The Tanium 10: BadRabbit Hops Up Havoc | IT Pros Are Really Into Cybersecurity

Susan Nunziata Posted on 10.27.17 — by Susan Nunziata

Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think. See something you’d like to discuss further? Join the conversation in our Tanium User Community.

The Tanium 10

The Tanium 10 for the week ending October 27, 2017:

  1. The U.S. Federal Bureau of Investigation (FBI) may “always get their man.” Getting into encrypted devices? Well, that’s another story. FBI Director Christopher Wray disclosed the FBI has failed to open 7,000 digital devices so far this year. He said his comment was intended to foster support for “a balance that needs to be struck between encryption and the importance of giving us (the FBI) the tools we need to keep the public safe.
  2. The 820 IT pros surveyed by industry group CompTIA expressed more interest in working on cybersecurity-related issues than in the Internet of Things or artificial intelligence.
  3. Unlike the critter from Trix cereal fame, this rabbit is not silly. A new strain of the NotPetya ransomware, known as BadRabbit, has infected networks, mostly in the Ukraine and Russia. This malicious hare locks up hundreds of machines and handicaps infrastructure. (Shameless Tanium plug, BadRabbit edition: If you want to know more about how Tanium can help, check out this post by Jason Truppi, our Director of EDR.)
  4. Small business is a big driver in the U.S. economy. Its vulnerability to cyber attacks is also big, due to a lack of security knowledge and IT resources. That’s the rationale behind H.R. 2105, the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act, a bill that seeks to create tools and best practices for small businesses. Now, that’s a big idea.
  5. If U.S. law enforcement seeks data from a U.S. tech company stored in another country, it’s a time-sucking challenge, at best. A proposed U.K.-U.S. bilateral data access agreement could help speed investigations into crime while protecting the privacy of citizens.
  6. Another SMH moment from the Bitcoin world. Coin Hive was hacked so that websites using its code inadvertently redirected their generated cryptocurrency to cybercriminals. Apparently, hackers took full advantage of the Coin Hive folks’ forgetting to change an old password. Admit it, you’re shaking your head, too.
  7. Baby monitors, it was discovered, were turned into surveillance devices that listened in on things far more sensitive than sleeping toddlers. It’s a reflection of the lack of security standards for the Internet of Things (IoT). Chipmaker ARMhas developed a security framework that could raise consumer confidence in IoT devices and boost sales.
  8. Ian Levy, a director of the U.K.’s National Cybersecurity Centre, warns “sometime in the next few years we’re going to have our first Category 1 cyber-incident.”  The only way to prevent such a breach is to change the way businesses and governments think about cybersecurity, and shift the focus to managing risk.
  9. Catherine BessantBank of America’s newly appointed Chief Operations and Technology Officer, suggests “unlike most things in banking, where you model history to understand what is likely to happen in the future, that’s not true of cybersecurity.” She’s led the creation of metrics (subscription required) used to monitor security progress on a moment-to-moment basis. She says, “You’re only as good as your last minute of safety.
  10. Their pizza might be delivered hot, but a recent security breach leaves Pizza Hut customers cold. Credit card information of patrons was stolen and, in several instances, used fraudulently. The quick service restaurant chain was slow to disclose – customers were emailed about the hack two weeks after the incident occurred.

And another thing…

If your lunch partner’s slurping annoys you, be bothered no more. A Japanese instant noodle company has created a noise-canceling ramen fork that masks loud eating sounds. For a mere $130 you, too, can enjoy slurp-free dining.

Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.