Tag Archive for: System

Genesis HealthCare System Builds on its Investment in BIO-key Biometric Authentication Security as it Migrates to Epic Hyperdrive

/in


BIO-key International, Inc.

BIO-key International, Inc.

ZANESVILLE, Ohio and HOLMDEL, N.J., Dec. 14, 2023 (GLOBE NEWSWIRE) — BIO-key® International, Inc. (NASDAQ: BKYI), an innovative provider of workforce and customer Identity and Access Management (IAM) featuring passwordless, phoneless and token-less Identity-Bound Biometric (IBB) authentication solutions, announced that its longstanding customer Genesis HealthCare System, the largest healthcare provider in its six-county region of Ohio, will add BIO-key’s PortalGuard IAM platform to support its existing BIO-key biometric authentication investment as it migrates to Epic Systems’ Hyperdrive end-user application interface. Genesis HealthCare has a network of more than 300 physicians and 4,000 employees across 27 locations.

PortalGuard’s standards-based integration with Hyperdrive allows Genesis HealthCare System to continue enjoying the security and streamlined biometric authentication user experience that BIO-key provides without re-enrolling employees or adopting more cumbersome and expensive multi-factor authentication solutions.

Named by Computerworld as one of the 100 Best Places to Work in IT every year since 2017, Genesis Healthcare utilizes BIO-key biometric software and hardware to secure and streamline its users’ login experience for Epic. By deploying PortalGuard IAM, it is able to maintain a consistent user experience and simplify the Hyperdrive migration. PortalGuard fully supports Hyperdrive’s modern authentication approach through its SAML Identity Provider (IdP) capabilities. PortalGuard provides seventeen authentication factor options, including WEB-key fingerprint authentication, the same core BIO-key biometric authentication platform regularly used by thousands of Genesis HealthCare employees. Additionally, users can now use PortalGuard for biometric authentication in other hospital applications through its support for standard IdP integration options like SAML, OAUTH, and OpenID Connect.

“Epic is a mission-critical application for many of BIO-key’s hospital customers, and implementing PortalGuard SAML SSO allows Genesis to maintain streamlined workflows and ensure secure access to patient information with IBB,” said Mark…

Source…

Bad Password May Have Led to Pennsylvania Water System Hack

/in


(TNS) — Federal and state security officials said a poor or even default password could be the weak link that enabled hackers to break into a Pittsburgh-area water system.

The Municipal Water Authority of Aliquippa suffered the cyberattack on Saturday, with several media outlets displaying images of a screen from the authority equipment that claimed to target Israeli-made products.

In a Tuesday alert, the federal Cybersecurity and Infrastructure Security Agency (CISA) said the hackers, who some media outlets have identified as the pro-Iran group CyberAvengers, “likely accessed the affected device … by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet.”


CISA is a federal agency that falls under the Department of Homeland Security.

The Pennsylvania Criminal Intelligence Center shared CISA’s advisory Wednesday and reminded security experts “to ensure the default ‘1111’ password is not in use” on their networks, according to an email obtained by TribLive.

The center also recommended that systems’ “programmable logic controllers,” or PLCs, use multifactor authentication and update to the most current software.

No customers of Aliquippa’s service lost access to water due to the attack, said Robert Bible, general manager of the Aliquippa Municipal Authority, in an interview with TribLive news partner WTAE.

Bible said the hackers targeted a small substation in Racoon Township. They disabled a device that is used to automatically control water levels at the authority’s tanks, he said.

Bible did not return phone calls Wednesday to the municipal authority. Aliquippa Mayor Dwan B. Walker also could not be reached for comment.

CISA officials, in their Tuesday advisory, identified equipment hacked at the Pennsylvania utility as a “Unitronics Vision Series PLC with a Human Machine Interface (HMI).”

Unitronics, which is based in Israel and operates a U.S. office in Quincy, Mass., a Boston suburb, did not respond to numerous emails and phone calls this week seeking comment.

Pittsburgh-based Jewish security officials said they also have grappled with cybersecurity issues related to the…

Source…

Did Iranian Hackers Hit a Pennsylvania Water System?

/in


(TNS) — The Municipal Water Authority of Aliquippa revealed Saturday that one of their booster stations had been hacked and partially controlled by a cyber guerilla group tied to the Iranian government, according to news reports.

Confirming the hack to KDKA, Matthew Motes, the chairman of the board of directors for the Municipal Water Authority of Aliquippa, said that the group, known as Cyber Av3ngers, took control of one of the stations.

The hacking ring shut down a pump on a supply line that provides drinking water from the Aliquippa Municipal Water Authority’s treatment plant to Raccoon and Potter townships in Beaver County.


As soon as the hack had occurred, an alarm sounded, the Beaver Countain reported.

Also confirming the hack was a haunting message that appeared that appeared on the system’s control panel after the pump had been taken over, reading, “You have been hacked. Down with Israel. Every equipment ‘made with Israel’ is Cyber Av3ngers legal target.”

The machine that was hacked by the cyber group uses a system called Unitronics, which uses software or has components that are Israeli-owned, KDKA reported.

Aliquippa municipal workers managed to disable the system and authorities were called to the booster station Saturday. Now the incident is under criminal investigation.

Back-up methods are now being applied to maintain water pressure to communities, the Beaver Countain reported.

“They did not get access to anything in our actual water treatment plant – or other parts of our system – other than a pump that regulates pressure to elevated areas of our system,” Mottes told the outlet. “This pump has its own computer network, separated from our primary network, and is physically miles away.”

The network also serviced multiple security cameras.

“The booster system did what it was supposed to. It sent an alarm and we took control manually. Nobody was ever at risk,” he added.

Congressman Chris Deluzio said in a statement on Facebook Sunday that he is monitoring the situation.

On X, formerly known as Twitter, the Cyber Av3ngers have taken responsibility for multiple attacks worldwide,…

Source…

International arms control system faces multiple challenges

/in



First test flight of the US B-21 Raider.

Russia announced that it had completed all procedures for withdrawing from the Treaty on Conventional Armed Forces in Europe (CFE) on November 7, and NATO also declared an official halt in fulfilling relevant contractual commitments on the same day.

In recent years, due to declining strategic mutual trust, the US and Russia, two nuclear powers possessing more than 90% of the global nuclear weapons, frequently withdrew from the Treaty, posing grave threats to the sustainability of their mutual supervision and transparency mechanism in the nuclear arms control and further severely impacting the international nuclear arms control system. Meanwhile, with the old nuclear arms control mechanism already shattered and the new one not yet in place, the two sides are still accelerating the upgrading of nuclear forces. Not only that, the US works with its allies to actively expand or upgrade extended deterrence. For example, it carried out nuclear submarine cooperation with the UK and Australia, acquiesced in Japan’s stockpile of massive nuclear weapon materials and gradually relieved the restrictions on ROK’s missile development.

The proliferation and use of nuclear weapons, capable of extinguishing human civilization, have been consistently under the world’s scrutiny. And the increasingly prominent conventional arms control issues also pose serious challenges to global security and development. At present, frequent regional conflicts and violence have provided a hotbed for the illicit conventional weapon trades, of which the discovery and traceability of light and small conventional weapons are particularly challenging. The application of cluster munitions, white phosphorus bombs, depleted uranium bombs and other specific conventional weapons has not only exacerbated the intensity of conflicts in relevant countries and regions, but also triggered serious humanitarian crises. Moreover, some countries’ irresponsible export and management of common or special conventional weapons have also aggravated the contradictions and conflicts. What’s particularly worrisome…

Source…