Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business
Consultants

“Vishing Attacks” Beware of Phone Calls Supposedly from Amazon. ZDNet carries the headline “Fraudsters Employ Amazon ‘Vishing’ Attacks in Fake Order Scams,” for an article describing how criminals combine voice with phishing (vishing) to send people fraudulent messages. The messages typically alert the user to a fictitious purchase, and then ask for personal information—including credit card numbers or bank accounts—in order to provide a refund, which of course never comes. Sometimes the scam begins with a phone call. In other cases a text message or email is sent, which includes a phone number to call. The idea is that talking to someone will make the scam easier to carry out.


“FBI says Conti Ransomware Gang has Hit 16 U.S. Health and Emergency Networks.” That’s the news from a recent Reuters report in which the FBI links the attacks to the same online extortionists who hit the Irish health system earlier this month. In an alert made public by the American Hospital Association, the FBI said the cybercriminals using the malicious software dubbed ‘Conti’ have “targeted law enforcement, emergency medical services, dispatch centers, and municipalities,” Reuters reports. The alert did not name the victims or go into detail about the nature or severity of the breaches, saying only that they were among more than 400 organizations worldwide targeted by “Conti actors.” Dark Reading’s coverage of the announcement quotes an official as saying: “These ransomware attacks have delayed or disrupted the delivery of patient care and pose significant potential risks to patient safety and the communities that rely on hospitals’ availability.”


“How to Tell a Job Offer from an ID Theft Trap.” That’s the headline for a Krebs on Security report on a rise in what Krebs terms “One of the oldest scams around—the fake job interview that seeks only to harvest your personal and financial data.” The article centers on a  recent LinkedIn impersonation scam that offered jobs to individuals, and after inviting them to participate in an online interview, offered them the job, but said they needed to contact another person to complete a “background check” in which they were asked to provide personal and financial information. The article notes that LinkedIn has several layers of filtering to detect and remove such scams, but that some get through. The story quotes from a recent FBI report on the problem, and includes an FBI list of telltale signs of a job scam:

  • Interviews are not conducted in-person or through a secure video call.
  • Potential employers contact victims through non-company email domains and teleconference applications.
  • Potential employers require employees to purchase start-up equipment from the company.
  • Potential employers require employees to pay upfront for background investigations or screenings.
  • Potential employers request credit card information.
  • Potential employers send an employment contract to physically sign asking for PII.
  • Job postings appear on job boards, but not on the companies’ websites.
  • Recruiters or managers do not have profiles on the job board, or the profiles do not seem to fit their roles.

Hackers Love Unpatched Software. That’s the take-home message from a recent CyberScoop article about a Trend Micro study of the dark sites where hackers buy and sell software. The article reads “The study, which spanned nearly two years and numerous illicit marketplaces, found that nearly half of the software exploits requested on forums were for vulnerabilities that were at least three years old.” The article notes: “The data shows that holes in popular software act as cash cows for criminals in instances when corporate, personal or government users don’t update their software.”


Colonial Pipeline was Another Wake-Up Call. Are We Hard of Hearing? CSO Online reports on a senior White House official speaking on background and voicing some frustration about the current state of cybersecurity. CSO Online quotes the official in speaking of recent cyber attacks as saying “These incidents are a reminder that our adversaries will use multiple methods of attack, whether hunting for coding errors or compromising our supply chains to create opportunity.” The official said incidents such as the SolarWinds, Microsoft Exchange and the Colonial Pipeline attacks share commonalities. The first being, “a laissez-faire attitude toward cybersecurity.” The second being “poor software security and current market development of ‘build, sell, and maybe patch later.’” The article concludes: “As the White House administration official noted, to continue the status quo of rushing from one incident to the next is unacceptable. CIOs [Chief Information Officers] and CISOs [Chief Information Security Officers] will be well served to embrace the mandates found within the executive order, while taking on board the CISA recommendations on being prepared to repel a ransomware attack.”


Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. He is a member of the Florida Police Chiefs Association, and advises law enforcement agencies on cyber security. Pownall serves on several boards and committees and has a strong affiliation with various arts and education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He’s served as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.