This Week In Security - 02/17/2020
Chinese Military Accused of Equifax Data Breach
Four Chinese nationals, believed to be members of the People’s Liberation Army, have been indicted on nine charges relating to the theft of personal information in the massive Equifax hack of 2017.
Liu Lei, Wang Qian, Wu Zhiyong, and Xu Ke each face three counts of wire fraud, conspiracy to commit computer fraud, and economic espionage.
The hack remains one of the largest in history, affecting nearly 150 million people and causing significant financial damage to the consumer credit reporting agency while invading the privacy of its users.
The breach was so serious that Bill Evanina, National Counterintelligence and Security Center director, said it “must be viewed as a counterintelligence issue rather than just a cyberthreat”. Chinese authorities responded, claiming the military and its personnel “never engage in cyber theft of trade secrets”.
Attorney General William Barr remained unfazed, however, saying, “we remind the Chinese government that we have the capability to remove the internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us”.
Barr’s strong words are indicative of the federal law enforcement agencies’ staunch stance on cybercrime and yet the likelihood of the accused facing trial in the US is slim and their whereabouts unknown.
NHS Sells Patient History to Highest Bidder
The UK’s National Health Service is struggling to keep its head above water and one of its biggest assets is your data.
It’s no secret that the US wants any trade deal with the UK to include access to its 55 million health records, believed to have a value of around £10bn per year, but it seems the NHS is already selling so-called anonymous data to the highest bidder.
Some of the US’s largest drug companies have already handed over around £330,000 each for access to anonymized data intended for research purposes. While that sounds perfectly reasonable, the problem is, anonymized data isn’t so anonymous.
Privacy campaigner, Phil Booth, told reporters that “the public was being betrayed by claims that the information could not be linked back to individuals”. Booth said, “the unique combination of medical events that makes individuals; health data so ripe for exploitation is precisely what makes it so identifiable”.
One GP, Neil Bhatia, believes the whole concept of anonymization of data is flawed and “very hard to achieve, given that there is so much information about us in the public domain”.
NHS patients wanting to protect their privacy can opt-out of the system by asking their GP.
Deep Instinct Secures $43m to Fight Cybercrime
Investors dig deep to support a new approach to cybersecurity that applies “end-to-end deep learning to predict, identify, and prevent cyberattacks”.
A recent funding round saw cybersecurity company, Deep Instinct, secure a $43m cash injection from investors that include “four of the world’s largest technology companies”. The latest boost takes the company’s total funding to $100 million and will help Deep Instinct expand its unique cybersecurity approach internationally.
The company’s CEO, Guy Caspi, said the interest in its deep learning approach came from the fact that “Current solutions based on ‘assume breach’ are simply insufficient for the highly sophisticated attack landscape we all face”. Deep Instinct’s sophisticated approach can anticipate threats and prevent attacks before they even occur.
Deep Instinct’s chairman, Lane Bess, added, “This significant round of new funding highlights the importance of prevention for every enterprise. The economic impact of repairing a breach is too high to ignore the need to prevent threats before they occur”.
Investors are optimistic about the future of this unique cybersecurity approach, saying, “What excites us most about Deep Instinct is its proven ability to use its proprietary neural network to effectively detect viruses and malware no other software can catch”.
Microsoft’s Patchy Performance Continues
Microsoft seems to make it into the headlines every week courtesy of yet another security flaw and yet another patch. The latest Patch Tuesday updates are one is largest, addressing 12 critical bugs and a further 87 security vulnerabilities.
The latest flurry of security updates comes hot on the heels of the critical flaw the NSA warned users of last month. However, although bulky, this month’s patch addresses more garden-variety issues rather than an “earth-shattering bug that needs to be addressed with haste”.
The more critical bugs are primarily memory corruption and remote code execution issues that affect the Remote Desktop Protocol service, the IE scripting engine, and executable LNK files.
According to intelligence analyst, Allan Liska, the patch also rectified a more serious issue which, while listed as important rather than critical, could have allowed “attackers to exploit the Exchange Server and execute arbitrary code just by sending a specially crafted email”.
Although Microsoft has been aware of this vulnerability since 17th January, its previous solutions were mere “workarounds and mitigations that [could] be applied in order to safeguard vulnerable systems from attacks”. This month’s cumulative security updates provide a patch that removes this IE zero-day threat for good.