Tag Archive for: CIO

The internet ‘wasn’t designed to be secure’: Gilbane CIO

/in


Cybersecurity incidents are on the rise, and contractors need to be prepared.

Karen Higgins-Carter, the chief information and digital officer for Providence, Rhode Island-based Gilbane Building Co., brings a wealth of experience from previous roles protecting the banking and financial services industries from cyber criminals. She warns that the internet wasn’t originally built to be secure, and that the onus is on contractors to make sure they’re up to snuff on today’s security demands.

Here, Higgins-Carter spoke with Construction Dive about where the biggest threats come from, how Gilbane keeps its employees up to date and what the industry can do to protect itself.

Editor’s Note: This interview has been edited for brevity and clarity.

CONSTRUCTION DIVE: What’s the state of cybersecurity in the construction industry?

KAREN HIGGINS-CARTER: I’ll start with my view on cybersecurity in general. I think it’s important to understand two things. First, the internet was not designed to be secure. It was designed to be open. Second, we are going to continue to see a volume of attacks coming from countries that are effectively safe harbor for this type of activity.

A headshot of Karen Higgins-Carter

Karen Higgins-Carter

Permission granted by Gilbane Building Co.

 

Because of that environment, we’re seeing the regulatory response. SEC disclosure requirements being first and foremost, that were implemented in December.

What I find is the need to adjust and connect with our people based upon their current level of awareness. There’s a predictable cycle of bringing our people from a position of not really being aware of the threats to feeling invested in protecting the company and being on board with that mission.

How do you get everyone to an optimal level of comfort with cybersecurity when their experiences differ?

One of the things that we have implemented in building, in terms of our innovation practices, is responsible innovation. That it’s important to take risks in order to grow. 

There is no risk-free path to achieving your strategic objectives. 

Where that’s important in innovation is understanding, how does this innovation support our…

Source…

Ransomware now dispenses with data encryption and blackmails with brand exposure – Intelligent CIO LATAM

/in


With Brazil already facing an overwhelming wave of ransomware attacks, Hilmar Becker, Country Manager, F5 networks, Brazil, warns of a switch in tactics by threat actors – leaving organisations even more exposed.

Hilmar Becker, Country Manager, F5 networks, Brazil

Throughout 2023, a harsh reality set in.

The ever-evolving threat landscape has ransomware continuing to wreak havoc.

Brazil remains in a prominent position in relation to this threat: we are the fourth largest ransomware target in the world, according to a report released in the first half of this year.

Only the US, UK and Spain beat our market in this regard.

The accelerated digitalization of the Brazilian economy is not always accompanied by alignment with the best practices of digital security, which increases the vulnerability of companies to these types of attacks.

For years, the practice of encrypting data and holding it hostage until a payment was made was the hallmark of ransomware attacks. The victim’s dilemma was quite simple: pay the ransom or risk losing access to critical data.

To maintain their effectiveness, ransomware gangs have started to innovate with different tactics.

This is the case of double extortion, in which not only is data encrypted, but also stolen information is threatened to be publicly exposed or sold on the dark web.

The first case of this modality happened in 2019.

Shortly after, in 2020, triple extortion began to make the news, which takes double extortion a step further, taking advantage of confidential information about customers, relatives, or other entities related to the victim.

This is an advanced level of blackmail that starts from the attack on the organization to, at another time,

trigger actions pulverized by all the people who had their data exposed.

In recent months, cybercriminals have introduced yet another technique to their arsenal: unencrypted attacks.

In the face of the overwhelming wave of ransomware affecting Brazil, it has become commonplace for companies to keep backups of their data, and decryption tools are being created to neutralize ransomware variants.

This advocacy has changed digital gangs. Thus,…

Source…

Lessons from a ransomware attack: How one healthcare CIO helped her company recover

/in


In the early-morning hours of Feb. 25, 2021, Terri Ripley got the call every chief information officer dreads: Her company, OrthoVirginia Inc., had been hit by a massive attack of the Ryuk ransomware that had shut down its entire computing fabric.

Although it would be 18 months before systems were fully restored, OrthoVirginia never shut down operations or abandoned patients. What it learned during the crisis is a lesson for any organization that might become an attack target. Today, that’s everyone.

Speaking at the Healthcare Information and Management Systems Society Inc.’s Healthcare Cybersecurity Forum in Boston this week, Ripley gave a blow-by-blow description of the events immediately following the attack, the critical choices that were made and how the company is insulating itself from future incidents.

OrthoVirginia is Virginia’s largest provider of orthopedic medicine and therapy, encompassing 105 orthopedic surgeons spread across the state. Its 25-person information technology organization had put cyber protections in place before the attack hit, but the pandemic was a curveball they didn’t anticipate.

“When COVID hit and we sent everybody home, some of those protections were not in place,” she said. “We put a lot of good measures in place, but we still got hit.”

System-wide shutdown

The attack took down servers, workstations, network storage and backups, but fortunately not electronic health records, which were hosted offsite. It encrypted the picture archiving and communication system that contains the X-rays vital to orthopedic surgery. The application and database needed to view the images were also hit and the internet protocol phones went down.

To make matters worse, OrthoVirginia’s chief cybersecurity expert was on vacation at the time. Knowing that ransomware attacks can be unpredictable, “we made the decision to shut everything down,” Ripley said. “That stopped the script from running so we were able to save the data files.”

Forensics would later determine that the attack was triggered by a remote worker clicking on a malicious link. The attackers were able to compromise the system administration password, tunnel through the…

Source…

Ransomware breach hits US dental insurance giant, loses data of 9 mn patients, ET CIO

/in


The personal information of nearly nine million people in the US has been compromised in an apparent ransomware attack on one of the country’s largest dental health insurers.

US-based dental insurance giant Managed Care of North America (MCNA) Dental, said: “On March 6, 2023, MCNA became aware of certain activity in our computer system that happened without our permission. We quickly took steps to stop that activity. We began an investigation right away.”

Moreover, the company learned that a criminal was able to see and take copies of some information in their computer system between February 26 and March 7, 2023.

According to a data breach notification filed with Maine‘s attorney general, the hack affected over 8.9 million MCNA Dental clients, reports TechCrunch.

The LockBit ransomware group claimed responsibility for the cyberattack and claims to have published all of the files it stole from MCNA Dental after the company refused to pay a $10 million ransom demand.

According to a listing on LockBit’s dark web leak site, the notorious ransomware gang stole 700GB of data during the intrusion, the report said.

The stolen data includes a trove of personal information from patients, such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, and driver’s licences or other government-issued ID numbers.

Hackers also gained access to patient’s health insurance information, such as plan information and Medicaid ID numbers, as well as bill and insurance claim information, according to MCNA Dental.

Meanwhile, PharMerica, a leading pharmacy service provider in the US, which operates in more than 2,500 facilities across the country and offers over 3,100 pharmacy and healthcare programmes, has disclosed a data breach that compromised the personal information of nearly six million patients.

    Join the community of 2M+…

Source…