Is North Korea Really Responsible for the WannaCry Malware Attack?

northkorea-wannacry

According to some of the top cybersecurity researchers, like Symantec, Kaspersky Lab and Google, there seems to be some technical evidence that the WannaCry malware attack that is infecting and wrecking havoc on more than 300,000 computers in over 150 countries, has a connection to the North Korean-run hacking operation known as the Lazarus Group.

The Lazarus Group, which has widely been regarded as a Korean nation-state hacking group, that has been blamed for a recent string of bank heists and well as the 2014 Sony hack.

First Links To Suspicion

Speculation of a possible North Korea connection went live today after Google researcher Neel Mehta posted a cryptic tweet showing similar code elements of the two pieces of malware, with the hashtag #WannaCryptAttribution, and researcher Matthiu Suiche then tweeted a screenshot of the two code families, saying, “Similitude between #WannaCry and Contopee from Lazarus Group ! thx @neelmehta – Is DPRK behind #WannaCry ?”

After the intriguing tweets, Kaspersky Lab late today posted a blog outlining the similarities between the WannaCry and Lazarus Group code. They confirmed that the February ransomware variant is a precursor to the WannaCry attacks this month. “It shares the same the list file extension targets for encryption but, in the May 2017 versions, more extensions were added,” they wrote.
“Neel Mehta’s discovery is the most significant clue to date regarding the origins of Wannacry,” Kaspersky researchers wrote. But they say more research is necessary to more definitively connect any dots.

Source: Researchers Investigate Possible Connection Between WannaCry and North Korean Hacker Group

reuters-wannacry-howitworks-xl

The Link? Shared Computer Code

Apparently, a variant of WannaCry found in February shared some computer code with a hacking tool the Lazarus group used in 2015.

“For now, more research is required into older versions of Wannacry,” Kaspersky Lab said in a blog post. “We believe this might hold the key to solve some of the mysteries around this attack.”

On Monday, security firm Symantec also reported finding clues that may link WannaCry with the shadowy group. It’s found earlier versions of the ransomware on machines that have been compromised by hacking tools used by Lazarus, according to Vikram Thakur, technical director at the company.
“Shortly after these tools were found on these machines, we could see WannaCry files showing up,” he said.

 Source: The WannaCry ransomware might have a link to North Korea

 

Still Just Suspicions, No Smoking Gun…Yet.

Some experts also report that the evidence is very circumstantial. And that it’s not uncommon for tools used in other hacks or often leaked on the internet so anyone interested could also use the shared code.

A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS - THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.?
A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. Courtesy of Symantec/Handout via REUTERS ATTENTION EDITORS – THIS IMAGE WAS PROVIDED BY A THIRD PARTY. EDITORIAL USE ONLY. NO RESALES. NO ARCHIVE.?

Hackers do reuse code from other operations, so even copied lines fall well short of proof.

U.S. and European security officials told Reuters on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.

FireEye Inc (FEYE.O), another large cyber security firm, said it was also investigating a possible link.
“The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.

Source: Researchers See Possible North Korea Link To Global Cyber Attack

 

Looks like we have to wait and see if the evidence the cybersecurity researchers come up with can say definitively whether or not who was the real culprit in these attacks. You can, however, rest assured knowing that some of the best and brightest are on the case and will get to the bottom of this.

View our CyberSecurity section for more stories like this and other cybersecurity news.

 

Advertisements

New Cybersecurity Tool To Help HR Find Qualified Applicants

cybersecurity-skills-assesment-testingWhat’s going on with the CyberSecurity Industry’s talent, or lack thereof?

In today’s tech climate, not only are there 80,000 Entry-Level, Non-Sexy Tech Jobs that Undergrads Don’t Want, as we saw in yesterday’s post, but it looks like when they finally do apply the majority of applicants turn out to be unqualified.

“On average, 59 percent of enterprises get at least five applicants for each open cybersecurity position, but most of these applicants are unqualified,” the report states.

Most organizations surveyed are focused on hiring cybersecurity experts who have hands-on experience and certification rather than formal education. But, according to the report, in a newly burgeoning field, that’s hard to find.

“Almost 27 percent of respondents state that they are unable to fill open cybersecurity positions in their enterprises—with another 14 percent of respondents unaware as to whether their enterprises could fill these positions or not,” the report states.
Source: REPORT: INDUSTRY GROUP RAISES ALARM ABOUT CYBERSECURITY SKILLS GAP

Help is Available

But ISACA is looking to fix that by helping HR departments find the most qualified it pros with their certification platform, which provides a 2-hour test that will report on strength and weaknesses of a candidate as well as offer performance based online training.

“It is all virtual machines, which means in each particular lab you’re talking to a real firewall, a real DMZ, a real web server, a real database server, whatever the configuration happens to be,” Chief Innovation Officer Frank Schettini explained to Associations Now. “And they’re actually up and live up in the cloud, so it is actually a real-time lab.”
Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS

Streamlining The Process

It helps HR easily test competencies of a cybersecurity candidate as well as letting managers improve their existing IT employees.

“Now instead of going through a process of blindly hiring someone, you go through the process of having them run the skills assessment test, reading the results, and then deciding whether you want to hire the individual,” Schettini said.

“What this tool allows you to do is … know up front before you hire them what type of training investment you’re going to want to do to bring them on board,” he continued. “So the hiring process becomes much more straightforward—you know what you’re getting, you know what training program you want to set up—and the beauty of the platform is you can leverage the platform any way you want to set up that training program.”

Source: NEW TOOL LETS HR TEST APPLICANTS’ CYBERSECURITY SKILLS

Hopefully, this tool, along with a real concerted effort to teach the much-needed cybersecurity skills to the new crop of it professionals, will help us close our rather large current skills gap.

You can always come here for the latest news for IT and Telecom Professionals

IT Pros, Are These The Best Reporting Tool Vendors in 2017?

big-data-tools

IT Pros and their tools

It’s been said that the best investment is in the tools of one’s own trade and let’s face it, as an IT Professional, there are plenty of tools that are needed to do an effective job.

Tools that help you monitor the network and scan for vulnerabilities, to tools that help you manage, troubleshoot and diagnose your systems and applications.

Here’s IT Central Station’s list of the Best Reporting Tools Vendors for 2017?

Are These The Best Reporting Tools For IT Professionals in 2017

IT Central Station

Over 202,381 professionals have used IT Central Station research on enterprise tech. Their site lets it pros compare the tools based on product reviews, ratings, and comparisons. All of their reviews and ratings are from real users, validated by their triple authentication process.

 

#5 IBM Cognos

Cognos Software is IBM’s Business Intelligence and Performance Management solution, offering BI, strategy management, financial performance, and data analytics applications. Cognos caters to all levels in an organization with products designed for individuals, workgroups, departments, mid-size companies, and big enterprises.

#4 Microsoft BI

Microsoft BI is a business intelligence solution that turns data into insightful and useful business information that is relevant to all levels of the business.

Microsoft BI combines familiar Microsoft tools – Office, SharePoint, and SQL server, with extra features for end-users, such as Power View and Power Pivot. This powerful product gives businesses a competitive advantage by allowing end-users to better analyze their data, collaborate and better present their data.

#3 Oracle OBIEE

OBIEE is a multifaceted network of tools that can create a more fluid and better-integrated data flow for your business. This service is actually a platform that is made up of six individual elements, rather than a single tool with multiple features. These services include: presentation catalog, BI presentation service, BI scheduler service, BI server service,administration client, and metadata repository.

The purpose of the OBIEE is to have an entire system for all of your enterprising needs. The various tools within the suite can take your data, organize it, analyze it and then glean the pertinent information from it,sending it on to the relevant parties who can then use it for metrics, pattern analysis, and future projections. The essence of the platform is to integrate your current IT together with their tools in order to give you the overall best return on investment with minimal fiscal obligations.

#2 QlikView

QlikView is a Business Intelligence tool that allows you to keep tabs on all of your business-related information in a clean, clear, and easy to access database that is intuitive to build and simple to navigate. It is ideal for business owners who wish to improve overall output by creating the most productive system possible.

#1 Tableau

Tableau is an enterprise analytics platform that enables your organization to explore trusted data in a secure and scalable environment. It gives people access to intuitive visual analytics, interactive dashboards, and limitless ad-hoc analyses that reveal hidden opportunities and eureka moments alike. Get the security, governance, and management you require to confidently integrate Tableau into your business—on-premises or in the cloud—and deliver the power of true self-service analytics at scale.

Did your favorite make the list?

Check here for more IT Pro news

 

Could ShoreTel acquire 8×8?

shoretel-8x8

There’s an unidentified source claiming that:

8×8, a VoIP and cloud service provider focused mainly on business customers, is considering selling the company amidst a growing wave of consolidation in the telecom service provider industry segment. Citing unnamed sources close to the company, Reuters reported that 8×8 has been consulting with Morgan Stanley to gauge the interest of other similar companies and private equity firms.

Report: VoIP, cloud provider 8×8 considers a possible sale | FierceTelecom

Why would ShoreTel even be interested? Well, besides the obvious,

ShoreTel and Vonage have been aggressively expanding their reach via acquisitions. In 2015, ShoreTel acquired Corvisa, a provider of cloud-based communications solutions, for $8.5 million, enhancing its unified communications capabilities.

Report: VoIP, cloud provider 8×8 considers a possible sale | FierceTelecom

With Vonage being just as aggressive, I’m sure they would also like an opportunity to do the same, assuming the claim is true. They’ve purchased four companies themselves, Nexmo, iCore, SimpleSignal and Telesphere.

Visit us here for more on ShorTel business phone equipment and  news

 

ShoreTel Looking to Recover Now that It Is Oversold, Can It?

shortel-nasdaq-oversold

There is now some hope and optimism that ShoreTel (SHOR) . Over the last 60 days it has been on an upward trend.

The reason is that ShoreTel’s RSI reading is 28.49. What is RSI?

According to NASDAQ.com

RSI stands for ‘Relative Strength Index’ and it is a popular indicator used by technically focused investors. It compares the average of gains in days that closed up to the average of losses in days that closed down; readings above 70 suggest an asset is overbought, while an RSI below 30 suggests undervalued conditions are present.

 

SHORETEL-rsi-marketvolume_
Source: http://www.marketvolume.com

 

That alone would suggest that there is light at the end of that tunnel. But couple that with a #1 Zack Rank and now things are starting to look much more positive for SHOR

If this wasn’t enough, ShoreTel also has a Zacks Rank #1 (Strong Buy) which puts it into rare company among its peers. So, given all of these factors, investors may want to consider getting in on this stock now (or holding on), as there are some favorable trends that could bubble up for this stock before long.

Source: ShoreTel (SHOR) is Oversold: Can It Recover?

Visit us here for more information on Shoretel Business Phones

Cisco Welcomes The House Passage of the Email Privacy Act

cisco-email-act

The House of Representatives unanimously passed the Email Privacy Act, a bill that would reform ECPA ( Electronic Communications Privacy Act) were it to become law on Monday evening.

What is the ECPA and why does it need to be reformed?

In the beginning, ECPA protected Americans’ e-mail from warrantless surveillance — despite ECPA allowing the government to access e-mail without a court warrant if it was six months or older and stored on a third-party’s server. The tech world now refers to these servers as “the cloud,” and others just think of Hotmail, Yahoo Mail, Facebook and Gmail.

ECPA was adopted at a time when e-mail, for example, wasn’t stored on servers for a long time. Instead, e-mail was held there briefly before recipients downloaded it to their inbox on software running on their own computer.

During the Reagan administration, e-mail more than six months old was assumed abandoned, and that’s why the law allowed the government to get it without a warrant. At the time, there wasn’t much of any e-mail for the authorities to acquire because a consumer’s hard drive — not the cloud — hosted their inbox.

Source: Aging ‘Privacy’ Law Leaves Cloud E-Mail Open to Cops

 

Now with the Email Privacy Act passed it should help to reform the most outdated elements of the ECPA.

In particular, it would newly require government agencies to obtain a warrant before seizing a criminal suspect’s online communications that are more than 180 days old. Under the ECPA’s existing logic, those older communications are considered abandoned, and thus not subject to a reasonable expectation of privacy.

Source: Passing the Email Privacy Act Has Never Been More Urgent

Basically

The legislation would require authorities such as the U.S. Department of Justice and Securities and Exchange Commission to obtain a search warrant to access emails, data in cloud storage and other digital communications more than 180 days old.[4][5]

Under current law—the Electronic Communications Privacy Act (ECPA) of 1986—authorities can obtain such data by issuing an administrative subpoena to an Internet service provider, without the need to obtain judicial approval.[4][5][6] The Congressional Research Service reported in 2015 that: “In recent years, ECPA has faced increased criticism from both the tech and privacy communities that it has outlived its usefulness in the digital era and does not provide adequate privacy safeguards for individuals’ electronic communications. In light of these concerns, various reform bills have been introduced in the past several Congresses…”[7]

The Email Privacy Act would codify as federal law the decision of the United States Court of Appeals for the Sixth Circuit in United States v. Warshak (2010). In that case, the Sixth Circuit held that the Fourth Amendment to the United States Constitution requires that the government obtain a warrant before accessing emails stored online (e.g., in the cloud).[6][8][9] The Warshak ruling currently applies only to the Sixth Circuit; the Email Privacy Act would extend its rule nationwide.[6][8]

Source: Wikiepedia Email Privacy Act

Cisco-Logo

 

Cisco is firmly behind the Email Privacy Act and has stated publicly that they have

..long supported updating the Electronic Communications Privacy Act (ECPA) to better protect customer data and communications stored with third-party providers against unwarranted searches and seizures. We, therefore, applaud the unanimous voice vote in the U.S. House of Representatives to pass the Email Privacy Act (H.R. 387) introduced by Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO).

This bipartisan legislation would require the government to obtain a probable cause warrant before demanding access to customer data in the cloud. We firmly believe that data stored in the cloud must receive equivalent legal protections against search and seizure to those accorded physical papers and electronic data stored on premises.

Source: Cisco Applauds Unanimous House Vote Passing Email Privacy Act

Today the house took a major step forward. Technology has made incredible advances over the years and it was about time the privacy laws catch up.

For more Telecommunications News click here.

Telecommunications Operators Get Customized Voice-Activated Digital Assistant from Nokia

telco-operators-voice-assistant

Engineers and telecom operators will soon have access to a digital voice assistant that was built specifically for them. Think of it just like you would Amazon’s Alexa, Microsoft’s Cortana or Apple’s Siri, except it’s strictly for the telecommunications industry.

Introducing the “Multi-purpose Intuitive Knowledge Assistant”, or “MIKA” for short, developed by Nokia.

Nokia has created a customized ‘digital assistant’ that will improve telecom operators’ efficiency by providing engineers faster access to critical information. ‘MIKA’ – powered by the Nokia AVA cognitive services platform and underpinned by Nokia’s services expertise – will provide voice-dictated automated assistance to reduce time spent searching information resources, enabling operators to focus on key business tasks without being distracted by the complexities of multi-technology network environments.

SourceNokia launches MIKA – the first digital assistant customized for telecommunications operators

nokia_mika

MIKA will help engineers and telecom operators access specific information and look up quick solutions to telecom-related problems, all based on the AI-driven network experience, and all done simply through voice commands.

Finding the right information is a daily challenge for telco engineers tasked with boosting network quality. MIKA taps into the power of the Nokia AVA platform to provide quick and accurate answers, avoiding time wasted on fruitless searches. MIKA is customized to support the specific needs of telecoms, and can deliver recommendations based on experience from networks around the world

  • MIKA – ‘Multi-purpose Intuitive Knowledge Assistant’ – aids engineers’ efficiency by providing voice-activated access to information
  • Powered by Nokia AVA platform, MIKA provides augmented intelligence and automated learning to access best practice
  • Nokia also introduces Predictive Repair, a Nokia AVA-powered service that forecasts potential hardware failures up to 14 days in advance

SourceNokia launches MIKA – the first digital assistant customized for telecommunications operators

One of the coolest things about MIKA is that it is supposed to be able to foresee network faults up to two weeks in advance with 95 percent accuracy, through the Predictive Repair service.

The MIKA is currently only available for telecom engineers, we’ll have to wait and see if they provide something for the general public.

If your headed to the Mobile World Congress, be on the look out, you might get to see it in action.

Visit us here for for more Telecommunications, Media and Technology News,

Cisco Leading The Digital Transformation in Healthcare

healthcare-it

The advances in technology are all around us.

We have mobile devices phones that have replaced and combined everything from your phone, computer, web browser, email and music player, to self-driving cars and drones dropping off your online order minutes after you order.

But there are still a few areas it seems technology is having a hard time breaking through to.

Those are usually the tried and true mega institutions that have been around for a long time, have a long history and find it hard to turn over their tried and true method to some “new” tech, that may bring it all crashing down around them. Which seldom ever happens, but that’s their fear anyway.

Those behemoths were technology is slow to make progress are your government agencies, your education systems and of course the healthcare industry.

Cisco is actually helping to lead the way in that last category. Recently Cisco has teamed up with Pure Storage to revolutionize the world of data storage.

Cisco is excited to announce that we’ve teamed up with partner Pure Storage to revolutionize the world of data storage. FlashStack combines Cisco UCS with industry-leading flash storage in one powerful package. This is especially good news for for customers of Epic, the leading EHR software vendor in the U.S., because FlashStack is Epic-compliant. It meets – or exceeds – Epic hardware specifications.

When customers build Epic on FlashStack, they get an instantly upgradable platform for Epic deployment. Additional capacity and capabilities can be added seamlessly in minutes, with no need for rip-and-replace upgrades. A simple, unified management interface gives the IT team the ability to manage UCS and Pure Storage resources using familiar Cisco management tools and processes.

FlashStack gives facilities the ability to scale on-demand, drive always-on high performance for Epic (even under heavy use), and deploy a cloud-like infrastructure for flexible growth. In fact, FlashStack is already making waves in the industry. One early adopter achieved a 234% ROI on a VDI deployment with all-flash storage from Pure Storage.

Source: Cisco and Pure Storage Announce Data Storage Solution

 

Cisco is also looking to “Empower healthcare innovation. Simply and securely transform experiences and outcomes.” They have several healthcare offerings that can help do just that.

 

 

Check out their cool infographic they:

VaS-infographic-sat

 

They are even creating content, solutions and documents to help any healthcare facility make the switch. Here’s one they created for those getting started with telemedicine. According to the American Telemedicine Association (ATA), more than 15 million Americans receive some kind of remote medical care, and that number is only expected to grow.

Ready to join the telemedicine revolution? One key to your success is getting everyone in your organization excited and on board with your plan. Here are a few tips to overcome barriers and hesitation.

1. To get buy-in, communicate value: not only to the C-Suite but also to providers.

Consider all the stakeholders who could be affected by your plan. Be prepared to share answers to the following questions:

What are the organization’s goals with telemedicine? Is it to reduce costs, increase convenience, improve patient outcomes, reduce physician burn-out, and/or grow the business? Share details. (These are all potential benefits of telemedicine – visit the ATA to get more information.)
What ROI are you expecting as an organization in one year, five years, 10 years? Help them visualize the long-term benefits.
How will you help keep liability risks low for providers? Is your insurance policy up to date? Are there any concerns with licensing? How will you address security? Knowing these answers may help ease provider anxiety.
2. Get a champion (or a committee of champions).

Seek out providers who are enthusiastic about telemedicine and encourage them to share information with colleagues. These folks can also serve as your implementation committee once your telemedicine program is off and running.

3. Run a patient education campaign.

Study after study shows that patients want telemedicine but don’t know where to get it – or don’t know if their insurance policy covers it. Make sure they not only know it exists but also understand how to access it.

4. Have the right technology – or a plan to acquire it.

Can your network handle the increased bandwidth – and is it secure? What about video quality? How will your system operate with other technology already in place? It’s critical that you ensure a smooth transition for your end users.

Source: Four ways to overcome telemedicine hesitation

Are we there yet? Nope! We are still waiting for those flying cars.

Are there still hurdles to overcome? Absolutely, but Cisco is helping get a foothold and prove to the healthcare industry that the tech works and with that, hopefully continue to pave the way. Allowing for more technology, better systems and efficiencies that can help us all.

Visit us here for more HealthCare IT news, tips and posts.

Largetst Trove of Government Secrets Ever Stolen

Over 50TB gov’t classified data stolen

Government cyber security measures are front and center again with the latest news a former NSA contractor, Harold Martin, as a Booz Allen Hamilton employee, stole the largest trove of government secrets ever.

And yes you are correct, Edward Snowden also worked as an NSA contractor AND was employed by Booz Allen Hamilton as well, but unlike Snowden, the government is tight lipped on whether or not he actually did something with the data.

Former National Security Agency contractor Harold Martin was indicted today on 20 criminal counts for stealing government documents and data in his capacity as a Booz Allen Hamilton employee, according to Reuters . Each of the 20 charges carries with it a sentence of up to 10 years.
Source: NSA contractor indicted for stealing more than 50TB of government secrets

His security clearance allowed him to steal documents from the CIA, the US Cyber Command, and the National Reconnaissance Office.

Just goes to show most major breaches, usually originate with someone with extremely close proximity.

Visit us here for more information on Government IT and Cyber Security

Avaya Files For Chapter 11 Bankruptcy, What Now?

avaya-business-phone-systems

Avaya, after much anticipation, finally made it official by filing for Chapter 11 Bankruptcy.

avaya_logo-svg

Avaya is one of the recognized leaders in providing global solutions for customer and team engagement, business phone systems, unified communications, networking and a host of other telecommunications products.

The move was made in an effort to get out from under some massive debt. According to Avaya’s CEO, Kevin Kennedy:

“We have conducted an extensive review of alternatives to address Avaya’s capital structure, and we believe pursuing a restructuring through Chapter 11 is the best path forward at this time. Reducing the company’s current debt through the Chapter 11 process will best position all of Avaya’s businesses for future success”

Source: Avaya Inc. Files for Chapter 11 Protection

Now what does that mean for all the Avaya customers and partners? According to Phil Edholm, President and Founder of PKE Consulting, which consults to end users and vendors in the communications and networking markets, the outlook is a bit cloudy, but not too gloomy:

“Considering all of this, what does the bankruptcy mean for Avaya customers? Clearly, the path forward is now very cloudy (pun intended). However, I do believe that, regardless of the bankruptcy’s outcome, the Avaya businesses will go forward in some form and customers can be assured that their investments will continue to be supported and useable.”

Source: Avaya Bankruptcy: Good or Bad for Customers?

 

In fact it looks like only the US subsidiaries will be affected and it’s business as usual for the UK and the other foreign entities.

Avaya B159 Conference Phone 700501530

Ronald Rubens, VP of Avaya’s Europe North says he actually thinks it’s a good thing and not just business as usual.

“If we hadn’t got a bankruptcy protection then that would have meant our operation was compromised.”

Source: Avaya's bankruptcy protection is a 'good thing,' says Europe North veep

Avaya is hoping this will get them back on track. John Sullivan, CFA, VP and Corporate Treasurer, Avaya Inc. actually wrote an article addressing the move and how they arrived at chapter 11.

So even though this may look like it’s deja vu all over again, I’m thinking this time around, with the Nortel history as reference, Avaya should do fairly well after all the dust has settled.

And we are wishing them all the best.