Tag Archive for: Disrupting

UnitedHealth blames ‘nation-state’ in hack disrupting pharmacy orders

/in


A cyberattack against a division of UnitedHealth Group Inc. has caused a nationwide outage of a computer network that’s used to transmit data between healthcare providers and insurance companies, rendering some pharmacies unable to process prescriptions, according to the company and reports from affected organizations.

UnitedHealth found a “suspected nation-state associated cyber security threat actor” had access to subsidiary Change Healthcare’s systems Wednesday, prompting the company to disconnect them from other parties, the company said in a filing Thursday with the Securities and Exchange Commission.

UnitedHealth, the country’s largest health insurer, said in a statement Thursday that the cyberattack and related “network interruption” affected only Change Healthcare and that all its other systems are operational. Change Healthcare is a key intermediary in the $1.5-trillion U.S. health insurance market.

UnitedHealth is working with law enforcement and security experts but can’t say when the service will be restored, according to the filing. The company hasn’t determined that the attack is likely to affect its financial results, it said.

“Change Healthcare is experiencing a cybersecurity issue, and our experts are working to address the matter,” the Minnetonka, Minn.-based company said earlier in a statement on its website. “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact.”

The incident is the latest in a series of attacks where hackers have compromised providers of back-end IT software and services — companies that are often little-known outside of their industries yet play critical roles in the normal functioning of such diverse entities as financial markets and government services — and triggered cascading disruptions across their customer bases.

Last month, for example, a ransomware attack against Tietoevry Oyj, a Finnish information technology company, crippled payroll and other services for government agencies and hospitals, retailers, cinemas and other customers throughout Sweden.

Three days later, a ransomware…

Source…

How AI Is Disrupting The Business Of Physical Security

/in


Co-founder and CEO of ZeroEyes with a decade in the U.S. Navy, including six years as a Navy SEAL.

The world of physical security is experiencing a significant transformation thanks to advancements in artificial intelligence (AI), machine learning (ML), deep learning and intelligent video analytics.

The widespread adoption and use of innovations like ChatGPT and DALL-E have demonstrated that AI technology is more than just a passing trend. It has showcased its potential in various applications that extend beyond writing content or answering questions. Businesses looking to protect their staff and visitors would be wise to understand AI-based physical security solutions.

Addressing today’s security threats requires applications that can rapidly analyze massive amounts of data that surpass human capabilities. According to IFSEC Insider,AI-based applications enable operators to respond to potential threats faster than ever, while simultaneously reducing false alarm notifications that plagued earlier analytics models.” As such, AI physical security solutions can enable businesses to protect their customers and staff against physical threats in a much faster and more accurate manner.

In this article, I’ll examine a few examples of high-tech AI solutions that are transforming the way organizations can approach physical security before offering tips about how to implement these solutions properly.

Security Technology: From Passive To Proactive

With the addition of AI, physical security solutions are no longer passive but are actively intelligent devices that can monitor video feeds in real time. This not only can possibly reduce workforce costs but may also increase the likelihood of identifying and catching perpetrators before they commit a crime. Here are a few examples of AI-based security solutions:

Access Control And Intrusion Detection Systems

AI access control systems and intrusion detection systems can monitor various building access authentication factors, such as the location of the access attempt, time of day and user behavior, to determine the risk level associated with granting access.

This technology can analyze sensor data, such as motion detectors or…

Source…

CRITICALSTART® Unveils Mid-Year Cyber Threat Intelligence Report Highlighting Key Threats Disrupting Businesses

/in


Report finds two-step phishing attacks increasing; Beep malware top of mind for organizations; state-sponsored cyber-espionage on the rise

PLANO, Texas, June 13, 2023 /PRNewswire/ — Today, Critical Start, a leading provider of Managed Detection and Response (MDR) cybersecurity solutions, released its biannual Cyber Threat Intelligence Report, featuring the top threats observed in the first half of 2023, and emerging cybersecurity trends impacting the healthcare, financial services, and state and local government (SLED) industries. The report also includes actionable insights to help organizations strengthen their security posture and proactively mitigate potential risk.

The cyber threat landscape is constantly evolving, and threat intelligence is essential for identifying and responding in real-time. Cybercrime has become the world’s third largest economy, and estimated to generate $8 trillion (about $25,000 per person in the US) by the end of 2023. The Critical Start Cyber Threat Intelligence (CTI) team analyzed a range of intelligence sources, such as customer data, open-source intelligence, vulnerability research, social media monitoring, and dark web monitoring to identify the most pressing cybersecurity threats of the first half of 2023.

Key report findings include:

  • The Critical Start Security Operations Center (SOC), which monitors millions of endpoints with over 80,000 investigations a week, saw increases overall in the number of investigated alerts, alerts escalated to customers, and alerts that were of high or critical priority. In the first quarter of 2023, the SOC saw a 38.88% increase in the number of high or critical priority alerts escalated to customers over the previous quarter.
  • Two-step phishing attacks are on the rise, with attackers using convincing emails that resemble legitimate vendor communications, often related to electronic signatures, orders, invoices, or tracking information.
  • The new Beep malware is top of mind for organizations and individuals. This pervasive threat is delivered via email attachments, Discord, and OneDrive URLs.
  • State-sponsored cyber espionage is becoming increasingly common, with threat actors operating out of Russia,

Source…

How Can Disrupting DNS Communications Thwart a Malware Attack?

/in


Question: How does a threat actor utilize DNS communications in malware attacks?

Dave Mitchell, CTO, Hyas: The idea that you can protect yourself from all malware is unrealistic, especially considering malware is an umbrella term that does not refer to any specific exploit, vector, goal, or methodology. Because the range of cyber threats is so wide and varied, there is no magic bullet that will repel every attack. So it’s really only a matter of time before your network environment is compromised, forcing you to make some very hard decisions.

For instance, in the medical field, successful cyber attacks don’t just affect an organization’s ability to function; they also have major legal and reputational repercussions. Because of these circumstances, medical industry victims end up paying out ransomware demands at a higher rate than any other industry. If they were able to detect indicators of problems before they become full-blown attacks, healthcare organizations could save an average of $10.1 million per incident averted.

Most security solutions address a specific subsection of malware and/or infiltration vectors, but none of them can stop all threats at the gate. Even if they could, sometimes the gate is bypassed altogether. As we saw with the Log4J exploit and the recent compromise of the popular Ctx Python package, “trusted” resource libraries hosted on places like GitHub can be compromised by outside entities and used to deliver payloads of malware to thousands of endpoints without immediately triggering a red flag.

Not all threats lurk solely in cyberspace. Returning to the healthcare industry as an example highlights another attack vector that can get around all of your perimeter security — physical access. Most hospitals, physician’s offices, pharmacies, and other medical facilities rely on networked terminals and devices located (or accidently left) in places where they can be accessed by patients, visitors, or other unauthorized users. In situations like these, it doesn’t matter how well-defended your network is from outside attacks because the bad actor can simply insert a USB stick or use a logged-in device to access malware, compromising the network from within.

This may…

Source…