Security in the News

I have many friends who work in the Nursing Home and Rehabilitation field. When I ask them about what type of screening they go through when looking to add new medical devices to their organization they usually give me a blank stare.

Since I look at the world from a Cyber Security perspective, I am amazed that people would put devices in their company without looking into not only what the product does but what kind of security exposure it may introduce to the organization.

Truth be told, after I explain to them the risks involved with those devices they look a little nervous and some even through up their hands and say they are not security people and would have no idea what to do. Of course I give them some advice not knowing if they ever follow up on it or just add it to their things to do list.

A few do get serious and ask if my company can help them identify possible risks, which is one of the most popular services we offer.

People who purchase these types of devices need to keep in mind that even though they come from reputable firms and the product does what it is supposed to do, many times internal device security is not a factor built in to the unit.

I expect that we will hear about an uptick in medical device hacking when more criminals learn how to monetize the attacks by holding the institution hostage such as the way they do current with Ransomware.

An article appearing in MachineDesign lays out four things to look for when adopting new medical devices in Hospitals but it doesn’t matter what type of institution you are the four are universal.

Here they are:

• Ease of Use
• Protection Against Cyberattacks
• Ability to Solve Known Problems or Improve Patient Care
• Suitability for the Hospital’s Budget

This has been a long time in coming since SMB’s are a prime target of hackers.

Originally proposed as H.R. 2105 in April 2017, the act was later absorbed into U.S. federal law S.770, and requires the director of the National Institute of Standards and Technology, within within one year of the law’s passing, to issue guidance and a consistent set of resources to help SMBs identity, assess and reduce their cybersecurity risks.

Read the article here

The following information was sent to our clients a few days ago. We are posting it on our website as courtesy for our readers.

According to multiple sources, new ransomware known as Petya  is spreading rapidly with the help of same Windows SMBv1 vulnerability that the WannaCry ransomware used to infect 300,000 systems worldwide in just 72 hours last month.

Petya is a nasty piece of ransomware which works very differently from any other currently known ransomware. Petya does not encrypt files on a targeted system one by one as previous ransomware versions did but encrypts the hard drive’s master file table (MFT) and renders the master boot record (MBR) inoperable. This corruption may not allow your system to reboot and your Tech team may have to rebuild your system.

Petya uses the NSA Eternalblue exploit but also spreads in internal networks with WMIC and PSEXEC. That’s why remediated systems can get infected even though they were patched.

To vaccinate your computer so that you are unable to get infected with the current strain of NotPetya/Petya/Petna, simply create a file called perfc in the C:\Windows folder and make it read only.

The following files perfc.dat and perfc.dll should also be created and put in the same folder as a precaution.

Finally, always keep up-to-date backups and follow your company backup policy.

May 12, 2017

At least 16 hospitals in the UK are being forced to divert emergency patients today after computer systems there were infected with ransomware.

Brian Krebs stated “It remains unclear exactly how this ransomware strain is being disseminated and why it appears to have spread so quickly, but there are indications the malware may be spreading to vulnerable systems through a security hole in Windows that was recently patched by Microsoft“.

Hospitals have been a favorite target of ransomware actors and that have shut many institutions down. With the advent of the new CIA tool “treasure trove”, bad actors now have a new way of delivering malware.

We have entered a new period where organizations need to be more vigilant about applying security patches to their endpoint and servers, especially Windows boxes.

You can read more about the latest attack here

December 20, 2016

It seems like we need to start changing our passwords every other week. The newest breached announced is from LinkedIn, who acquired Lynda.com a training system in 2015 for a whopping $1.5 billion. This particular website has suffered a data hack. The users were notified by the company over the weekend through email. In the data breach, around 50,000 users have been affected.

Read the article here

November 14, 2016

No one should be surprised these days when a breach is announced since it seems to be the new normal. It’s believed the incident happened prior to October 20, 2016 and this could involve more than just user ID’s and passwords.

Once again, at a minimum you should change your passwords not just on your FriendFinder account but others where you use the same password. Also keep in mind that if you stored personal information on the site, that could have possibly been exposed as well so stay alert.

Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October.

LeakedSource, a breach notification website, disclosed the incident fully on Sunday and said the six compromised databases exposed 412,214,295 accounts, with the bulk of them coming from AdultFriendFinder.com.

Read the rest of the article from CSO Online

November 7, 2016

Ready for the next round of phishing campaigns of LinkedIn ? Well it has already started so you and all your LinkedIn friends and connections need to take notice.

In the latest, cyber criminals are targeting LinkedIn users with a sophisticated phishing scam in which the idea is to trick the user into believing that their LinkedIn account has a security issue which can be solved only by providing their personal details. While this MO is not new, the “look and feel” of this new attack is fairly good and will probably get many users to give away their personal information.

As is Standard Operating Procedure, if you enter or have entered your information into this or any other scam, quickly change your login information and any other information that may have been compromised. If you require monitoring of your credit report, you can contact the Big Three and check their web pages for assistance.

Here is a link to the article that goes more in-depth on this new phishing scheme.

November 4, 2016

As anyone who has been following the current elections in the United States knows, the expectation of data privacy for your email is sinking by the day. But its not only your email which can be stolen as we have seen in the financial and healthcare arena.

For those who think they aren’t a target it’s time to wake up and “smell the coffee”.  Everyone and everything is up for grabs and sometimes it may be that you are not the initial target but a secondary one. As we increase our security technology, we may not always be covering all our bases since people are one of our weakest links.

Here are some predictions from a new Gartner report on 2017 Cyber Security.

Targeted espionage, ransomware, denial of service, privacy breaches, and more will escalate in 2017. The impact of those events will be significant

A Fortune 1000 company will fail because of a cyber breach

Healthcare breaches will become as common as retail breaches

More than 500,000 internet-of-things devices will be compromised

Within 100 days, the new US president will face a major cyber crisis

National security risks will drive agencies to expand surveillance technologies, creating legal and ethical conflicts between governments and people. 

While the predictions are not uplifting, they do point to the fact that cyber security protection is paramount and will continue to be so as far as anyone can see.

Don’t make the same mistake as those who said their business was not a target, suffered a breach and then went out of business.

According to the National Cyber Security Alliance,

As much as 60% of small and medium-sized businesses that experience a data breach go out of business after six months

make sure you aren’t included in that statistic. Contact Proactive Cyber Security for innovative and economical ways to protect your organization today.

Read the entire Forrester report here

August 4, 2016

A survey just released by the Digital Citizens Alliance may make some people sit up and take notice. When I began to look at this survey, I had two initial thoughts. 1) I’m not surprised at all 2) I’m sure the numbers will keep climbing.

Today there seems to be one segment that keeps on asking me if the internet is safe, the over 70’s crowd who weren’t introduced to on-line banking etc. until later on in their lives. Many still use paper checks and still balance their checkbooks manually.

Unfortunately, this demographic is also the most vulnerable to cyber fraud for a number of reasons which I will not address here due to its length. One thing is for sure, as we move more of our daily lives onto the internet through the adoption of IoT, we will look back on this survey and say we wished the numbers were so low.

Here are a few takeaways from the survey:

69 percent of Americans reported finding malware or other computer viruses on their computers.

One in five Americans reported that they have purchased something online, but never received it nor got a refund of their money.

42 percent of Americans report that they had their credit card information stolen and used.

One in five Americans reported that either their computer or their company’s computer systems have been hacked at some time.

71 percent of Americans report “I feel like I have to be on guard.” One in six said they feel they need to be “constantly on guard that someone is trying to harm me.”

Read the report here

View the entire survey here

August 2, 2016

As we move closer towards a society that will be interconnected via the internet with Internet of Things devices, the future looks scary. We have all seen and probably been involved in data breaches where our Personal Identifiable Information has been stolen.  As hacker have more tools available to them to attack us, you might be getting a little scared of the internet.

Unfortunately, there is no escaping the internet but there are basic steps you can take to keep you generally safe on the internet.

Motherboard has published an article which you should read an try to follow.