Weekly Security Roundup with Clinton Pownall

By Clinton Pownall
 President & CEO
 Computer Business
 Consultants

Cybersecurity Experts Optimistic about Biden Hires. Cybersecurity experts seem hopeful about the early appointments made so far by the transition team of President-elect Joseph Biden, according to an article in Dark Reading. “I think you’ll finally see cyber and cybersecurity issues become a true national security, economic security, and diplomatic priority,” Chris Painter, president of the Global Forum on Cyber Expertise Foundation, and former government cybersecurity official, told a recent meeting of the Institute for Security + Technology. Kemba Walden, attorney in Microsoft’s Digital Security Unit and former attorney and adviser for cybersecurity at the Department of Homeland Security, agreed, saying: “I think we’ll see a multilevel, multilateral, all-hands-on-deck kind of plan we haven’t seen before.” Looking ahead, Walden said: “One of the approaches I’d like to see in the Biden administration is encouraging international cybernorms—maybe even encouraging at some point a cyber doctrine or treaty that will govern the use of cyber measures across countries, across companies.”


Ransomware in 2021 … “When Hospitals are Hit, People Die”. There is plenty we all want to leave behind as 2020 has given way to 2021, but a story in Threatpost “What’s Next for Ransomware in 2021” predicts that the ransomware situation will only get worse, including for healthcare organizations. Threatpost writes: “Super-fueling the explosion of ransomware crimes is the technical barriers to pull it off are lower than ever, thanks to established players selling ransomware-as-a-service options.” The article quotes Allie Mellen, Security Strategist, Office of the CSO at Cybereason, as saying: “When hospitals are hit, people die, and that is a huge, huge toll to take for any type of organization, of course. But hospitals, especially, we also see this with any type of organization that needs, as close to 100 percent uptime as possible, also known as the five nines.”


IBM Uncovers Massive Fraud Operation Targeting Online Banking. Researchers from IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days, according to a report in WIRED magazine. WIRED reports: “The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 emulators to mimic more than 16,000 phones belonging to customers whose mobile bank accounts had been compromised. In a separate case, a single emulator was able to spoof more than 8,100 devices.” The researchers said the attacks were able to circumvent two-factor authentication by intercepting text messages sent to account owners. This is concerning, as IBM researchers referred to it as automating fraud. The article concludes with the standard—but critically important—advice: “The operation raises the usual security advice about using strong passwords, learning how to spot phishing scams, and keeping devices free of malware.”


Malware + Advertising = Malvertising. Last week I wrote about the headline in CyberNews reading: “One in ten shopping ads promoted on Google potentially lead to phishing sites.” Now CSO Online has an in-depth write up describing the complexity behind such attacks, titled: “What is malvertising? And how to protect against it.” It’s a sobering read, including this: “Some of the world’s most popular websites, including those of the New York Times, Spotify and the London Stock Exchange have inadvertently displayed malicious ads, putting their users in jeopardy. What’s worrying is that people can get infected even if they don’t click on the images: Often it’s enough if they just load. This method is called “drive-by download,” because all a victim has to do is “drive by” a web page.”


SolarWinds: Cracking the Safe at Microsoft. The recently discovered SolarWinds security breach has rocked the world of cybersecurity—and beyond. So many government and corporate resources were compromised that I wasn’t surprised that Microsoft was on the list. But it was discouraging to see the company’s recent report, that the intruders were able to actually access some Microsoft source repositories to view code for some of its products. Microsoft said that the breach didn’t impact product security as the company assumes that source code can be cracked. Microsoft writes: “This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn’t tied to elevation of risk.”


Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. Pownall serves on several boards and committees and has a strong affiliation with various education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He serves as a Vice President of the Board of Director for the Orlando Shakes Theater and is heavily involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.