SAN MATEO, CA, May 23, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.
- Possible weaknesses from cyber hacks discovered in global food chain “smart” technology
- Experts applaud White House progress in increasing cybersecurity
- Canada bans Chinese firms Huawei Technologies and ZTE from helping build 5G networks
- Russian hackers seem to struggle in Ukrainian assault
- Emergency directive from CISA to fix vulnerabilities found in VMware technologies
- Remote access technology being exploited as screen-sharing scams are on the rise, watchdog reports
- Illinois college to close after barrage of cyberattacks
- DOJ indicts doctor behind prolific Thanos malware
- WordPress themes discovered to have critical vulnerability that affects over 90,000 sites
- Palo Alto stocks rise more than 10% in face of supply chain concerns
Possible weaknesses from cyber hacks discovered in global food chain “smart” technology
Warnings issued from the University of Cambridge, the UK government, and the FBI have prompted agricultural giant John Deere and others to begin to re-examine some of the “smart” farming technology on offer. Automatic crop sprayers, drones used in farming, robotic harvesters, and more have all been identified as possible hacking risks. The consequences of agricultural technology being hacked or sabotaged may have dire effects on the world food supply, already strained due to COVID and the war in Ukraine. While many of these new “smart” agricultural technologies have been lauded for reducing the need for human effort in food production, when left unprotected they are more at risk for cybersabotage than previously assumed. Read more.
Experts applaud White House progress in increasing cybersecurity
Efforts by the Cybersecurity and Infrastructure Security Agency (CISA) to partner with private companies and increase cyber-awareness and security levels have been lauded by industry leaders. A year after the Biden Administration signed into effect the May 2021 executive order refocusing on cybersecurity, tech experts say that the initiative has been largely successful. CISA’s actions, as well as the launch of the Joint Cyber Defense Collaborative (JCDC) are currently being assessed for how well they seem to have met many of their initial goals. One of the directive’s most successful developments has been a push for software suppliers to increase their own standards for supply chain security. Read more.
Canada bans Chinese firms Huawei Technologies and ZTE from helping build 5G networks
Canadian Prime Minister Justin Trudeau has announced that Chinese firms Huawei Technologies and ZTE will not be allowed to participate in the construction of a Canadian 5G network. At a press conference, the Prime Minister said that more must be done to focus on national cybersecurity. The decision to exclude these two technology giants from construction was criticized by a spokesman from the Chinese Foreign Ministry Wang Wenbin, who said, “This move violates the market economy principle and free-trade rules and severely harms the Chinese companies’ legitimate rights and interests.” Canada’s newly-announced 5G policy may face scrutiny from the World Trade Organization. Read more.
Russian hackers seem to struggle in Ukrainian assault
Hacktivist groups have continued to target Russian state programming, resulting in the temporary unavailability of RuTube, the Russian iteration of YouTube for some time. The online TV schedule page for the Russian Victory Day Military Parade in Moscow on May 9th was also hacked, causing consternation. Despite CISA’s rare “Shields Up” alert that was issued at the start of Russia’s Ukrainian invasion, warning of a possible onslaught of cyberattacks from Russia’s dreaded hacking groups, experts report that it is in fact Russian cyber defenses that seem to be being breached most successfully at the moment from a variety of sources. Read more.
Emergency directive from CISA to fix vulnerabilities found in VMware technologies
On Wednesday US cybersecurity officials discovered a key vulnerability in a software used by scores of federal civilian agencies. The software, which is made by California group VMware, reportedly contains a weak point that CISA announces is “likely” to be exploited by foreign government actors and can allow hackers remote access to secured files. The government agency CISA used emergency authority to compel all federal civilian agencies (not including the Pentagon, which is not under its jurisdiction) to fix the software weakness within 5 days. This emergency power has been used 10 previous times by the agency, including as a response to the infamous SolarWinds hack. Read more.
Remote access technology being exploited as screen-sharing scams are on the rise, watchdog reports
The Financial Conduct Authority (FCA) has issued a report warning of a drastic increase of a new kind of cyber weakness known as “screen-sharing scams.” Hackers, often posing as financial advisors, investment opportunities, or more, will request video conferences with potential victims and ask that they “share their screen.” New technologies then allow hackers remote access to their device, which can then be implanted with bugs and other dangerous malware. Most of these scams are directed towards gaining access towards bank accounts and other sensitive financial information. The FCA reports the number of screen-sharing scams that have been reported has risen by a whopping 86% in just the past 6 months. Read more.
Illinois college to close after barrage of cyberattacks
Lincoln College, which broke ground in 1865 in the state of Illinois as a predominantly Black educational institution, has been forced to close after enduring a barrage of cyberattacks. The school is the first US institution of higher learning to close due to cybercrime, although the Baltimore public school district was also recently forced to pay $10 million after a similar ransomware attack on its systems. The college reported the closure on its website saying that while the institution survived the Spanish flu, the Great Depression, and both World Wars, the combination of COVID-19 as well as a devastating ransomware attack in December that crippled its admissions process led to an unsustainable financial picture. Read more.
DOJ indicts doctor behind prolific Thanos malware
The Department of Justice announced criminal charges on Monday against Moises Luis Zagala Gonzalez, a 55 year old cardiologist. The Venezuelan doctor is accused of being the criminal mastermind behind the Thanos malware, which was popular with Russian cybercriminals and Iranian state-supported hackers. According to the DOJ’s press release, Dr. Gonzalez turned to online forums in 2019 to market his invention, a ransomware builder designed to help cybercriminals build their own ransomware technology more easily. Like helpful tech platforms Squarespace or more, “Thanos”, as his invention was called, was a subscription-based model meant to be used as a template. Only this technology was marketed on the dark web, so as to help cybercriminals build their own custom ransomware platforms. Read more.
WordPress themes discovered to have critical vulnerability that affects over 90,000 sites
Threat intelligence researcher Ramuel Gall discovered a key vulnerability in popular WordPress themes Jupiter and JupiterX that allows remote takeover and administrative access to hackers. The flaw, which was tracked to plugin CVE-2022-1654, is required to be installed on the themes and has been labeled a “critical vulnerability.” Jupiter Theme 6.10.1 and earlier, as well as JupiterX Core Plugin 2.0.7 or earlier were affected, leaving approximately 90,000 WordPress sites vulnerable to complete takeover by hackers. The developer has announced patched versions are now available of both plugins, which should remedy the weakness. Researchers recommend immediate update of these WordPress systems, and more. Read more.
Palo Alto stocks rise more than 10% in face of supply chain concerns
Cybersecurity company Palo Alto Networks has seen its stock soar upwards more than 10%, an unprecedented amount for the current market status. The cybersecurity company has outdone Wall Street expectations by far in an extended session on Thursday. After the last increase, analysts were expecting to land at $7.29 a share on revenue of $5.46 billion and billings of $6.82 billion. The shares currently sit however at $7.46 a share, an increase of adjusted earnings off of $7.43 previously. Revenue currently sits at $5.5 billion and billings of $7.14 billion. Executives attribute the steep rise to steady demand for cybersecurity products, even in the face of supply chain issues that have wracked the national economy. Read more.