Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: The US DoJ is now pressuring WhatsApp for access to a series of encrypted messages. Security professionals are being urged to look into how to better use their security solutions. As more and more healthcare organizations are suffering data breaches and ransomware attacks, security professionals are being held responsible for securing privacy and making steps to improve the process.
WhatsApp Faces Standoff With Feds Over Its Message Encryption – Publication: CNet – Reporter name: Lance Whitney
WhatsApp, the Facebook-owned maker of an instant-messaging app, may face the same legal conundrum as Apple in a case that centers on the thorny issue of privacy versus security. The US Department of Justice is eager to view a series of WhatsApp messages for a criminal investigation, a move that has been given the go-ahead by a federal judge, The New York Times reported Saturday. But the messages are encrypted, meaning no one, not even WhatsApp, can unscramble them so that they’re readable.
Defense In Depth: Stop Spending, Start Consolidating – Publication: CSO – Reporter name: Kacy Zurkus
When it comes to layered defense and security tools, less is often more just as more can sometimes be less. The average enterprise uses 75 security products to secure their network. That’s a lot of noise and a lot of monitoring and testing for security practitioners. To make sure that the security tools not only work but work in harmony with each other, some security professionals recommend taking a closer look at the layers of the security ecosystem to eliminate redundancies that contribute to alert overload.
Cancer Center Breach Another Symptom Of Healthcare’s Growing Epidemic – Publication: Dark Reading – Reporter name: Kelly Jackson Higgins
Healthcare organizations suffer about one cyberattack per month on average as well as the loss or exposure of patient data, according to a new Ponemon Group report published last week. About 13% of healthcare organizations in the US don’t know for sure how many attacks they have experienced, the report found. A recent analysis by Trend Micro of 10 years of data breaches catalogued by nonprofit Privacy Rights Clearinghouse found that more than one-fourth of all reported data breaches since 2005 came from healthcare organizations. And those are only the ones that were reported; experts believe this is only the tip of the iceberg today in healthcare, where patient financial and insurance information is financially lucrative for the bad guys.
North Korea Slams Seoul’s Cyber-Attack Accusations – Publication: Security Week – Reporter name: STAFF
North Korea on Sunday blasted Seoul’s accusation that Pyongyang had launched a series of cyber attacks targeting South Korean government officials, calling the allegation a “bullshit” fabrication. Seoul’s National Intelligence Service (NIS) last week accused North Korean agents of hacking into the smartphones of dozens of key South Korean officials, stealing phone numbers and texts. The accusation follow claims earlier this year from the NIS that North Korean hackers sent phishing emails to the South’s state railway authorities in preparation for cyber terror attacks on traffic control systems. The North’s state-run Rodong Sinmun newspaper lashed out at the hacking accusations, saying they were cooked up by Seoul to shore up support for controversial surveillance legislation.