F5 BIG-IP devices under attack, a proposed settlement on a Clearview AI lawsuit and Colonial Pipeline may be fined.
Welcome to Cyber Security Today. It’s Wednesday May 11th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Last Friday I reported that a serious vulnerability had been found in F5 Network’s BIG-IP network security devices that need patching. This week security researchers said threat actors are already trying to exploit appliances that aren’t fixed and are open to the internet. According to researchers at Randori, hackers can gain access to devices by bypassing authentication processes if their management interfaces are publicly available. Usually that’s not the way these devices are set up. However, administrators of BIG-IP devices should install the patch and make sure these devices aren’t open to the internet.
The European Union has formally accused Russia of an unprovoked cyberattack on Viasat’s internet satellite network an hour before its invasion of Ukraine. The malware damaged thousand of modems used by subscribers in a number of countries, including Ukraine. This unacceptable cyberattack is yet another example of Russia’s continued pattern of irresponsible behaviour in cyberspace, the EU said. It also demanded Russia stop the war.
Companies in the United States won’t be able to buy access to the database of billions of faces collected by facial recognition software provider Clearview AI. That’s according to a proposed settlement with civic groups including the American Civil Liberties Union. They sued Clearview AI for allegedly violating the state’s Biometric Information Privacy Act. Also as part of the proposed settlement Clearview won’t be able to sell access to it’s facial recognition service to any entity in Illinois for five years, including police forces. Clearview AI has been criticized around the world for scraping images of people from the internet and using them in its facial recognition software. Privacy commissioners in Canada have ruled collecting images without consent violates Canadian privacy laws. Clearview AI is fighting that ruling in court. The Illinois settlement, if approved by a court, would still allow Clearview to sell is facial recognition service to American police forces outside Illinois.
Also in Illinois, Lincoln College said it will close this Friday, the result of the combined impact of the pandemic and a cyberattack. The pandemic cut recruitment, fundraising and enrollment. The college then had to spend heavily on technology. Then in December a ransomware attack shut IT systems needed for student recruitment, retention and fundraising. When systems were restored in March projections showed enrollment would be so low in the fall the college didn’t have enough money to survive.
A detailed incident response plan covering all possibilities is essential for surviving a cyber attack. The American oil company Colonial Pipeline had one, but it wasn’t as prepared as it thought it was for last year’s ransomware attack. Now it faces the possibility of an $850,000 fine. That’s what the U.S. Department of Transportation wants to levy because Colonial didn’t have a plan for dealing with a loss of internal email or voice communications for manually running the pipeline. As a result, after it had to shut the IT systems because of the cyberattack Colonial wasn’t prepared to manually restart operation of the pipeline. American regulations require pipeline companies to have a tested and verified internal communications plan.
Nokia is opening a cybersecurity testing lab in Dallas to learn ways of preventing attacks on 5G networks, software and hardware. The knowledge will be used by Nokia telecom equipment, enterprise and government customers. In Canada, Bell and Telus are Nokia 5G customers. In the U.S. carriers include Verizon and AT&T.
Finally, yesterday was the monthly Patch Tuesday for Microsoft, Adobe and other software manufacturers. Make sure your systems have the latest security updates. One of the Windows patches covers a Network File System vulnerability that touches all Windows servers. Another fixes a vulnerability in Windows Server 2008 for x64-based systems running Service Pack 2. Adobe issued patches for Framemaker, InCopy, InDesign and ColdFusion. SAP released 17 new and updated SAP Security Notes, including four HotNews notes and two High Priority notes.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.