source: federaltimes.com

The federal government spends approximately 80 percent of its $90 billion information technology funding maintaining legacy IT systems, which have contributed to “security risks, unmet mission needs, staffing issues and increased costs,” according to a June 11 Government Accountability Office report.

Of those systems, GAO identified 10 across an equal number of agencies that are in critical need of modernization, due to the age of the system, its criticality to the agency and the security risk it poses.

The systems themselves were not named, due to the potential security risks such a disclosure would pose, but were given generic descriptions and locations in the report:

  1. Department of Defense — a maintenance system supporting wartime readiness
  2. Department of Education — a system housing student information
  3. Department of Health and Human Services — an information system supporting clinical and administrative activities
  4. Department of Homeland Security — a network of routers, systems and appliances
  5. Department of Interior — a system supporting the operation of dams and powerplants
  6. Department of Treasury — a system containing taxpayer information
  7. Department of Transportation — an aircraft information system
  8. Office of Personnel Management — hardware, software and service components supporting IT applications and services
  9. Small Business Administration — a system controlling access to applications
  10. Social Security Administration — a group of systems housing information on Social Security beneficiaries

Those 10 systems cost approximately $337 million for their agencies to maintain, and can be expected to increase expenses and exposure while decreasing mission efficiency.

 source: cyberdefensemagazine.com

Intellectual Property & Trade Secrets – Gone In 60 Seconds

What your company spent years to develop can be lost in an instant at the hands of “Just 1 Malicious Employee“, with the click of a mouse. The continued incidents of employee theft, intellectual property and other malicious actions, paint a dark picture of what employees do when they are disgruntled, moving on to a new job, are under financial pressure, or trying to live a life style beyond their means, and may find a strong incentives to steal from their employers.

Detecting and mitigating against Insider Threats is one of the most difficult challenges for companies, organizations, and governments. In fact, behind phishing, it is most often ranked as one of the top cyber security challenges by CISO’s and CIO’s.

External Hackers are not the only threat your business or organization may be facing. One of your biggest risks comes from your own employees. A recently published Harvey Nash / KPMG survey of nearly 4,500 CIOs and tech leaders globally, finds that the Insider Threat problem is the fastest-growing one of all.

Every year, the comprehensive Verizon Data Breach Investigations Report (DBIR) provides the industry with a deep dive into the latest trends in cyber security incidents. The 2019 report found that Insider Threat incidents have been on the rise for the last four years. This year’s report also shows that 34% of all breaches happened as a result of Insider Threat actors.

More than any other industry, healthcare’s breaches are overwhelmingly caused by insiders, with nearly 60% tied to Inside actors. Healthcare is the only industry where insider-caused breaches outnumber external attack vectors

 source: securitymagazine.com

Global security concern remains at the highest level in 13 years, according to the 2019 Unisys Security Index report. 

For the third consecutive year, Identity Theft and Bankcard Fraud continue to be the two most pressing concerns worldwide. Identity Theft continues to rank at the top out of the eight security threats measured by the index, with more than two-thirds of those surveyed (69 percent) seriously concerned – exceeding reported concern related to threats like war, terrorism and natural disasters.

Significant findings include:

  • Bankcard Fraud also remains one of the top two security concerns globally, with two-thirds (66 percent) of consumers seriously concerned about it.
  • Increasing internet security concerns are largely behind the rise. Nearly two-thirds (63 percent) of consumers report they are seriously concerned about the threat of Viruses/Hacking with more than half (57 percent) seriously concerned about Online Shopping and Banking. In general, consumers in developing countries registered higher levels of concern.

Consumers reported they are as fearful of having data stolen at large events as they are of being physically harmed:

  • While 57 percent of respondents in the 13 countries surveyed registered serious concern (extremely/very concerned) about falling victim to a physical attack at a large event, the same percentage registered serious concern about having their personal data stolen when using public Wi-Fi at thesevents, and 59 percent were seriously concerned about someone stealing their credit card data.
  • 28 percent of respondents have changed their plans to attend certain large-scale events and nearly four in 10 (39 percent) said they would “think twice” about attending. A quarter of those who are not changing their plans reported they will take extra precautions about securing mobile devices and wallets. 

Concerns around Internet Security saw the biggest increase compared to 2018, rising three points. Concerns about Identity Theft and Bankcard Fraud continue to eclipse worries about threats from War or Terrorism or Natural Disasters and Epidemics. However, National Security concerns, on the whole, rose by two points.

 source: cyware.com

Almost half of the internet's email servers are now being attacked with a new exploit.

Exim servers, estimated to run nearly 57% of the internet's email servers, are now under a heavy barrage of attacks from hacker groups trying to exploit a recent security flaw in order to take over vulnerable servers, ZDNet has learned.

At least two hacker groups have been identified carrying out attacks, one operating from a public internet server, and one using a server located on the dark web.

RETURN OF THE WIZARD - CVE-2019-10149

Both groups are using an exploit for CVE-2019-10149, a security flaw that was publicly disclosed on June 5.

The vulnerability, nicknamed "Return of the WIZard," allows remotely-located attackers to send malicious emails to vulnerable Exim servers and run malicious code under the Exim process' access level, which on most servers is root.

Because of the sheer number of Exim servers that are currently installed across the internet -- estimated at somewhere between 500,000 and 5.4 million -- exploitation attempts were very much anticipated.

According to self-described security enthusiast Freddie Leeman, the first wave of attacks started on June 9, when the first hacker group started blasting out exploits from a command-and-control server located on the clear web, at http://173[.]212.214.137/s.

During the subsequent days, this group evolved its attacks, changing the type of malware and scripts it would download on infected hosts; a sign that they were still experimenting with their own attack chain and hadn't settled on a particular exploit method and final goal.