In today’s episode, we discuss the White House’s call for critical cybersecurity assistance for sectors like healthcare and water utilities (https://www.cybersecuritydive.com/news/white-house-seeks-critical-cyber-assistance-for-water-utilities-healthcare/716942/), analyze the compromise of JAVS Viewer software by loader malware (https://www.helpnetsecurity.com/2024/05/23/javs-viewer-malware/), and explore how rising cyberattacks are driving the growth of the cybersecurity industry, affecting companies like AWS, Cisco, and CrowdStrike (https://www.cybersecuritydive.com/news/attacks-fuel-cyber-business/716782/).
Full Coker Speech: https://www.youtube.com/watch?v=1yR3kfajhk0
00:00 Introduction to the Cybersecurity Boom
01:04 The Economics of Cybersecurity
03:22 National Cyber Director’s Keynote Highlights
04:14 The Cost of Cybersecurity Measures
05:19 Teenagers in Cybercrime: A Growing Concern
06:13 JAVS Viewer Malware: What You Need to Know
07:50 Conclusion and Call to Action
Tags: Harry Coker Jr, healthcare, water utilities, ransomware, National Cyber Director, critical infrastructure, cyber threats, innovative strategies, cybersecurity, administration initiatives, Lapsus, teenage cybercrime, JAVS, recording software, loader malware, security risks, courtrooms, prisons, compromised software, cybersecurity vendors, digital threat landscape, market complexity
Search Phrases: Initiatives by Harry Coker Jr in cybersecurity Healthcare cyber threat protection strategies Water utilities ransomware defense National Cyber Director’s speech on cyber threats Administration measures against teenage cybercrime Compromised JAVS software security risks Immediate actions for JAVS Viewer users Cybersecurity vendors’ role in digital threat evolution Increasing complexity in the cybersecurity market Global spending on cybersecurity in 2023
May24
Cyber attacks are propelling the cybersecurity industry to new Heights with global spending on security projected to hit in astonishing. $215 billion this year.
How are cybersecurity vendors adapting to the constant evolution of cyber threats while also contributing to increased complexity in the market?
National cyber director, Harry Coker Jr.
Announced a sweeping initiative to fortify healthcare and water utilities against cyber threats.
Highlighting a commitment to strengthen America’s critical infrastructure. At a keynote speech on Wednesday. What measures is the administration taking to deter teenagers from join me, joining cyber criminal groups. Like Lapsis.
Threat researchers have discovered that legitimate recording software from JAVS has been compromised with loader malware directly from the developers own site.
If you’re using the jabs viewer, what actions can you take?
If you suspect your version has been compromised.
You’re listening to the daily decrypt.
The cybersecurity industry is thriving.
Thanks to the rise in cyber attacks.
Now this makes sense. Supply and demand is the foundation of capitalism.
And cyber attacks are on the rise. So of course, cybersecurity is booming, but this reminds me sort of eerily of the show fallout, which is on Amazon prime, highly recommend one of my favorite TV shows of all time.
But go ahead and skip the next 15 seconds if you don’t want any spoilers, but.
One of the most fascinating aspects of that show is how.
Valtech the maker of these volts.
Was one of the top companies in the country.
Because one, they preyed on citizens, fear of a nuclear war. So they made these vaults.
To keep people safe in the impending nuclear bomb drop. But in order to stay on top in order to stay.
Relevant.
They needed that nuke to drop.
And I don’t think we’re at that point yet with cybersecurity, I believe.
The volume of cyber attacks is enough to sustain a $200 billion industry. But who knows what will happen in 10, 20, 30 years, maybe in order to stay relevant.
Defender’s need to start attacking.
To keep that fear alive. I really hope not, but.
That is the foundation of capitalism.
So as mentioned, the global spending on security and risk management is projected to reach $215 billion this year, which is a 30% increase.
From $165 billion in 2022.
Brendan whales of the cybersecurity and infrastructure security agency or SISA.
Talks about how this multi-billion dollar cyber security industry. Exists solely because the multi-billion dollar technology industry is insecure. So as the technology industry, booms naturally cybersecurity will boom, along with it.
Alan Liska from recorded future criticizes, the industry for creating unnecessary complexity.
And he emphasizes that the industry is currently pushing to sell expensive solutions.
Over simpler, more effective ones.
So this all just begs the question. If a company.
Is faced with the opportunity to end cyber risk.
To stop all attacks from happening.
Or to create a product that will do this. Will they. Or will they continue to confuse and complicate. In order to make more and more money.
National cyber director, Harry Coker Jr. Announced new actions to bolster key sectors like healthcare and water utilities.
As well as combating ransomware and enhancing resilience.
During a keynote speech at Auburn university’s Macquarie Institute on Wednesday.
In partnership with the department of health and human services.
Their aim is to raise cybersecurity standards for hospitals, as well as seek additional aid for small, rural and critical care facilities.
The EPA or environmental protection agency will provide more technical assistance to public water systems. The department of agriculture will invest in a program to. Integrate cyber security into rural water utilities.
They’ve also proposed a budget to president Biden. That includes $12 million for HHS cybersecurity capacity.
$25 million for sector risk management.
And $25 million for a cyber grant for water utilities.
And that makes me think of an Instagram real I watched yesterday. Where.
It showed a video of United States, military members firing different.
Weapons systems from. The 2, 4, 9, 2 rocket launchers to 50 Cal machine guns off the side of a helicopter. And as each bullet or round fired.
There was a cost calculator in the top left that showing how much it costs to fire these weapons. And all of these videos were taken during training.
And like one of those rockets just to fire at once costs like $19 million, just one rocket.
So, yeah, $25 million to one person is a lot of money, but to the entire country’s water agency.
That’s no money that will not help at all. That’ll get them a $10 a month subscription.
To some off the shelf service. Built by AI. So we got to get that up. All right. I like the intent, but we got to get that number up.
In the keynote speech Coker also highlighted. Plans to crack down on criminal ransomware and to better understand the open source security risks.
He’s also built a partnership with the DOJ that will develop programs to deter teens from joining cyber criminal groups, like Lapsis, which recruits minors due to their short potential jail terms.
And when we think about ransomware groups like lapses, my brain doesn’t go to teenagers, but it is the perfect demographic. First of all, they feel invincible. They have good internet connections. They have lots of time.
And they’re extremely motivated by money.
Like money is status in high school.
And imagine being able to buy like a super nice car and take your friends out, maybe even charter a plane or something, take your friends somewhere.
So that is an interesting problem to solve. And I personally don’t have a solution, but let’s see what they come up with with the DOJ.
And finally. There’s a legitimate recording software called jabs viewer. That has been compromised with loader malware and served from the official developer’s website since at least April 2nd. This is according to rapid seven.
The compromised installer, which is signed by Vanguard tech limited hides malware from the gate door, Russ store, family. This malware enables unauthorized remote access data collection, and further malicious payload downloads.
If you’re running jabs, viewer version 8.3 0.7.
At this point, you have to re image all effected end points. You’ve got a reset, all credentials. And browser sessions to prevent unauthorized access.
And update to the latest version version 8.3 0.8 or higher.
Simply updating, apparently won’t completely rid your device of this malware because it had remote code execution access, and it’s probably loaded other things. So the only way to rid it is to. Uh, re image that end point, which totally sucks. And might not even be possible.
But I’ll tell you it does suck less.
Then ransomware..
If you’re unsure, if the device you’re working with. Has been compromised.
You can search for the file name F F F M peg dot exe with three F’s. Which mimics the legitimate file that this software creates called F F M peg with two F’s. If that three F file is found on the endpoint, you must re image the endpoint.
You can also check to see if the software you have installed is digitally signed. By jabs itself. If it’s signed by Vanguard tech limited, that is compromised.
This has been the Daily Decrypt. If you found your key to unlocking the digital domain, show your support with a rating on Spotify or Apple Podcasts. It truly helps us stand at the frontier of cyber news. Don’t forget to connect on Instagram or catch our episodes on YouTube. Until next time, keep your data safe and your curiosity alive.