Welcome to this May edition of SSL.com’s Security Roundup. Despite the ongoing pandemic and pandemic response, there is plenty of news to report, including some fun news of our own! This month we’ll be taking a look at:
- “Secure DNS” hits Chrome 83
- New phishing attacks use fake certificate errors
- The healthcare industry is under cyberattack
- SSL.com joins the Cloud Signature Consortium
- SSL.com joins the CA Security Council
After skipping the launch of version 82 due to pandemic-related complications, Google released Chrome 83 on May 19. Much to the relief of those who had been clamoring for the change, the new browser implements DNS-over-HTTPS (DoH), which increases privacy by blocking attackers from seeing what sites users visit and helping to prevent redirection to phishing sites.
According to the Chromium Blog, in the new version of the browser “Chrome will automatically switch to DNS-over-HTTPS if your current DNS provider supports it, and provide manual configuration options for users who wish to use a specific provider.” It’s a big change for the browser and, as the blog goes on to explain, implementing it can’t yet be seamless:
Changing how DNS works is a non-trivial task. In particular, with more than 35 years of history, a lot of additional services and features have been built on top of DNS. For instance, some Internet Service Providers offer family-safe filtering via DNS. So, while we would love to have everyone benefit from Secure DNS immediately, we also know that we have to get there in a way that doesn’t break user expectations.
To that end, DoH will be disabled in some environments for the time being as a default. However, if you aren’t worried about managed environments that might not play well with DoH, users can configure Secure DNS settings to their specifications.
Like all online video conferencing software, Cisco Webex is seeing an influx of new users this year. And, unfortunately, bad actors are taking advantage of this newfound popularity with a series of tricky phishing attacks that use fake certificate warnings to steal users’ credentials.
As Bleeping Computer reports, the attackers mimic the graphics and formatting of Cisco Webex and, according to a company called “Abnormal Security” have sent emails to up to 5,000 users of the software.
The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator because of Webex Meetings SSL cert errors. Users are then requested to click on an embedded ‘Log in’ hyperlink that will allow them to sign in and unlock their accounts.
From there, the scam proceeds as you might expect, with victims being asked to login to a fraudulent website that steals that information.
The year 2020 has been full of disturbing news, and digital security is not exempt from this trend. Recently, the Cyberpeace Institute issued a letter calling for all governments to stop cyberattacks in the healthcare sector. The letter reads, in part:
Over the past weeks, we have witnessed attacks that have targeted medical facilities and organizations on the frontlines of the response to the COVID-19 pandemic. These actions have endangered human lives by impairing the ability of these critical institutions to function, slowing down the distribution of essential supplies and information, and disrupting the delivery of care to patients. With hundreds of thousands of people already perished and millions infected around the world, medical care is more important than ever.
Dishearteningly, the spread of coronavirus has led to an uptick in cyberattacks against hospitals and medical facilities, according to a report by TechRepublic that notes criminals
have exploited the coronavirus pandemic to target collaboration tools, deploy virus-related scams, and exploit old and vulnerable legacy healthcare systems. Attacks have centered around ransomware, social engineering tricks, the theft of intellectual property, and the theft of databases of healthcare employees.
According to TechRepublic’s article, a third of all data breaches currently occur in hospitals, which are vulnerable due to their sensitive, valuable data and common use of outdated security measures. In addition, ZDNet has rounded up a number of articles that explain the pandemic has only served to make the information in medical institutions more valuable, threatening their security even more.
This has been a great month for planning and organizing for a lot of people, including us. In May, SSL.com joined the Cloud Signature Consortium (CSC). For those that are unfamiliar, the Cloud Signature Consortium is a group of professional and academic organizations that have gotten together to build “a new standard for cloud-based digital signatures.”
Digital signatures are a way to ensure authenticity and integrity of electronic documents. In short, that means that they are able to confirm that documents are signed by who they say they were signed by, and that they have not been tampered with since they were signed. SSL.com has already established itself as a trusted issuer of document signing certificates, and is looking forward to future participation in developing industry standards and advancing cloud-based digital signatures with the CSC.
This month, SSL.com also joined the CA Security Council (CASC), making us an official member of this group of Certificate Authorities whose mission is to promote best-practices throughout the industry. From our press release:
More of the global workforce and commerce continues to move online every day, and knowing exactly who you are dealing with on the other end of your browser connection, software installer, signed document, or email message is at least as important as encryption for keeping sensitive information safe from cybercriminals. Through its work with the other CA members of the CASC, SSL.com hopes to promote the idea that an encrypted, identity-validated internet is a better internet.