Security conference offers advice, healthcare industry warning and macro phishing alert.
Welcome to Cyber Security Today. It’s Friday February 28th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.
To hear the podcast click on the arrow below:
Every year around this time a security company called RSA holds a huge week-long conference in San Francisco where over a hundred presenters tell terrible stories of hacks and what companies and governments should have done to prevent them. This week’s conference is no different. However, some speakers this year offered a glimmer of hope. At least one said many companies are getting better at finding cyber intruders before serious damage is done. And the time it takes to find them is dropping. Another speaker complained that organizations spend too much preparing for the most sophisticated attacks, while most incidents are due to very basic cybersecurity issues — like not patching fast enough — or errors by staff. Preparing for worst does not prepare you for the likely attacks, he said. Organizations are still going to get hacked. But as one speaker said, if firms make cyber security a priority and invest in it there will be progress.
The healthcare industry may be the biggest slackers in the private sector when it comes to protecting data, if a recent study is accurate. A cybersecurity company called Censys says it did an internet scan of the 10 largest companies by revenue in seven major industries to see how many had unprotected databases and left their networks open to remote access. The healthcare industry, including pharmacies, hospitals, clinics, insurance providers and pharmaceutical manufacturers led the list with an average of 13 exposed databases per company. The energy industry proved the least at-risk with only one exposed database per company. The lesson appears to be that many companies aren’t training staff well enough to be careful with data, nor are they checking the Internet to see if staff are leaving sensitive data open to the world.
Getting malware onto your computer isn’t enough for an infection. It has to be installed. One way to do that is by having Microsoft Office run what’s called a macro, which is an automatic routine. That’s why these days Microsoft Office has the macro feature disabled by default. Which means attackers have to find ways to trick you into enabling macros. The usual way is to send people an email with an infected Word or Excel document. When the victim clicks on it they get asked to enable macros or enable content. The latest in this series of scams was discovered by security company Palo Alto Networks, and it works like this: A victim gets an email with an attachment that appears to come from Norton LifeLock, a well-known security brand. It says, ‘You have received a protected document which contains personal information.’ To read it enable macros and enter your password. The password is included in the email. What’s the surprise inside this particular attack? Malware allowing a hacker a backdoor into your computer. Don’t fall for this scam. Beware of any messages that ask you to enable macros.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon