Cybersecurity This Month:

Healthcare sector under threat from ransomware

Ransomware grew 50 percent in just a year, according to a new report by Verizon. The Verizon Data Breach Investigations Report (DBIR) is based on the analysis of 79,000 security incidents and 1,945 confirmed data breaches, across 79 countries. Organized criminal groups were behind more than half (51 percent) of breaches, while state-affiliated groups were involved in 18 per cent.

New proposed regulations from the FCC

The Federal Communications Commission released a regulatory proposal to reverse Obama-era rules for the internet that is intended to re-establish the Federal Trade Commission as the pre-eminent regulatory agency for consumer data security and privacy. The FCC will release a notice of proposed rulemaking that will seek public comment on reversing the commission's net-neutrality order issued in 2015, which reclassified internet service providers as common-carrier utilities.

Possible SEC suits over cyber reporting

Securities and Exchange Commission has yet to lodge a formal enforcement action against a public company for failing to report cyber incidents and risks, but that could change soon, the agency’s acting enforcement chief warned, adding that she could “absolutely” envision circumstances where one would be necessary. Despite opposition this week from the telecommunications lobby, state lawmakers passed out of committee a bill intended to protect customers’ internet privacy, such as web browser history.

More Internet privacy protections

In a strong showing of bipartisanship, lawmakers Friday approved a version of HB 2200 in the House Technology and Economic Development Committee, sponsored by Rep. Drew Hansen, D-Bainbridge Island. House Majority Leader Pat Sullivan, D-Covington, said Thursday that HB 2200 will get a vote on the House floor before the end of the regular legislative session April 23. The bill was introduced to protect internet users’ web browser history in the wake of the rollback of federal privacy rules.

A spike in device searches at borders considered a “conscious strategy”

Mary Ellen Callahan, former chief privacy officer at Homeland Security, said in an email that the increase in searches is "a conscious strategy on CBP to better leverage the border search loophole," which allows border agents to search devices without a warrant. The agency says that "no court has concluded that the border search of electronic devices requires a warrant, and CBP's use of this authority has been repeatedly upheld." While the Supreme Court unanimously ruled in 2014 that generally a warrant must be obtained, the doctrine governing the bizarre, semi-stateless space at the US border allows agents to carry out warrantless device searches.

Buchanan Breach Coach

Visit Buchanan BreachCoach®, your one-stop portal for cybersecurity information and updates.

Top News

Ransomware's biggest target is the healthcare sector
Ransomware grew 50 percent in just a year, according to a new report by Verizon. The Verizon Data Breach Investigations Report (DBIR) is based on the analysis of 79,000 security incidents and 1,945 confirmed data breaches, across 79 countries.

According to the report, ransomware also grew in popularity, and by a large margin. In 2014, it was the 22nd most common malware variety. Fast-forward two years, and now it’s fifth most common. The healthcare sector is under greater threat than all others, it was also added, as 72 percent of all malware incidents targeted this sector.
Betanews on May 1, 2017

FCC poised to release plan restoring FTC as cyber regulator for internet
The Federal Communications Commission is poised to release today a regulatory proposal to reverse Obama-era rules for the internet that is intended to re-establish the Federal Trade Commission as the pre-eminent regulatory agency for consumer data security and privacy.

The FCC will release a notice of proposed rulemaking that will seek public comment on reversing the commission's net-neutrality order issued in 2015, which reclassified internet service providers as common-carrier utilities.
Inside Cybersecurity on Apr 27, 2017

SEC Suits Over Cyber Reporting Could Be On Horizon
The U.S. Securities and Exchange Commission has yet to lodge a formal enforcement action against a public company for failing to report cyber incidents and risks, but that could change soon, the agency’s acting enforcement chief warned Thursday, adding that she could “absolutely” envision circumstances where one would be necessary.
Law360 - Securities on Apr 21, 2017

Washington state House committee approves internet privacy protections
In a strong showing of bipartisanship, lawmakers Friday approved a version of HB 2200 in the House Technology and Economic Development Committee. HB 2200, sponsored by Rep. Drew Hansen, D-Bainbridge Island, passed by a vote of 15-2. One lawmaker who voted against it, Rep. Matt Manweller, R-Ellensburg, even said he opposed it because it didn’t go far enough to secure internet privacy.
Seattle Times - Home on Apr 14, 2017

US border searches of phones and laptops have almost doubled
The number of phone and laptop searches by customs officials at the US border have almost doubled in the past year. New figures released this week by the Customs and Border Protection (CBP) saw the number of device searches rise from 8,383 to 14,993 searches -- an increase of about 80 percent -- between October and March, the first six months of the agency's fiscal year.
Security Bloggers Network on Apr 13, 2017