While this summer has been relatively cyber-incident free for federal agencies, data, endpoints, and networks remain a high priority target for a veritable army of cyber attackers. From state-sponsored hackers to malicious insiders and careless agency workers, there’s no shortage of risks. So what are agencies doing to build their defenses against these continuous threats?
Protecting PII and PHI a Top Priority for Centers for Medicare and Medicaid
According to a recent inspector general’s report the Centers for Medicare and Medicaid (CMS) while experiencing no actual cyber attacks are highly vulnerable to exploitation based on the results of a series of penetration tests conducted over the last few months. The report noted that the vulnerabilities are the result of “improper configurations and [a] failure to complete necessary upgrades.” With the amount of Personally Identifiable Information (PII) and Protected Health Information (PHI) that is stored in CMS systems, it’s vital that the improper configurations and upgrades get fixed immediately and a way to continuously manage system-wide updates is implemented. You can read more about this story here.
Mr. Robot: An Interesting Lesson in Cyber Education
Most of the time movies and television shows do a horrible job of representing cyber attacks, and cybersecurity experts. With lots of furious typing, flashy displays, and heroes who always manage to thwart the attack just in the nick of time, the on-screen cyber world bears little resemblance to the real world. However, Mr. Robot, which airs on USA as well as on streaming services, has bucked the trend and won high praise from cyber experts for its realistic depiction of attacks and, more importantly how they’re addressed and resolved.
The show’s authenticity is due, in large part, to the producers’ decision to hire real-life cyber experts – Tanium’s Andre McGregor and Ryan Kazanciyan – as show advisors. In a recent webinar hosted by Tanium, McGregor and Kazanciyan talked not only about the show, but about some of the bigger cyber security issues faced by high-profile complex organizations in this day and age. During the webinar Kazanciyan shared his key vision for InfoSec professionals:
“I’d like to see customers change their behavior when they see their data is no longer safe, so that organizations don’t treat security as an add-on — something you don’t need to bother with when you’re in a hurry…” Most organizations, he added, are still struggling to handle security at a basic level, much less build it in from the inception.”
If you’d like to read more of the interview with Ryan and Andre in Dark Reading you can do that here. If you’re interested in listening to the webinar, you can access it on-demand here.
Linux Flaw Leaves Approximately 1.4 Billion Android Devices Vulnerable to Exploit
A flaw in the Linux operating system that runs on Google’s Android devices has left users vulnerable to exploit, according to a recent article in Ars Technica. The flaw was first identified more than 4 years ago, and was “introduced into Android version 4.4.” According to researchers:
“One of the more likely ways exploits might target Android users is for them to insert JavaScript into otherwise legitimate Internet traffic that isn’t protected by the HTTPS cryptographic scheme. The JavaScript could display a message that falsely claims the user has been logged out of her account and instruct her to re-enter her user name and password. The login credentials would then be sent to the attacker. Similar injection attacks might also attempt to exploit unpatched vulnerabilities in the browser or e-mail or chat app the targeted Android user is using.”
Android users are advised to use encrypted sites and connections while Google’s engineers patch the vulnerability, although even encrypted connections can not completely eliminate the security risk. Interested in learning more about eliminating security vulnerabilities on a large scale without the need for manual updates? You can learn more about continuous monitoring here.
IT Management Needs an Overhaul
Once upon a time IT management wasn’t that complicated; systems were simple, only a few were connected to the Internet and ‘devices’ were desktops that never the left the building. InfoSec teams were empowered to do their jobs while their IT operations counterparts – if they were a distinct group, or existed at all, were able to do theirs.
However, in the last few years, the fundamental of importance of IT to delivering on mission critical activities and the exponential growth of networks, systems, endpoints, and devices has meant that these IT siloes are actually hampering bother operational capabilities and information security. An organization’s security posture is no longer just the domain of security teams; it encompasses IT operations as well. It’s imperative that situational awareness improve in order to thwart adversaries equipped with an arsenal of capabilities that are constantly upgraded. That means that monitoring systems have to operate at greater scale and across an expanding set of devices while delivering more timely answers to a more complex set of questions.
Interested in learning how optimize your IT organization’s management capabilities? You can download a whitepaper from Tanium and 451 Research to learn more about how to reduce operational overhead, while improving security, and generating meaningful ROI benefits. Click here to learn more.
