Tag Archive for: pose

Consultant, school system officials say hackers pose common woes for institutions

/in


Jul. 16—While Joplin officials continue to mostly remain mum, a failure of the city government’s computer and telephone systems more than a week ago could have been the result of a ransom demand, a Joplin information technology expert says.

City systems seemed to be operating July 6, but city officials announced July 7 that the city’s computer systems were down. That interrupted the city’s internet-based telephone system and its online capabilities.

In a statement, the city called it a “network security incident” and said it was reported to a law enforcement agency.

There has since been no explanation of the cause and not much word on the status of the investigation. City officials did cite phone system restoration, but nothing about the computer systems. In recent days, the city has not made further statements or answered Globe questions sent to officials about the situation.

Ransomware attack?

John Motazedi, the owner of a local IT consulting firm, SNC Squared, speculated that the city might have been hit by ransomware, a malware program used to encrypt computer systems. Motazedi said his opinion is conjecture but that the failures reported by the city resemble what happens when hackers disable a system to demand a ransom payment.

Motazedi said there are several ways to infect a computer system with crippling software. It can be done by sending a coded program through an email that can unleash encryption through the system, downloading a malicious program without knowing it is infected, or by going into the system’s servers, the central brain of a computer system, to implant the encryption.

“Typically they get in through some administrative account because that account can get into other machines that are connected together,” Motazedi said. An administrative account is used by IT technicians to oversee computer operations and make changes to the system.

Once a system is overtaken by encryption of its programs, the user cannot operate the computer or the system but will instead receive a pop-up message to pay a certain amount of money to receive a code that can be used for decryption. Typically, internet criminals demand payment in bitcoins, a kind of online currency difficult to…

Source…

Russia hacking claims pose challenge for Biden – BBC News

/in



Russia hacking claims pose challenge for Biden  BBC News

Source…

Compliance with July 1 CMS Interoperability Rule Deadline May Pose Ransomware Risk | Arnall Golden Gregory LLP

/in


In recent months, the word “ransomware” has moved from a topic discussed only among cybersecurity professionals to a term used at dinner tables and water coolers across the country. Simultaneously, in the healthcare space, hospitals, healthcare systems, and payers are scrambling to meet the July 1, 2021 deadline for the first wave of interoperability and patient access requirements included in the final rule issued by the Centers for Medicare & Medicaid Services in June of 2020.

As system interoperability and connectivity increase, so does the risk of ransomware. Cybersecurity experts agree that one of the initial defenses against widespread ransomware is via network segmentation. Segmenting a network means, for example, ensuring that an organization’s IT environment is created in a manner where patient-facing technology does not interact with software running medical equipment. However, compliance with the Interoperability and Patient Access final ruling significantly impairs an organization’s ability to segment its network and exposes the organization to an increased risk of ransomware attacks.

To mitigate some of the risks while still complying with the Interoperability and Patient Access rule, we suggest companies do the following:

  • Frequent Backup – the more frequently data is backed up, the less power ransomware has over an organization. Losing an hour of data is much less harmful than losing a month.
  • Segmented and Encrypted Backup Encryption – although the rule makes it difficult to segment production environments, it does not prevent segmenting backup data. Companies should ensure that the backups are also encrypted to provide an additional layer of defense.
  • Thorough Vendor Review – an organization’s security is only as strong as its weakest link, and no complex healthcare ecosystem can exist without the use of third-party vendors. Therefore, vendors should be thoroughly vetted and investigated prior to onboarding to ensure that the security procedures do not introduce unnecessary risk into the technology environment.
  • Scoping for Clarity, Cooperation, and Root Cause Analysis – ensure that each of your vendors has an obligation to cooperate with both…

Source…

Fake vaccine and test certificates pose threat to ‘Covid passport’ plans

/in


Covid passport schemes could “unravel” unless measures are taken to combat fake vaccine and counterfeit test certificates, experts have warned.

Cybersecurity experts at Check Point Research issued the warning today amid rising concerns over the volume of fake Covid credentials being sold on the dark web.

Between March and May, Check Point research revealed a 500% increase in the number of forged certificate vendors. This increase, researchers suggested, highlights a growing demand to evade inspections and circumvent rules.

New EU legislation coming into effect in July will provide free certificates in the form of a QR code on a smartphone, or as a paper document.

These new certificates will show that a person is either vaccinated, has immunity to the virus, or has recently received a negative PCR test result.

Similarly, UK travellers who have had both vaccine doses will be able to use the NHS App as a vaccine passport and are expected to be covered under the EU scheme as a third country.

Other nations, including France and Germany, are also exploring the launch of their own Covid passport schemes. However, Check Point researchers warned that without a unified global approach to verify certificates, “fragmented rules and ambiguity” will play into the hands of hackers and fraudsters.

“We urge governments to come together and act quickly to combat the increased sales of fake certificates on Telegram and the Darknet. Without a central system, it becomes much easier for hackers and fraudsters to fall through the cracks,” said Oded Vanunu, Head of Products Vulnerability Research at Check Point Software.

According to Check Point, many customers could be people who have tested positive, refused to take a test or are unwilling to have the vaccine.

It could also be down to the exploitation of innocent users looking for information and guidance, some of whom are lured to fraudulent or suspicious domains in the belief that they are legitimate.

Travellers need to be wary of misspelled websites and only install verified apps from official sources, Vanunu explained.

Similarly, travellers should also be wary of QR codes as these can serve as a…

Source…