for covering the fallout from a cyber security incidents incident that took place last month. The company agreed to do so as part of a renegotiated acquisition terms with diamond Eagle acquisition Corp Dec for short, it blank check company that acquired us protec and rebel platform DraftKings and is planning on merging the two later this year. In a filing with the US securities exchange commission da da de AC said SP tech must place 10 million in cash and 20 million in stock and an escrow fund. For the next two years. The funds will be used to deal with the expenses caused by a cyber security incident that took place on March 27. As reported by legal sports report at the time as the text platform went down in an incident that looked like a classic ransomware infection. Hundreds of third party websites that relied on SP tech sports betting and online casino platform went down GSP tech was down for almost a week before it resumed service with international partners but not with its us customers. The company’s waiting is still waiting for approval from us GM gamma regulations before returning service to us partners. D AC which agreed to pay around 600 million test B tech last year is expecting lawsuits for lost revenue from both international us partners and established the $30 million fun to deal with any fallout from last month’s security incident. If no litigation ensues, the cash and locked up, stocks will return to SP tech ownership. Expenses go over the $30 million emergency fund da da si said it would dip into another 70,000,025 million in cash and 45 million of stock that also sits in escrow. The second fund was set up part of the initial acquisition deal as a safety blanket for unforeseen as protec related operating funds in litigation. If 200 million is still not enough, t AC said it would pursue further funds from SB Tech’s current owners. So there you have it, Tom, when you’re selling a business, make sure you don’t have any pending litigation because it could cost you even after you’ve agreed to the terms of the sale. bleeping computer Reports new wiper malware impersonated security researchers as a pay as a prank. A malware distributor has decided to play a nasty prank by locking victims computers before they can start windows and implement the affection on to well known and respected security researchers. Over the past 24 hours after downloading and installing software from what appears to be free software and crack sites, people suddenly find they’re locked out of their computer before windows starts when locked out to PC will display a message stating that they were infected by vitalik Ramirez and malware hunter team who are both well known malware and security researchers and have nothing to do with this malware. So vitalik crumb as part of the Sentinel one team Sentinel one labs and the other one malware Hunter. Team is another security research team. here’s a here’s a sample of the text. Hello, my name is vitalik Gomez I infected your stupid PC you idiot write me on twitter at V k underscore Intel if you want your computer back If you do not answer if I do not answer right my husband twitter.com slash Mao is ma L. wr hunter teen to protect your effing computer in future install Sentinel one antivirus I work here as a head of labs I telecom as Inc 2020. Another variant calling itself Sentinel ones labs ransomware has been distributed targets only by teller comas and discloses his email address and phone numbers so I’m kind of a cruel prank just know that you know Sentinel one Labs is not behind this by teller criminals and malware hunter team are not behind this. So hopefully you shouldn’t be downloading things from from crack websites. Anyway. These are the sites that take software, legitimate software, find a crack to bypass the licensing, keys and so forth. And installed on computer typically what happens with those is you’re not just installing that software. Also installing something else it might be a key, a key. A key key logger. It might be some other malware might might might be a way to take over your computer when it wants to to use for Distributed Denial of Service could be ransomware as the case is here. So something to think about before you use pirated software. The state of security justice on chipper tripwire.com bad actors infiltrated New York State Government computer network, so officials revealed that malicious actors had succeeded in infiltrating new computer networks serving New York State’s government. According to Wall Street Journal officials revealed on April 13 that New York’s Office of Information Technology had discovered a security incident in late January, its analysis unveiled that those individuals responsible for the attack had constructed tunnels into some of New York servers in the state used for relaying encrypted data. That information ranged from motor vehicle records to pay information for 250,000 employees employed in New York state agencies and public universities in response to the findings discussed above New York brought in helped to determine the extent of the security incident Richard as a party, senior adviser to New York Governor Andrew Cuomo revealed that the subsequent investigatory effort uncovered no evidence that personal data of any new york resident employee or any other individuals were compromised or have been taken from our network. The state is currently working with Federal Bureau of Investigation to pinpoint the identities of those responsible for the breach to people familiar with that collaboration tool Wall Street Journal, that a foreign actor was likely responsible for the security incident. In the meantime, state officials decided to augment government systems existing digital security measures. They did so by installing additional digital security software and resetting passwords at agencies affected by the breach. Among them was the state’s comptroller office, which confirmed to the wall street journal that I had implemented certain measures to harden its digital security posture. No statement regarding the breach was available on New York’s Office of Information Technology website at the time of this reading, which was April 15. So it was Wednesday. On news it attack comes less than a year after the New York State enacted to stop hacks and improve Electronic Data Security Act, which is shield for short, which is kind of ironic, really, because the state implemented this and they are they have been compromised. Hopefully data was not stolen. You know, we wouldn’t want that to happen. But it would be ironic if it did. Threat post cyberattacks target healthcare orgs on Coronavirus, frontlines, not really new news, but again, I’m going to state it because it needs to be stated repeatedly. cyber criminals aren’t sparing medical professionals, hospitals and healthcare orbs on the frontlines of the Coronavirus pandemic when it comes to cyber attacks. ransomware attacks and malware recent malware campaigns revealed that cyber criminals aren’t sparing Healthcare firms, medical suppliers and hospitals on the frontlines of the Coronavirus pandemic. Researchers have shed light on two recently uncovered malware campaigns one target and Canadian government healthcare organization and the Canadian medical research university and the other one and the other hitting medical organizations and medical research facilities worldwide. email sent to those unnamed organizations purported to send COVID-19 Medical Supply data critical corporate communications regarding the virus or the corona virus details from the World Health Organization but actually aim to distribute ransomware info stealer malware and more. These recent campaigns are the tip of the iceberg when it comes to cybercrime targeting organizations in the healthcare space. Researchers said despite prior reporting by various sources indicating that some cyber threat attackers activity may subside in some respects during the COVID-19 pandemic unit 42 has observed quite the opposite in regard to the COVID-19 themed threats. Particularly in the realm of phishing attacks at Adrian McCabe, Vicki Ray and Juan Cortez security researchers with Palo Alto Networks unit 42 team. Between March 24 and 30th, researchers observed various malicious emails attempting to spread ransomware to several individuals associated with an unnamed Canadian government health organization actively engaged in COVID-19 response efforts as well as a Canadian university that is conducting COVID-19 research. The email sent from the spoofed who email address no reply at who it contained a Rich Text Format file that purported to spread information about the pandemic when opening RTF file tempted to deliver a ransomware payload that exploits a known vulnerability in Microsoft Office, which allows attackers to execute arbitrary code. Now vulnerabilities CVE 2012 dash 0158. So if you’re using something that hasn’t been patched since 2012, because that’s the year is 2012. That means that that’s when the vulnerability was destroyed. And then then you have other things that you need to talk about what your security team. And so then goes on from there to talk about what, what types what they’ve discovered with these attacks. So the whole point of this is, yes, the cybersecurity threat landscape is very real. And it had and the number of attacks has increased dramatically, including phishing attacks, which is probably the number one type of attack at this point in it. And now remember, 90% of ransomware attacks, begin with a phishing attack. So if you are finished successfully, then there’s a good chance you are going to get hit with ransomware. Next, and we’re going to talk about some phishing attacks on healthcare later on in this episode, because there have been someone who is one where the attacker was in for a few months. Nick, a security by Sophos reports Tick Tock users beware hackers could swap your videos with Their own mobile app developers Tommy Miskin, tala has backery just published a blog article, entitled Tick Tock vulnerability enables hackers to show users fake videos as far as we can see there, right? This is according to the article on naked security by so forth. We replicated the results with a slightly older Android version of tic toc from a few days ago. 15 point 5.4 for the test included deleted the very latest builds on Android and iOS number 15 point 7.4 and 15 point 5.6 respectively. We used a similar approach to misc and Hodge backery. To look at the network traffic produced by Tick Tock we installed packet capture or T packet capture sorry, app on Android and then ran the TIC Tock app for for a while to flip through a few popular videos. So I’m gonna just give you the the summary here. So essentially what happened was they ran t packet capture which captures all the traffic between From in your network, as long as you’re on the network, it can capture all the traffic. So it’s similar to Wireshark. And you do end up using Wireshark at the end of this. And so what they grabbed was a bunch of traffic from tik tok. Some of it was encrypted. Some of it was not what wasn’t encrypted was to get requests that show images and videos in the data fetch was that was not encrypted. Plain old, unencrypted HTTP requests include a profile pictures, still frames from videos and videos themselves. And now because you’ve captured this information, you could swap it out with some other information. So that’s the that’s the newest thing with tic toc that we need to be on the lookout for and I’m sure now that it’s out there, it will be exploited. On that being said, I would highly recommend if you’re using Tick Tock or know anybody using Tick tock, think twice Talk until it’s until it’s secured and it could prove that it’s secure. I would just leave it alone. On hack read calm. personal data of 1.41 million US doctors sold on hacker forum cyber criminals are taken advantage of the COVID-19 pandemic from selling fake Coronavirus, vaccines and testing kits to setting up malware infected fake live maps of the infection crooks can go any level to make cheap and quick book bucks on hacker forums. In the latest a cyber criminal selling personal and contact details of 1.41 million doctors based in the US this can turn into a disaster for doctors and healthcare staff busy saving lives amid the pandemic hacker.com has learned that the database and discussion was stolen on April 11. From QA dot find a doctor calm, an online service that lets people search for the healthcare professional book instant appointments and consult with doctors online. The targeted website is based in Edison New Jersey and owned by Millennium technology solutions, and look at it shows it claims to average stood 100,000 plus doctors and 5000 plus members. The website allows both doctors and patients to registers themselves. With their email Jeff dresses though patients are required to snap a photo of themselves, or upload one from their PC to register the membership. We can confirm that patients photos or medical records are not among the stolen data. However, the what includes what is included in the data is enough to target doctors. For instance, the sold records include details like full names, genders, name of hospital organizations, where they work, location, mailing address, practice, address, country phone numbers, license number and much more. The good news is that trove of data does not contain email addresses, which means doctors are safe from phishing and malware scams, but based on the leak records, finding the error their email addresses will be a piece of cake which is very true by the way. Hacker comm was able to find dozens of doctors in New York based on the sample data we have seen. Furthermore, cyber criminals can use available phone numbers. To carry out a phishing attack or even phishing which is so smishing is phishing over text SMS and phishing is voice phishing. A malicious technique involving sending or of text messages while phishing links to steal financial data or redirect the victim to website dropping malware. Simply put, attacking options for cyber cyber criminals with this data are infinite. And there is a phishing phishing attack going around right now it’s saying you know, you may have come in contact with someone who is infected with Coronavirus and and there’s a link so that is not real. Do not click on it. We are going to talk a little bit about a plan Apple and Google have for tracking COVID-19 but we’ll get to that shortly. And then our last bit of news before we move on to our hot topics threat posed PP and COVID-19 medical supplies targeted by BTC scams. FBA I said government agencies aiming to buy a critical items like ventilators have unknowingly transferred funds to threat actors much has been publicized about the shortage of personal protective equipment and other supplies for healthcare facilities in the United States during the COVID-19 pandemic. Now, the FBI is warning that threat actors are taken advantage of efforts to procure PP, and critical equipment such as ventilators with new business email compromised, that’s bc for short, and other scams aimed at defrauding go seeking supplies. And a warning posted to the FBI website. The law enforcement agency said it was aware of multiple incidents in which state government agencies were duped into sending advanced funds to both domestic and foreign fraudulent brokers and sellers of things like in 95, Mass and gallons. these so called Advanced fee schemes are among several new fraud campaigns the feds have observed alongside more typical bc scams. The common theme is that they all use socially engineered emails, tried to fool people to try to fool people into sending funds To what they think are legitimate entities instead directing payments to accounts that bad actors can access in advance fee schemes. related to procurement a victim prepays partially or in full a purported seller or a broker for a good or service and then receives little or nothing in return FBI officials explained in the post. In one case, a purchasing agency believed it was working with someone with whom already had a an existing business relationship showing the sophistication of the attack according to the FBI. By the time the person purchasing agencies became suspicious of the transactions, much of the funds have been transferred outside the reach of the US law enforcement and we’re unrecoverable. Indeed the COVID-19 pandemic has brought threat actors out of the woodwork with a raft of new scams and attacks aimed at the multiple and complex aspects of the crisis. Many texts have focused on individuals interested in receiving accurate information about the pandemic and have used email based attacks and spread to spread malware. One campaign for example, you socially engineered emails promising access to important information about cases of COVID-19 and the receivers local area. Instead of providing this to fake messages evaded top email detection software and spread malware that steals the user’s Microsoft login credentials. And another example is a spear phishing campaign used emails claiming to be from World Health Organization to send an attachment to unleashes the info stealer, locate Loki bot. If downloaded and open, the agency also provided some warning signs to look for. For those in charge of procuring supplies. These signals include someone initiating the contact with the buyer, especially from a difficult to verify channels such as telephone or personally email, the seller or broker being an entity with which the buyer has not previously done business or solid that can’t be verified with the manufacturer of the products, the entity aims to distribute. Another red flag is an unexplained interest urgency on the part of the seller to transfer funds or last minute change in the wiring instructions. That part is previously agreed to authority sent. To mitigate these types of attacks, the FBI recommended several steps that procurement agencies can take. These include avoiding prepayment scenarios altogether by routing payments to a domestic escrow account, with funds to be released to the seller upon receipt of the Promised items. Other efforts to shield organizations includes having a trusted independent party ensure that the items for sale are physically present and verifying the contact information such as email addresses match the actual sender of the message is according to FBI schemes aimed at healthcare facilities continue to ramp up recent research shed light on to recently uncovered malware campaigns one targeting Canadian government healthcare organization and a Canadian medical research university and the other hitting medical organizations and medical research facilities worldwide. So we just talked about those a few minutes ago. The email sent to these unnamed organizations purported to send COVID-19 Medical Supply data critical corporate communications regarding the virus or Coronavirus details from the World Health Organization but actually aim to distribute ransomware info stealer And more. Another thing you can do to avoid being scammed. This way bc scam is to verify the sender, make a phone call. It only takes a few minutes verify that they are who they say they are. And if you’re not sure, then then reach out to the FBI and see if they can shed some light on it. But you shouldn’t really be doing business completely over email unless you know the person and are comfortable with the person and can verify who they are. All right, as promised, let’s talk about Apple Google team on Coronavirus tracking. And then this of course sparks fears of privacy issues. This is on threat post. This has been reported in multiple places now. But we’re going to take it from threat post.com Apple and Google announced that decentralized Bluetooth technology will soon be rolled out for Coronavirus contact tracing privacy implications are worrisome for some Apple and Google are teaming up to launch technology that traces the spread of Coronavirus via apps for iOS and Android users despite the company’s insistence that privacy will be of utmost importance. Some in the security space, remain wary of data privacy concerns. Around the newly announced technology, Apple and Google plan to use decentralized Bluetooth technology and smartphones to help users track whether they have been exposed to someone who has tested positive for the virus also known as contact tracing. The way it works is this any Android or iOS user who has opted in is assigned an anonymous identifier beacon, which will be transmitted to other nearby devices via Bluetooth. This is similar to Bluetooth signal tracing technique used by Singapore and a Coronavirus tracking app called trace together world In March, when two people who have opted into the tracking into the contact tracing are in close contact for a certain period of time, their phones will exchange their anonymous identifier beacons. If one of the two is later diagnosed with the corona virus, that infected person can enter the test result into an app such as compatible app from public health authority. Then the infected person can consent to uploading the last 14 days of his or broadcast beacons to the cloud. And the other person who has been in close proximity to the person infected will then be notified via the phone that an exposure to someone who has tested positive for Coronavirus took place. This technology will be rolled out in two phases. The first phase will be an application programming interface released in May that public health agencies can integrate into their own mobile apps. Many such Coronavirus tracking apps are already available such as COVID symptom tracker, and private privacy private kit safe paths. The second phase will work at an operating system level and will work at opt in basis for Android and iOS users in the coming months. The OS level version is more robust solution than an API and would allow more individuals to participate if they choose to opt in, as well as enable interaction with a broader ecosystem of apps. And government health authorities said Apple and Google and a Friday statement, privacy transparency, transparency and consent are of utmost importance in this effort. And we look forward to building this functionality in consultation with interested stakeholders. Both Google and Apple’s just that they are taking extra privacy precautionary measures for the contact tracing technology. First of all, all Bluetooth based tool is opt in only and first of all, the Bluetooth based tools opt in only an explicit user consent is required. The tool doesn’t collect personally identifiable information, or user location what’s being collected is the proximity to other devices, not the location of devices at Apple. The anonymous identifier beacons themselves will will be random And rotating every 15 minutes so that there’s no way to track the device. They’re associated with Google said the identifiers that have been collected by a phone will also stay in the phone. The data linked to the identifier beacons will only be used for contact tracing by public health authorities for COVID-19 pandemic management’s at Google and Apple. Despite apple and Google’s emphasis on privacy, some remain concerned about its implications, particularly with collecting, handling and handling of sensitive healthcare data, which would be a concern of mine. And Google’s been trying to get their hands on on pH I for a while now, and have succeeded in some some cases. Sergio Caddo. kouta go Rome, Vice President of threat intelligence at Draco’s, for instance, outlined his concerns with the technology in a Twitter thread, calling it literally a real time walking health report. He also worried that the data would be used to discriminate against people as fear of Coronavirus will rise as we leave large scale quarantine. The explosion of Coronavirus tracking in general has low security The experts were the ACLU late earlier this year. Earlier this week for, for instance released a report called the limits of location tracing and an epidemic detailing the issues with phone location tracking as a solution to contain Coronavirus including weather data is anonymous who gets to access the data and how the data is used when the life cycle the data is. In the sick crisis, we need to seriously consider how technology might help improve public health said ACL use J. Stanley and Jennifer’s Tisa Granick in the white paper. This investigation must be based on realistic understanding of what technology and data can and cannot do. Less we divert attention expertise and financial resources from other simpler but time tested methods that are more effective in particular, policymakers should understand the limits of existing location data and devices for automatic contact tracing. Despite that one in four responses to a threat post leader poll reader polls are still sending we’re okay with sacrificing a portion of their personal privacy in exchange for some form of cell phone tracking that could in theory reduce Coronavirus, infection rates and save lives and when asked if an app existed that told you who in your neighborhood was infected with the Coronavirus, would you use it over a third of respondents said they would use it was 33.6%. Moving forward Google and Apple stress that they will continue to make their work available around Coronavirus contact tracing for analysis now, so a couple of couple of questions I would have number one is once eventually just Coronavirus pandemic will go away. So when that happens, what happens with these apps? What happens with the data? And do these apps now get used for other types of tracking? So that would be my first question. My second question is we’re trusting users to upload their data. So they get tested positive, and they upload their data to this app. How do we know they’re going to do it? You know, how do we know that that’s actually going to happen and then we’re also like it says, setting ourselves up for some form of discrimination because Now if you know there’s a hotspot and you know people in that area, I mean, I go to the store now and I get dirty looks and I’m not sick. So imagine now if you know people were sick in that area, or you know, someone you’ve been in contact with, you could you know, we’re not in touch with a lot of people at this point. So we could deduce who you’ve been in contact with, that could be infected. And then the final thing that I’ll say to this is this if arm if you if they have if it’s months away from being released at the OS level, what does that say about this virus? Do we not think it’s going away anytime soon? Do we not have a solution is the semi quarantine that we’re under? Is that really working? I don’t know. I mean, the numbers seem to be leveling off. So we’ll see. But those are the concerns. I would imagine privacy concerns about HIPAA concerns about We’ll see what comes of this and if and how many people will truly opt into it. I don’t know. Next up dark reading com cybercrime may be the world’s third largest economy by 2021. This is on dark reading.com as I just said, I think the underground economy is undergoing an industrialization wave and booming like never before as organizations go digital so there’s crime. Today, cybercrime is a massive business in its own right and criminals everywhere are clamoring to get a piece of the action as companies and consumers. That’s trillions to stake to claim in digital universe. That’s why the World Economic Forum’s WTF global risks report. 2020 states that cybercrime will be the second most concerning risk for global commerce over the next decade until 2030. It’s also the seventh most likely risk to occur an eighth most impactful and the stakes have never been higher revenue, profits and brand reputations of enterprises are on the line mission critical infrastructure. is being exposed to threats in nation states are engaging in cyber warfare and cyber espionage with each other. putting things into perspective Walmart, which racks up, America’s greatest firm earnings generally generated a mind blowing 514 billion dollars in revenue last year. Yes, cybercrime earns 12 times that. Both sell a huge variety of products and services. In fact, in terms of ermine earnings, cybercrime puts even Tesla, Facebook, Microsoft, Apple, Amazon and Walmart to shame. Their combined annual revenue totals just 1.28 billion. cybercrime markets have also split up into groups as the bad guys take pains to gather in secretive exclusive discussion boards to avoid scrutiny from follows from police and fraudsters. They’re constantly evolving portfolios portfolio of cybercrime services includes everything from distributed denial of service attacks and malware to phishing campaigns. Trojans and massive stolen data sets are available to anyone who’s willing to sell for them. cybercrime is undergoing an industrialization wave and offers Everything that a regular legal company does product development, technical support, distribution, quality assurance and even customer service. cyber criminals Rob and then sell new technologists a secret strategic plans that will give their buyers an edge over the competitors. Hackers steal military secrets, renewable energy innovations and more. cybercrime is a team effort, cybercrime is a growing concern and also less risky than committing traditional crimes such as bank robbing. In fact, the WTF says that in the US the likelihood of catching cybercrime actors and hauling them into court is estimated to be as low as point 05 percent. And when they do, it’s usually pretty big news. With a smoothly operating team flogging a broad set of services cyber criminals can earn roughly 10 to 15% more than their traditional counterparts. But there are you on and gaps between the revenues that different hackers pull in. It depends on the job the risk they incur, and how many people work for the organization. The top earners can rake in more than $2 million per year. Sometimes Imagine that the average hackers geeky teenager and a hoodie hiding in a dark basement. Some of them might be this way, but today’s cyber criminals are more polished. They do everything from recruit staff to point executive. Some groups even have public personas who ensure the hacker group maintains a sterling reputation. This is important on the dark web where hackers transact most of their business. UK is National Cybersecurity Center has highlighted that organized cyber criminals have different rules to make the operations run smoothly. There are team leaders who coordinate the work and are responsible for staying one step ahead of the law. They guide to data miners to people who system has ties. Stolen data coders who write and alter malicious code and intrusion specialists who have infect and infiltrate target companies, furthers call center agents phone people and and pretend to be computer support staff. Their job is to install malware on victim computer money specialist launder money. Most Popular ransomware in DDoS extortion according to Europol exploit kits are no longer the top products. But the replacements are not proving to be as sophisticated or popular. Theft via malware has been declining as a threat and is placed the cyber criminals of today use ransomware and DDoS extortion which are easier to monetize. For example, take booter services. These are mercenary DDoS soldiers who use large scale botnets or manipulated cloud accounts to produce a malicious flow of data that stops it cold their attacks can last for days and costs anywhere between $10 for a small tech to thousands of dollars for more complex jobs. They could be part of a ransom scheme, vandalism or sabotage or simply a way to disguise a multi vector attack while occupying two victims IT resources University of Cambridge was found that such assaults have become so common that the purchasers even include school aged children. Your poles internet organized crime threat assessment 2019 report describes how DDoS attacks are one of the most serious threats facing global business. They prefer DDoS targets of victims of criminals last year were banks and other financial institutions. public organizations such as police departments and local governments, travel agents, internet infrastructure and online gaming were also favorite victims. Some bad actors were rested, but they failed to make a dent in the growth rate of DDoS attacks, or on the dark web infrastructure that makes them possible. According to Europol. A new paradigm digital services are essential to organizations of all sizes from small online shops to global giants. His services are annoyingly slow or offline for hours or even days, the firm’s revenue and reputation will take a hit. Once it took once it took a while for news about the sort of disruption to get around. But these days are gone. Today, everyone knows everything almost instantly. That’s why using botnets are cash cows for cyber criminals. They can use them in DDoS attacks to extort money, and website owners by threatening attacks that will take out their services or awareness of this and other risks is growing, and other companies and more companies are spending on cyber risk management. Nevertheless, the WTF says that cybersecurity spending is still far from what it needs to be given the scale of the threat. Now, I talked a few minutes ago about using pirated software using pirated operating systems. And this is one thing that happens when you do that. They can then create, they can enter in your computer into a bot your entire network into a bot if you are using pirated software, and then use it in a DDoS attack. So the DDoS the victim is then brought down but so is your network your computer’s at that point. So something to think about stop using pirated software. It is illegal First of all, and second of all, this is what happens when you do allow for these types of things. And then finally on CD now I thought this was pretty cool. To me, it’s important when we’re in at a time, like we’re in right now a time of difficulty that you see two types of people, you see those that tried to take advantage of the situation. And in some cases, that’s the bad guys, the hackers and I don’t like to use the word hacker I like the word, bad actors and bad guys that do these ransomware attacks and phishing attacks and so forth. But then you also have the flip side of that you have people that go out of their way to try to make these bad times these challenging times, a little easier. And so Zd net put this article together of free tools and services for businesses during the COVID-19 crisis. And I actually was approached by a couple as well. So I have a deal with ID agent for 90 days free and I saw another one alert logic was offering 90 days free and so there’s a lot of that going around. And then of course the last check, we’re offering a few things for free right now. Remote remote support for the first hour for how care providers and educators. We’re doing free remote remote support completely. And then we are doing compromise breach assessments for free as well. But so here’s a list of companies that are providing free tools during this time at lesion at Asia in the collaboration and productivity software provider is making its flagship cloud products available for for free for teams of up to 10 people. This comes in addition to his existing free offerings for teams of all sizes, and the offer is not time bound. The new free offerings include cloud based edition about lesion signature product, the project tracking software JIRA, it also includes access to cloud editions of the collaboration software Confluence, which is kind of like a SharePoint, JIRA Service Desk and the project management software. JIRA Core now will tell you this with JIRA Service Desk. There have been reports that people miss configuring them and opening them up to attack so be careful with that.
Transcribed by https://otter.ai