The Tanium 10: U.S. ATM Machines Hit By “Jackpotting” | How Maersk Recovered From WannaCry

Susan Nunziata Posted on 02.03.18 — by Susan Nunziata

Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think. See something you’d like to discuss further? Join the conversation in our Tanium User Community.

The Tanium 10 cybersecurity and IT operations news

The Tanium 10 for the week ending February 2, 2018:

  1. Hackers have perpetrated their first large-scale “jackpotting” attacks on U.S. ATM machines. According to Reuters, a confidential U.S. Secret Service alert sent to banks last Friday said machines running Windows XP were more vulnerable than others. The memo encouraged ATM operators to update to Windows 7 to protect against the attack, which targets machines located in pharmacies, big-box retailers, and drive-throughs.
  2. An inspiring tale of resilience: How A.P. Møller-Maersk recovered from last summer’s NotPetya ransomware attack.
  3. The U.K.’s Department for Digital, Culture, Media and Sport said operators of “essential services” — including energy, health, and transport — stand to face fines of up to £17 million if they fail to meet new cybersecurity requirements.
  4. Intel reportedly told Chinese tech companies about the serious security flaws in its microprocessors before it informed the U.S. government. (Subscription required.)
  5. That $530 million theft of bitcoin from the Coincheck exchange was a result of a hack. Remarkably, the exchanges that trade cryptocurrencies get hacked because they run on networks that are not secure.
  6. Speaking of cryptocurrency: The Smominru botnet has reportedly taken over more than 500,000 machines around the world and is using them to mine Monero. Windows servers make up a large number of nodes targeted by the botnet because they’re typically always on, providing a continuous, lucrative stream of Monero. The botnet is said to be powered by EternalBlue.
  7. Facebook hired its first head of cybersecurity policy, Nathaniel Gleicher, who held a similar role in the Obama White House.
  8. Cheap. Sloppy. Effective. This is how Toronto University’s Citizen Lab describes a group of hackers it hints are connected to China. The group ran a phishing scam to spy on the Tibetan community in South and Southeast Asia for 19 months. The Citizen Lab says the group was successful despite spending only about $1,000 and demonstrating amateurish admin skills.
  9. Suzette Kent, a financial services industry veteran, is the Trump Administration’s nominee for the role of federal Chief Information Officer. Kent’s pithy official title would be administrator of the Office of Electronic Government in the Office of Management and Budget.
  10. The need is great for a shared government-industry approach to cybersecurity, says U.S. Department of Homeland Security Secretary Kirstjen Nielsen. “Your risk is now my risk and my risk is yours,” Nielsen said in a speech at the Woodrow Wilson Center in Washington, D.C., on Jan. 29.

And another thing…

Football pitches (a.k.a. soccer fields) are green. Locusts love green. That’s a problem for Russia as it gets ready to host the World Cup. The fear is swarms of locusts will attack the grassy fields during matches.

Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.