Hello and welcome to our weekly cybersecurity news wrap up.
Healthcare organizations have been in the bullseye for hackers since the pandemic began last year, but the last few weeks have proved to be especially active. Currently, for example, healthcare institutions in Canada, Ireland and New Zealand are in the midst of security incidents.
Ireland’s woes began last week when its Department of Health was attacked. Another attack was foisted on them this week as well. Then in New Zealand, the IT services for its healthcare system appears to be completely down. And in Canada, one of the world’s largest insurance carriers has experienced a hack so bad the company took down their website as a “cautionary measure.”
Meantime, the SolarWinds hack continues to make headlines. This week, Russia continued to deny responsibility for the massive hack. Both the United States and Britain have blamed Russia's Foreign Intelligence Service (SVR) for the hack which compromised nine U.S. federal agencies and hundreds of private sector companies.
"These claims are like a bad detective novel," SVR Director Sergei Naryshkin, a close ally of Kremlin chief Vladimir Putin, told the BBC.
While whoever is responsible for it remains unclear, some new details are emerging. At the RSA Conference this week, SolarWinds CEO Sudhakar Ramakrishna said the company's continuing investigation of the breach shows that whoever is behind the attacks actually began probing SolarWinds' network as early as January 2019. The breach remained undetected until December 2020, or nearly two full years after the initial malicious activity. Previously, it was widely believed that attackers first gained access to SolarWinds' systems in October 2019.
Also, this week, top U.S. national security officials discussed what a new national data breach reporting law could look like and how it could stop catastrophic security incidents like the SolarWinds hack. The story in Cyberscoop (see below) has the details.
Finally, Facebook, along with other tech companies that manage pipelines of personal data that flow from the EU to the United States, will soon be faced with some very difficult compliance decisions. Last year’s Schrems II decision stemmed from a legal challenge to Facebook’s handling of the personal data of EU citizens. Facebook has managed to stall the legal consequences of this decision but it appears that the social media giant is running out of options. A ruling last week by the Irish High Court dismissed the company’s challenge to the Irish DPC, with no further appeals available. Read more about this below in CPO Magazine.
That’s it for the week. If you enjoy reading our blog, could you take a minute to share it with your colleagues? Thanks, and have a great weekend!
Top Global Cybersecurity News
ZDNet (May 20, 2021) Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks
"Three healthcare institutions in Canada, Ireland and New Zealand are in the midst of security incidents this week, highlighting the perilous cybersecurity landscape within some of the world's most important organizations.
Ireland's Department of Health was attacked twice in the last week – described by the Irish Foreign Minister Simon Coveney as 'very serious' – since the hack forced the cancellation of dozens of outpatient services and shut down a Covid-19 vaccine portal. New Zealand is facing a similar issue, with IT services for their healthcare system reporting a cybersecurity incident that completely knocked out the entire system.
Canadian insurer Guard.me, one of the world's largest insurance carriers, is still dealing with a downed website following 'suspicious activity was directed at the guard.me website.' The site is still down, with a lengthy message explaining that they took down their website as a cautionary measure."
Dark Reading (May 19, 2021) SolarWinds CEO: Attack Began Much Earlier Than Previously Thought
"The attack on SolarWinds that resulted in malware being distributed to thousands of the company's customers started a full eight months earlier than previously thought.
At a keynote session at the RSA Conference today, SolarWinds CEO Sudhakar Ramakrishna said the company's continuing investigation of the breach shows the nation-state group behind it began probing SolarWinds' network as early as January 2019. The breach remained undetected until December 2020, or nearly two full years after the initial malicious activity.
Previously, it was widely believed that attackers first gained access to SolarWinds' systems in October 2019."
CPO Magazine (May 18, 2021) Facebook Fails To Stop EU-US Data Transfer Ban; Irish DPC Order Puts an End to Legal Challenge
"The unexpected decision in the Schrems II case last year threw many trans-Atlantic tech companies into chaos, with perhaps none so strongly impacted as Facebook. The social media giant has now exhausted its options for legal challenges as the Irish DPC has ended its stay on the data transfer ban. Facebook, along with other tech companies that manage pipelines of personal data that flow from the EU to the United States, will soon be faced with some very difficult compliance decisions.
The Schrems II decision stemmed from a legal challenge to Facebook’s handling of the personal data of EU citizens. Privacy advocate Max Schrems successfully argued that data transfers to the US that contain protected EU citizen data are in violation of the General Data Protection Regulation (GDPR) due to the possibility that the US government may intercept this data (with the Edward Snowden leaks cited as a primary source of evidence)."
Reuters (May 18, 2021) 'Flattered' Russian spy chief denies SolarWinds attack - BBC
"Russia's spy chief on Tuesday denied responsibility for the SolarWinds (SWI.N) cyber attack but said he was 'flattered' by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack.
The United States and Britain have blamed Russia's Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, for the hack which compromised nine U.S. federal agencies and hundreds of private sector companies.
'These claims are like a bad detective novel,' SVR Director Sergei Naryshkin, a close ally of Kremlin chief Vladimir Putin, told the BBC in Russian."
CyberScoop (May 18, 2021) National security officials outline hopes for US data breach notification law
"Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack.
A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI. It also might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage."
Security Week (May 17, 2021) AXA Confirms Ransomware Attack Impacted Operations in Asia
"France-based insurance giant AXA has confirmed that some of its operations in Asia have been impacted by a ransomware attack.
A cybercrime gang that uses a piece of ransomware named Avaddon appears to be behind the attack.
Avaddon operators have a Tor-based website where they name victims that don’t cooperate and leak data stolen from them. In the case of AXA, the cybercriminals said they targeted AXA systems in Hong Kong, Thailand, Philippines and Malaysia, and they claim to have stolen 3TB of data.
The gang claims to have stolen files storing customer information, including ones containing information such as medical reports, claims, payments, bank account information, contracts, and ID cards. They have published roughly 20 screenshots to prove their claims."
Other Industry News
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.