May 2020 Security Roundup

May's Roundup includes DoH in Chrome 83, phishing, attacks on healthcare, and our memberships in the Cloud Signature Consortium and CA Security Council.

Related Content

Want to keep learning?

Subscribe to SSL.com’s newsletter, stay informed and secure.

Welcome to this May edition of SSL.com’s Security Roundup. Despite the ongoing pandemic and pandemic response, there is plenty of news to report, including some fun news of our own! This month we’ll be taking a look at:

“Secure DNS” Hits Chrome 83

After skipping the launch of version 82 due to pandemic-related complications, Google released Chrome 83 on May 19. Much to the relief of those who had been clamoring for the change, the new browser implements DNS-over-HTTPS (DoH), which increases privacy by blocking attackers from seeing what sites users visit and helping to prevent redirection to phishing sites.

According to the Chromium Blog, in the new version of the browser “Chrome will automatically switch to DNS-over-HTTPS if your current DNS provider supports it, and provide manual configuration options for users who wish to use a specific provider.” It’s a big change for the browser and, as the blog goes on to explain, implementing it can’t yet be seamless:

Changing how DNS works is a non-trivial task. In particular, with more than 35 years of history, a lot of additional services and features have been built on top of DNS. For instance, some Internet Service Providers offer family-safe filtering via DNS. So, while we would love to have everyone benefit from Secure DNS immediately, we also know that we have to get there in a way that doesn’t break user expectations.

To that end, DoH will be disabled in some environments for the time being as a default. However, if you aren’t worried about managed environments that might not play well with DoH, users can configure Secure DNS settings to their specifications.

SSL.com’s takeaway: This is a great, if not perfect, change for Chrome. We’re excited to see DNS over HTTPS as a default, and embrace the ability to configure a more rigorous implementation in the browser’s settings.

Cisco Webex Phishing Using Fake Cert Errors

Like all online video conferencing software, Cisco Webex is seeing an influx of new users this year. And, unfortunately, bad actors are taking advantage of this newfound popularity with a series of tricky phishing attacks that use fake certificate warnings to steal users’ credentials.

As Bleeping Computer reports, the attackers mimic the graphics and formatting of Cisco Webex and, according to a company called “Abnormal Security” have sent emails to up to 5,000 users of the software.

The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator because of Webex Meetings SSL cert errors. Users are then requested to click on an embedded ‘Log in’ hyperlink that will allow them to sign in and unlock their accounts.

From there, the scam proceeds as you might expect, with victims being asked to login to a fraudulent website that steals that information.

SSL.com’s takeaway: As the article points out, what makes this scam especially easy to fall for is more than just the convincing graphics. As we all have been asked to download and get up-to-speed on various software to stay in touch with work and loved ones, many of us have experienced a deluge of updates and emails from companies we know little about. This is a good reminder to stay vigilant!

Healthcare/Coronavirus Cyberattacks

The year 2020 has been full of disturbing news, and digital security is not exempt from this trend. Recently, the Cyberpeace Institute issued a letter calling for all governments to stop cyberattacks in the healthcare sector. The letter reads, in part:

Over the past weeks, we have witnessed attacks that have targeted medical facilities and organizations on the frontlines of the response to the COVID-19 pandemic. These actions have endangered human lives by impairing the ability of these critical institutions to function, slowing down the distribution of essential supplies and information, and disrupting the delivery of care to patients. With hundreds of thousands of people already perished and millions infected around the world, medical care is more important than ever.

Dishearteningly, the spread of coronavirus has led to an uptick in cyberattacks against hospitals and medical facilities, according to a report by TechRepublic that notes criminals

have exploited the coronavirus pandemic to target collaboration tools, deploy virus-related scams, and exploit old and vulnerable legacy healthcare systems. Attacks have centered around ransomware, social engineering tricks, the theft of intellectual property, and the theft of databases of healthcare employees.

According to TechRepublic’s article, a third of all data breaches currently occur in hospitals, which are vulnerable due to their sensitive, valuable data and common use of outdated security measures. In addition, ZDNet has rounded up a number of articles that explain the pandemic has only served to make the information in medical institutions more valuable, threatening their security even more.

SSL.com’s takeaway: This is a nasty trend that illustrates just how much is at stake when digital security is threatened. It also is a stark reminder that the bad guys are just that, and cannot be underestimated, even in a global crisis.

SSL.com Joins the Cloud Signature Consortium

Cloud Signature Consortium LogoThis has been a great month for planning and organizing for a lot of people, including us. In May, SSL.com joined the Cloud Signature Consortium (CSC). For those that are unfamiliar, the Cloud Signature Consortium is a group of professional and academic organizations that have gotten together to build “a new standard for cloud-based digital signatures.”

Digital signatures are a way to ensure authenticity and integrity of electronic documents. In short, that means that they are able to confirm that documents are signed by who they say they were signed by, and that they have not been tampered with since they were signed. SSL.com has already established itself as a trusted issuer of document signing certificates, and is looking forward to future participation in developing industry standards and advancing cloud-based digital signatures with the CSC.

SSL.com’s takeaway: Be on the lookout for cloud-based document signing solutions from SSL.com.

SSL.com Joins the CA Security Council

CA Security Council logoThis month, SSL.com also joined the CA Security Council (CASC), making us an official member of this group of Certificate Authorities whose mission is to promote best-practices throughout the industry. From our press release:

More of the global workforce and commerce continues to move online every day, and knowing exactly who you are dealing with on the other end of your browser connection, software installer, signed document, or email message is at least as important as encryption for keeping sensitive information safe from cybercriminals. Through its work with the other CA members of the CASC, SSL.com hopes to promote the idea that an encrypted, identity-validated internet is a better internet.

SSL.com’s takeaway: We’re honored by the opportunity to join other leading CAs in order to explore and promote best practices for digital certificates, deployment of SSL/TLS, and internet security in general.
Thank you for visiting SSL.com! If you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase.

 

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.