Computer security

The Global Cyberattack And The Need To Revisit Health Care Cybersecurity

National Health Service (NHS) ambulance outside of Waterloo Station, London.

Last week’s global cyberattack garnered wide media attention, as it spread across nearly 150 countries. Among its primary victims was the United Kingdom’s National Health Service system, causing massive shutdowns and inconveniences to the country’s health care infrastructure. Though certainly not the only internationally scaled cybersecurity threat in recent years, this attack’s consequential impacts should serve as a stark reminder of the significant vulnerabilities within the intersection of technology and medicine.

Accordingly, experts need to revisit a few areas of concern in the health care industry which may be conducive to increased cybersecurity threats in the coming years.

Hospital/Health Care Systems

The Department of Health and Human Service’s Office of Civil Rights, which oversees the enforcement of patient privacy laws such as HIPAA (Health Information Portability and Accountability Act), contends “that [the] personal health data of 30 million Americans has been compromised since 2009.” With the advent of electronic medical records and digital systems to store patient data, hospitals have become critically dependent on electronic media to provide patient care, and have thus become ripe targets for hackers which seek to extort or cripple large health care systems. Similar to the UK’s current crisis, extortionists often encrypt vital system and patient files, making it impossible to move forward with treatment or patient care. While some hackers cyber security seek payment prior to releasing the files, far larger concerns emerge when patient data itself is stolen, giving access to vital information about an individual’s health care records and overall biography. The potential misuse to this data is limitless, as medical records and specific patient files can fetch up to $500 to $1200 (per record) in unregulated forums.

https://upload.wikimedia.org/wikipedia/en/1/18/Wana_Decrypt0r_screenshot.png

Medical Devices

Revolutionary innovations in health care such as pacemakers, insulin pumps, and other medical implant devices have made it easy for patients to seek personalized and convenient care. However, many of these devices have…

Cybersecurity firm Crowdstrike raises $100 million at more than $1 billion valuation

CrowdStrike, the cybersecurity firm that burst onto the national scene during the U.S. election season last year when it became the first to pin a data breach at the Democratic National Committee on Russia, said on Wednesday that it has closed a $100 million funding round at a valuation exceeding $1 billion.

The new round has propelled the firm into the rarified ranks of the “unicorn” club, the group of startups valued at a billion dollars or more. The company has raised $256 million to date.

The latest fundraising was led by Accel, a venture capital firm based in Palo Alto, Calif. that also participated in two of CrowdStrike’s earlier funding rounds. Joining the latest round were new investors March Capital Partners, a year-old VC firm based in Santa Monica, Calif., and Telstra, Australia’s biggest telecom company and an early CrowdStrike customer, as well as existing investors CapitalG (formerly Google Capital) and Warburg Pincus.

Founded six years ago, CrowdStrike has made a name for itself investigating some of the world’s biggest data breaches and calling out nation-state sponsored hacker groups in the process. The startup helped build a case that North Korea digitally pummeled Sony Pictures in 2014, that China orchestrated a ransacking of the U.S. Office of Personnel Management in 2015, and that Russian intelligence agencies masterminded the DNC breach last year.

George Kurtz, CrowdStrike’s cofounder and CEO, told Fortune that he’s pushing a “cloud-first” model for security, meaning that customers subscribe to install lightweight software agents on computers that…

Ransomware attacks on hospitals could eventually kill someone

According to a statement by Britain's National Health Service, several hospitals across England have been hit by a large-scale ransomware cyber attack, causing failures to computer systems.
According to a statement by Britain’s National Health Service, several hospitals across England have been hit by a large-scale ransomware cyber attack, causing failures to computer systems.

The ransomware attacks spreading across at least 99 countries on Friday are the type of attack that could one day kill someone.

That sounds like hyperbole, but this attack froze and disrupted computers inside many National Health Service hospitals in the United Kingdom, and it’s not hard to see how an attack on hospital computer systems affects patient care or, at the very least, forces patients in need to find help elsewhere as hospital staff scramble to get vital systems back online. That type of disruption, combined with a person faced with a life-threatening condition, has the potential to result in the loss of life.

Cybersecurity experts have long used the phrase “where bits and bytes meet flesh and blood,” which signifies a cyberattack in which someone is physically harmed.

There’s no indication that someone was harmed on Friday as a result of this particular attack. But UK hospitals were forced to redirect patients from affected hospitals after a ransomeware virus spread through hospital computers, locking them down and demanding bitcoin payment in exchange for the return of the information contained in those computers.

Staff also asked that patients not come in unless they were experiencing an emergency. Some hospital staff couldn’t access patient records, and others had to…

FinalCode Predicts New Security Challenges for 2017

While most IT security professionals are well aware of the nature of cyber threats, many lack the predictive insights to pre-emptively do anything about new threats. Addressing that issue usually means turning to vendors who have proven expertise in the infosec domain. Case in point is San Jose based FinalCode, a company that specializes in bringing ease of use to securing data files. FinalCode has done extensive research into the nature of cyber threats and has some relevant predictions as to what may happen in 2017.

FinalCode board member Makoto Mizuyama said “We saw a constant stream of breaches in 2016 ranging from the embarrassing, such as the exposure of email addresses, to the ominous, such as IoT-based distributed denial of service attacks, to the manipulative, such as Russian hacking during the presidential campaign. The year’s bad news was capped in December with the announcement that one billion Yahoo accounts have been compromised.”

While those events are well documented, it may only be an indication of what is to come in the future, and that is where FinalCode is attempting to make an impact on the InfoSec market. For FinalCode, achieving that impact comes in the form of educating infosec professionals and by providing the tools to protect data. FinalCode is making it well known that rising challenges are facing those charged with protecting data. First and foremost, the company is warning the industry about the impact that the disappearance of the enterprise perimeter is having. Mizuyama said “The growth of cloud and mobile computing and the disappearance of the enterprise perimeter is exposing data to a rapidly growing attack surface. The opportunities for data exfiltration by attackers or accidental exposure also are growing along with it. As data becomes more mobile, organizations must separate file security from…

Did Russia Hack Macron? The Evidence Is Far From Conclusive

Meth Smokers Tried To Enter NSA HQ With Guns, Drugs And A Grenade, Government Claims

Leader of ‘En Marche !’ Emmanuel Macron addresses supporters after winning the French Presidential Election. Macron’s campaign was the subject of a hack, leading to a leak of 9GB of email data. (Photo by David Ramos/Getty Images)

It looks like Russia, it smells like Russia, so it’s probably Russia. So goes the current line of thinking in the security community as it tries to figure out who leaked reams of files pilfered from the campaign staff of the incoming French President Emmanuel Macron.

Take, for instance, FireEye, the cybersecurity firm credited with first identifying Democratic National Committee hackers known as APT28 and Fancy Bear as a Russian operation; that crew is now the number one suspect in the Macron attack, which saw data leaked Friday, just two days before the second round of the French election.

FireEye, as others have surmised, said the links between APT28 and the Macron hit are largely based on “TTPs” – tactics, techniques and procedures. The Macron attackers – from their phishing attempts to the public dissemination of data partly aided by Wikileaks’ Twitter account – used many of the same TTPs associated with previous APT28 activity, said FireEye’s head of cyberespionage intelligence John Hultqvist.

There were also two IP addresses both hosted in Europe, which served up phishing sites targeted at Macron’s En Marche campaign: onedrive-en-marche.fr and mail-en-marche.fr. Those sites, set up in March and April, were originally attributed by Trend Micro to Fancy Bear (which it dubbed Pawn Storm) before the leaks.

But Hultqvist could only say the attack was “probably” carried out by APT28, a group the U.S. government claimed was run out of the Kremlin’s…

Group Accused Of DNC Hack Also Targeted Firm Formerly Known As Blackwater: Report

WASHINGTON ― A cyber-espionage group that targeted political parties during U.S. and French elections also launched a phishing campaign against Academi, the private military firm formerly known as Blackwater, a new report says.

Pawn Storm, a hacking group also known as Fancy Bear, targeted Academi on April 24, 2014, according to a report released Tuesday by the cybersecurity firm Trend Micro. Crowdstrike, another security firm, has said Fancy Bear is believed to be “closely linked“ to Russian intelligence services.

The Trend Micro report does not indicate whether Pawn Storm succeeded in stealing information from Academi during the phishing attack. Academi did not respond to multiple requests for comment for this story.

Academi is the latest incarnation of Blackwater, a private military contractor founded by Erik Prince in 1997. Blackwater gained notoriety in 2007 when its employees shot at and killed more than a dozen civilians in Baghdad while escorting a U.S. convoy. As part of an attempt to clean up its image, Blackwater was renamed “Xe Services” two years later. Prince sold the company in 2010 and the new owners gave it yet another name: “Academi.”

Prince, whose sister, Betsy DeVos, is President Donald Trump’s secretary of education, has been in the news lately because of his ties to the Trump campaign. Last July, he recommended to senior Trump adviser Steve Bannon that the Trump administration replicate a Vietnam War-era CIA assassination program to be used against the militant group known as the Islamic State. In January, Prince reportedly acted as…