- Biden gave Putin list of 16 critical infrastructure entities ‘off limits’ to cyberattacks
June 17, 2021
President Biden told reporters Wednesday he gave President Vladimir Putin a list of 16 critical infrastructure entities that are “off limits” to a Russian cyberattack. Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services. “We’ll find out whether we have a cybersecurity arrangement ...
- Billions of records belonging to CVS Health exposed online
June 16, 2021
In another example of misconfigured cloud services impacting security, billions of records belonging to CVS Health have been exposed online. On Thursday, WebsitePlanet, together with researcher Jeremiah Fowler, revealed the discovery of an online database belonging to CVS Health. The database was not password-protection and had no form of authentication in place to prevent unauthorized entry. Upon ...
- UF Health Florida hospitals back to pen and paper after cyberattack
June 3, 2021
UF Health Central Florida has suffered a reported ransomware attack that forced two hospitals to shut down portions of their IT network. The University of Florida Health, also known as UF Health, is a healthcare network of hospitals and physician practices that provide care to countries throughout Florida. Read more… Source: Bleeping Computer
- Swedish Health Agency shuts down SmiNet after hacking attempts
May 31, 2021
The Swedish Public Health Agency (Folkhälsomyndigheten) has shut down SmiNet, the country’s infectious diseases database, on Thursday after it was targeted in several hacking attempts. SmiNet, which is also used to store electronic reports with statistics on COVID-19 infections, was shut down on Thursday to investigate the attacks and was brought back online on Friday evening. Read ...
- Indonesia’s national health insurance scheme leaks at least a million citizens’ records
May 25, 2021
Indonesia’s government has admitted to leaks of personal data from the agency that runs its national health insurance scheme On May 20th Kominfo, Indonesia’s Ministry of Communication and Information Technology, acknowledged it was aware of a post on notorious stolen-data-mart Raidforums offering to sell a million records leaked from the Badan Penyelenggara Jaminan Sosial (BPJS), an ...
- FBI: Conti Ransomware Attacks Impact Healthcare and First Responder Networks
May 20, 2021
The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year. These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S. ...
- Conti ransomware gives HSE Ireland free decryptor, still selling data
May 20, 2021
The Conti ransomware gang has released a free decryptor for Ireland’s health service, the HSE, but warns that they will still sell or release the stolen data. Ireland’s HSE, the country’s publicly funded healthcare system, and the Department of Health were attacked by the Conti ransomware gang last Friday. Read more… Source: Bleeping Computer
- Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks
May 20, 2021
Three healthcare institutions in Canada, Ireland and New Zealand are in the midst of security incidents this week, highlighting the perilous cybersecurity landscape within some of the world’s most important organizations. Ireland’s Department of Health was attacked twice in the last week, eventually shutting down their entire IT system after a ransomware attack last Thursday. The ...
- Ireland: ‘Wizard Spider’ cybercrime gang claim Health Service Executive attack
May 18, 2021
Hackers known as Wizard Spider are spinning a web of chaos since it launched a ransomware attack on the Health Service Executive last week. The Russian hackers have claimed responsibility for the most serious ever cyberattack on Ireland’s critical infrastructure. The group, who are seeking ransom of up to €20 million in cryptocurrency, are not motivated by ...
- ‘We won’t pay ransom,’ says Ireland after attack on health service
May 17, 2021
Ireland’s Health Service Executive (HSE) has ruled out giving in to hackers’ demands as the country’s healthcare and social services continue to deal with the disruption caused by a significant ransomware attack that occurred a few days ago. The HSE has now confirmed that a ransom has been sought by the attackers, although the exact amount ...
- Ireland: Health service IT systems forced to shut down after ‘fairly sophisticated’ cyber attack
May 14, 2021
Health service IT systems have been shutdown today following a cyber attack that the HSE believes was carried out by international criminals seeking to extort money . The HSE said the main attack began at around 4.30am on Friday and that IT staff switched off systems as a “precaution” in order to protect data and give ...
- How UK National Health Service learned the lessons of WannaCry to protect hospitals from attack
May 13, 2021
Four years ago, the UK’s National Health Service suddenly found itself one of the most high-profile victims of a global cyberattack. On 12 May 2017, WannaCry ransomware hit organisations around the world, but hospitals and GP surgeries throughout England and Scotland were particularly badly affected. A significant number of services were disrupted as malware encrypted computers ...
- US and Australia warn of escalating Avaddon ransomware attacks
May 10, 2021
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide. The FBI said in a TLP:GREEN flash alert last week that Avaddon ransomware affiliates are trying to breach the networks of manufacturing, ...
- San Diego: Scripps Health Cyberattack Causes Widespread Hospital Outages
May 3, 2021
Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune. Scripps acknowledged the attack in a statement but didn’t specify whether it was a ransomware incident. It’s also unknown whether the adversaries compromised any patient records ...
- Passwordstate password manager hacked in supply chain attack
April 23, 2021
Click Studios, the company behind the Passwordstate enterprise password manager, notified customers that attackers compromised the app’s update mechanism to deliver malware in a supply-chain attack after breaching its networks. Passwordstate is an on-premises password management solution used by over 370,000 security and IT professionals at 29,000 companies worldwide, as the company claims. Its customer list includes ...
- Just What The Cyber Doctors Ordered – OT For Pharmaceutical Companies
April 20, 2021
Several digital attacks against pharmaceutical companies have made news in the past few years. Back in 2017, for instance, Merck fell victim to NotPetya. The wiper malware spread to the pharmaceutical giant’s headquarters, rendered years of research inaccessible, affected various production facilities and caused $1.3 billion in damages, according to Bloomberg News. A couple of ...
- The Security dilemma of smart factories [Part 3] Fundamental security risks in robot languages
April 19, 2021
Industrial robots are the core of the automation of manufacturing processes in smart factories, and are the most important components as they support the manufacture of all kinds of products such as automobiles, aircraft, processed foods, and pharmaceuticals. In addition, as equipment that realizes unmanned manufacturing in the post-COVID-19 world where minimal or no contact ...
- Victorian government earmarks AU$30m to lift hospital cyber capabilities
April 15, 2021
The Victorian government plans to invest a total of AU$30 million to upgrade and modernise the IT infrastructure of 28 of the state’s hospitals and health services in a bid to guard against further cyber attacks. The AU$30 million will be divided amongst hospitals across Melbourne and regional and rural health services. Melbourne hospitals will receive ...
- Industries critical to COVID-19 response suffer surge in cloud cyberattacks
April 6, 2021
Industries and organizations critical to the fight against COVID-19 have faced a surge in cyberattacks due to their rapid transition to cloud platforms in light of the pandemic. When the world first began to take notice of the global spread of COVID-19, organizations across the globe suddenly found themselves unable to maintain typical working practices. Offices were ...
- APT Charming Kitten Pounces on Medical Researchers
March 31, 2021
Security researchers have linked a late-2020 phishing campaign aimed at stealing credentials from 25 senior professionals at medical research organizations in the United States and Israel to an advanced persistent threat group with links to Iran called Charming Kitten. The campaign—dubbed BadBlood because of its medical focus and the history of tensions between Iran and Israel–aimed ...