More ransomware attacks on the healthcare sector.
Welcome to Cyber Security Today. It’s Wednesday, November 29th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
The healthcare sector continues to be a popular target of ransomware gangs. In the latest incidents Ardent Health Service, which runs 30 hospitals in Texas, New Mexico, Oklahoma and New Jersey had to divert some emergency room patients to other area hospitals after a ransomware attack. The attack started on Thanksgiving Day. Ardent has had to shut down a number of its IT systems, including its health care records.
Meanwhile for the second time in two months an American distributor of medical products called Henry Schein Inc. has been hit by the BlackCat/AlphV ransomware gang. “The threat actor from the previously disclosed cyber incident has claimed responsibility,” the company said in a statement last week. In an update issued Monday the company said it has restored its e-commerce platform in the U.S., and expects to be back online in other countries soon. The suspicion is the gang re-encrypted the company’s files when ransom negotiations stalled. Researchers at BlackFog note the company is no longer on the gang’s ransomware list of victims, possibly indicating negotiations resumed or a ransom was paid.
Separately, as part of a continuing crack-down on ransomware gangs authorities in Ukraine arrested a man man allegedly behind a group that deployed four strains of ransomware against organizations in 71 countries. The Europol police co-operative said the arrest took place last week, which also saw four others detained. The gang’s tactics included brute force attacks, SQL injection attacks and sending emails with infected attachments.
Here’s a factoid for thought: According to BlackBerry’s November threat intelligence report, 52 per cent of the new software holes listed in the National Vulnerability Database had a severity score of 7 or more out of 10. Fifteen per cent of vulnerabilities had a score of 9. Question: Does your IT department have a process for determining how fast a critical vulnerability is patched?
Here’s another set of factoids: Researchers at Hornetsecurity looked at 45 billion emails that went through its systems in the past year. More than one-third of the messages were categorized as unwanted. Of those 3.6 per cent had either malicious phishing or web links. Question: Does your IT department have solutions for effectively scanning emails for malicious content?
Here’s another piece of data I pulled from a report: There’s been a ten-times increase in the number of deepfake videos, audio recordings or documents detected in the past 12 months. That’s according to researchers at Sumsub in their annual Identity Fraud Report. Question: Does your IT department have solutions for detecting synthetically generated fraud documents?
iPhone owners who have updated to iOS 17 should think about changing the default setting of a new feature called NameDrop. According to researchers at BuddoBot, it allows users to easily share their contact info by bringing iPhones close together. However, having the capability turned on all the time is a privacy risk. All proximity-based data-sharing features on any mobile device should be turned off until they are needed.
Finally, if you use the Google Chrome browser there’s an emergency update to be installed. You should be running version 119.0.6045.200.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.