This is an article from CyberheistNews Vol 5 #4 Jan 27, 2015
For a day or so I was puzzled that the Anthem hack trail led to China. This would normally be a Russian operation. Then an insider told me that most of the three-letter U.S. Government agencies have their employees insured through Anthem's Blue Cross Blue Shield and then the whole thing fell into place.
The Chinese now own the identities of all the people fighting them, and can use this in a multitude of social engineering scenarios. No wonder that many people in the Government have steam coming out of their ears about the Anthem hack. Cyberwar has suddenly become -very- personal to them.
This may be why President Obama last Friday President Barack Obama signed an executive order that will nudge private companies to share data about cybersecurity threats between each other and with the federal government.
Apart from the fact that the cost of the Anthem data breach are likely to smash $100 million barrier, it's surprising that Anthem did not encrypt SSN's which allowed wholesale identity theft of thousands of American cyberwarriors.
Wonder why hackers are going after healthcare records these days? They are much more valuable because they stay active for several months after a hack, as opposed the credit card numbers which quickly get nixed after a few days.
Since Anthem is a healthcare company, you would expect them to take HIPAA compliance to the max and even top the required controls with higher standards. As we all know, compliance does not equal security, but it establishes a basline at the very least.
Becoming HIPAA compliant and staying that way is a challenge to say the least. The KnowBe4 Compliance Manager can help you with that. Fill out the form to get a webdemo or a 30-day trial:
http://info.knowbe4.com/knowbe4-compliance-manager_lp_14-04-15
Scam Of The Week: Microsoft Volume Licensing
Watch it! The bad guys are going after YOU this time. There is a phishing scam doing the rounds which sends you malware "from Microsoft" about your Volume Licensing that evades sandboxes and contains a Word doc which has macros inside and leads to a possible malware infection.
Following the instructions in the phishing email results in Chanitor being downloaded, which is used to download other malware. Corporate users are phished from Microsoft Volume Licensing Service Center (VLSC), according to researchers with Cisco.
A screenshot of the phishing email – which asks recipients to click on a link to download VLSC registration details – was included in a Monday post by Martin Nystrom, senior manager for Cisco Managed Threat Defense. He wrote that the message is very similar to the real email sent by Microsoft.
The link in the email appears to be for a Microsoft website, but Nystrom points out that hovering over it with the mouse reveals the true URL. Clicking on it will result in the authentic VLSC login page opening, but will also trigger a ZIP file to download that recipients may not notice is being delivered from a different website.
The ZIP file contains a Windows executable with a SCR extension – a screensaver file – and opening it results in the system being infected with Chanitor, which is used to download other malware, Nystrom wrote. This is the link to the full post:
http://blogs.cisco.com/security/fake-vol...vades-sandboxes
For a day or so I was puzzled that the Anthem hack trail led to China. This would normally be a Russian operation. Then an insider told me that most of the three-letter U.S. Government agencies have their employees insured through Anthem's Blue Cross Blue Shield and then the whole thing fell into place.
The Chinese now own the identities of all the people fighting them, and can use this in a multitude of social engineering scenarios. No wonder that many people in the Government have steam coming out of their ears about the Anthem hack. Cyberwar has suddenly become -very- personal to them.
This may be why President Obama last Friday President Barack Obama signed an executive order that will nudge private companies to share data about cybersecurity threats between each other and with the federal government.
Apart from the fact that the cost of the Anthem data breach are likely to smash $100 million barrier, it's surprising that Anthem did not encrypt SSN's which allowed wholesale identity theft of thousands of American cyberwarriors.
Wonder why hackers are going after healthcare records these days? They are much more valuable because they stay active for several months after a hack, as opposed the credit card numbers which quickly get nixed after a few days.
Since Anthem is a healthcare company, you would expect them to take HIPAA compliance to the max and even top the required controls with higher standards. As we all know, compliance does not equal security, but it establishes a basline at the very least.
Becoming HIPAA compliant and staying that way is a challenge to say the least. The KnowBe4 Compliance Manager can help you with that. Fill out the form to get a webdemo or a 30-day trial:
http://info.knowbe4.com/knowbe4-compliance-manager_lp_14-04-15
Scam Of The Week: Microsoft Volume Licensing
Watch it! The bad guys are going after YOU this time. There is a phishing scam doing the rounds which sends you malware "from Microsoft" about your Volume Licensing that evades sandboxes and contains a Word doc which has macros inside and leads to a possible malware infection.
Following the instructions in the phishing email results in Chanitor being downloaded, which is used to download other malware. Corporate users are phished from Microsoft Volume Licensing Service Center (VLSC), according to researchers with Cisco.
A screenshot of the phishing email – which asks recipients to click on a link to download VLSC registration details – was included in a Monday post by Martin Nystrom, senior manager for Cisco Managed Threat Defense. He wrote that the message is very similar to the real email sent by Microsoft.
The link in the email appears to be for a Microsoft website, but Nystrom points out that hovering over it with the mouse reveals the true URL. Clicking on it will result in the authentic VLSC login page opening, but will also trigger a ZIP file to download that recipients may not notice is being delivered from a different website.
The ZIP file contains a Windows executable with a SCR extension – a screensaver file – and opening it results in the system being infected with Chanitor, which is used to download other malware, Nystrom wrote. This is the link to the full post:
http://blogs.cisco.com/security/fake-vol...vades-sandboxes
