Tag: Trust | SpinSafe

NHS Trust Confirms Clinical Data Leaked by Recognized Ransomware Group

March 28, 2024/in Internet Security

NHS Dumfries and Galloway has confirmed that patient clinical data has been leaked online by a ransomware group following the attack on its systems earlier this month.

The statement by the Scottish NHS Trust dated March 27, 2024, revealed that clinical data relating to a small number of patients has been published by a “recognized ransomware group.”

The trust acknowledged that in the cyber-attack, which it first reported on March 15, the hackers accessed “a significant amount of data including patient and staff-identifiable information.”

It follows a threat by the ransomware group Inc Ransom on its leak site that it will soon publish 3TB of data relating to NHS Scotland patients and staff unless its demands are met.

The threat actor also included a ‘proof pack’ in its post, which appeared to show a range of sensitive clinical documents, such as genetics reports and letters between doctors discussing patient treatments.

Trevor Dearing, director of critical infrastructure at Illumio, commented: “The methods used by INC Ransom are common among ransomware groups. Ransomware attacks against healthcare organizations are now multiple layers of extortion – cybercriminals will look to steal and leak sensitive data, as well as affect operational up-time. Stolen healthcare data can be sold on the dark web for a quick profit or used in identity fraud.”

NHS Helping Impacted Patients

NHS Dumfries and Galloway Chief Executive Jeff Ace said the service is making contact with patients whose data has been leaked at this point and will continue working to limit any sharing of this information.

“NHS Dumfries and Galloway is very acutely aware of the potential impact of this development on the patients whose data has been published, and the general anxiety which might result within our patient population,” he commented.

Ace acknowledged that the information has been released by the attackers to prove it is in their possession. He made no reference to any ransom demand made by the group.

“We absolutely deplore the release of confidential patient data as part of this criminal act,” he said.

Ace added: “We are continuing to work with Police Scotland, the…

Source…

Does Australia Need A ‘Cyber Trust’ Label For Security Products? – channelnews

October 24, 2023/in Internet Security

Australian homes as well as businesses, are facing a crisis especially households or factories that have invested in high-risk Chinese products or have devices with the Chinese manufactured Quectel or Fibcom modules built in with questions now being asked to whether Australia needs a Cyber Trust Mark” label for devices sold at retailers as well as IOT devices sold into businesses.

What Australians are not realising is that they are increasingly buying Internet-connected “smart” devices that are vulnerable to hackers claim experts.

Currently Officeworks is selling security cameras manufactured by Chinese Company Hikvision who own the consumer brand EZVIZ. Hikvision products are banned in Australia, the USA, the UK, and several other Countries.

Another questionable Chinese consumer brand is Anker manufactured Eufy who security cameras are sold at Bunnings and JB Hi Fi.

Because of new security risks experts are now claiming that beefed-up security standards will be necessary to address the growing threats from criminals, hostile governments such as South Korea and Chinese hacking groups as well as Russian and East European hacking gangs as well as State sponsored hacking teams who have been identified as being responsible for major hack attacks on Countries such as Australia, the USA, France and the UK.

Public fears about cybersecurity were stoked in Australia earlier this year with attacks on Optus Telstra, and Medibank, this has seen Australian authorities move to set up security task forces, with the Federal Government currently recruiting people with hacking experience.

Closer to home, hackers have used Ring cameras and Eufy products to spy on kids and even lure them into creepy conversations.

Only this week a mother reported hearing a voice talking to their child in a cot at an NSW home early in the morning.

In the USA Mike Gallagher, the chairman of the House Select Committee on China, is among a growing group of policymakers focused on so-called “Internet of Things,” or IoT devices, which generally are understood as non-computer devices with a web connection.

Examples range from smart TVs, wearable fitness trackers, doorbell cameras, and thermostats to control…

Source…

Don’t trust that update! Untold number of Android users duped by dangerous SpyNote trojan

October 18, 2023/in Mobile Security

Android users have been put on spyware high-alert as a banking trojan by the name of SpyNote has recently returned to the limelight.

The Android-based malware has been a background security threat for users since 2022. However, now in its third revision and with source code of of one of its variants (known as ‘CypherRat’) having leaked online in January of 2023, detections of this spyware have spiked throughout the year.

SpyNote isn’t like many of the threats Android users face. You won’t find it tucked away inside of an innocuous app on the malware infected hellscape that is Google Play — at least not for now.

Instead, its primary method of spreading is through ‘Smishing’ or SMS phishing. These SMS messages can range from government updates to social media alerts with links to malicious apps. Here users will be misled into downloading an Android Package file (.APK), that works outside of the Google Play Store to infect a device and begin it’s nefarious deeds.

SpyNote: What does it do?

As stated, SpyNote primary method of infection is through SMS phishing attacks. However, variants of the spyware do exist and its methods of infection may evolve over time.

If you’re unlucky enough to fall foul of these attempts, the third-party app (while posing as an official update or legitimate service) tricks the user into accepting various permissions — after which, it will hide itself from view and begin to work behind the scenes at collecting user data in the following ways.

Audio recording: Including microphone access and phone calls.
Camera recording: Being able to access a victims camera for pictures or video.
Keylogging: Recording every input and tap you make on your device.
Credential theft: Stealing user logins (usernames, passwords, passkeys, and more) by intercepting banking, crypto wallets, and social media apps.
Screen recording: Through screenshot captures and device streaming.
GPS tracking: Accessing location services to track a victims location.

SpyNote: Do I have it, and how do I remove it?

SpyNote’s presence is hard to detect, and even harder to remove. If you’ve accessed a link to an app through SMS at any point, one of the ways you can tell if SpyNote is present on your device is by…

Source…

Why CISOs need zero trust as a ransomware shield

September 18, 2023/in Internet Security

Head over to our on-demand library to view sessions from VB Transform 2023. Register Here

This year is on pace to be the second-costliest for ransomware attacks ever, with threat actors relying on new deceptive approaches to social engineering combined with weaponized AI. The recent MGM breach began with attackers studying the social media profiles of help desk employees, then calling the help desk and impersonating them to get privileged access credentials and logins.

Zero trust security needs to be a mindset that pervades everything from consolidating tech stacks to managing identities at scale. CISOs and their teams must start with the assumption that a breach has already happened, and an organization’s network needs to be designed to limit an intrusion’s blast radius and depth.

“Zero trust requires protection everywhere — and that means ensuring some of the biggest vulnerabilities like endpoints and cloud environments are automatically and always protected,” said Kapil Raina, VP of zero trust marketing and evangelist for identity, cloud and observability) at CrowdStrike. “Since most threats will enter into an enterprise environment either via the endpoint or a workload, protection must start there and then mature to protect the rest of the IT stack.”

Gartner introduces a new Hype Cycle for Zero Trust Networking

Gartner’s inaugural Hype Cycle for Zero Trust Networking comes at a time when CISOs and the organizations they serve are under siege from near-record ransomware attacks. All hype cycles and market frameworks have limitations, yet they do help to filter out vendor noise and those overstating their zero trust capabilities. The Hype Cycle examines 19 key technologies — including microsegmentation, Kubernetes networking, secure access service edge (SASE) and security service edge (SSE) — and maps their maturity level and hype cycle position.

Event

VB Transform 2023 On-Demand

Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.

…

Source…

Tag Archive for: Trust

NHS Helping Impacted Patients

Gartner introduces a new Hype Cycle for Zero Trust Networking

Event