Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Coronavirus. Show all posts
Hospitals
California Coronavirus Cyber Attacks CyberCrime data security Healthcare Hospitals

Multi-State Cyberattack Disrupts Health Care Services in Multiple States

 


One of the California organizations faced a cyberattack this week which resulted in some services being shut down at affiliated locations and some patients having to rely solely on paper records. The cyberattack disrupted hospital computer systems in several states on Friday, some emergency rooms were closed and ambulances diverted. Most primary care services remained closed, while security experts investigated that the damage was extensive. 

It was reported Thursday that a "data security incident" had taken place at Prospect Medical Holdings' facilities in this state as well as in Texas, Connecticut, Rhode Island, and Pennsylvania. These facilities are owned and operated by Prospect Medical Holdings, based in Los Angeles. Prospect Medical Holdings is based in Connecticut and operates 16 hospitals and more than 165 clinics and outpatient centres across Connecticut, Pennsylvania, Rhode Island and Southern California. Prospect Medical spokesperson was unable to provide an estimate regarding when services will resume on Saturday. At the moment, there is no indication of the number of sites affected by this system. 

As of now, the company has seven hospitals in California's Los Angeles and Orange counties. Prospect's website says the company has two behavioural health facilities and a 130-bed acute care hospital in Los Angeles. 

Connecticut hospitals, including Manchester Memorial, Rockville General and Thornwood Hospital, closed their emergency departments from Thursday morning to evening. Patients were transferred between nearby facilities. Connecticut's FBI has issued a statement stating that it is working with "all the law enforcement agencies in the state as well as the victims' entities" but was unable to go into further detail regarding the investigation in progress. 

In addition to elective surgeries and outpatient appointments, blood drives and other services, the Eastern Connecticut Health Network, which operates the facilities, also announced that many primary care services were closed on Friday. While the emergency departments reopened late Thursday, many primary care services were also shut. Upon looking at the website for this network, the website indicates that all patients have been contacted individually. 

There were ongoing technical difficulties on Eastern Connecticut Health Network's website on Saturday night, which, among other things, caused the closure of its services like outpatient medical imaging, outpatient blood draw, and others, as it is a part of the Prospect health system. In a report published by the Hartford Courant on Thursday, two hospitals that are part of the network had to divert patients from their emergency rooms.   

As hospitals digitize and upgrade their medical records to cloud-based servers, ransomware is becoming a more common form of attack, including attacks on healthcare systems. The American Hospital Association's cybersecurity adviser, John Riggi, said that cyberattacks on hospitals have become increasingly common over the past few years. 

It has been reported that Waterbury Hospital, in Waterbury, Conn., has been experiencing disruptions throughout the afternoon and evening. Furthermore, the hospital said some of its outpatient imaging, as well as outpatient surgery services, had been unavailable on Friday and Saturday as well. The company said that it will be using paper records from now on. 

On February 24, 2022, One Brooklyn Health, a hospital group that delivers health care to low-income neighbourhoods in New York, was a victim of a cyberattack that forced hospital employees to use paper records to keep track of patient information. The employees at the time of the attack said that they were a little behind on learning the new system, given that most hospitals have been using electronic records since the mid-1990s, and that some diagnostic tests were taking longer to return due to the attack.

NBC reported that commonSpirit Health, which operates over 140 hospitals and more than 700 care sites across the country, was hit by a cyberattack last year, which resulted in cancelled surgeries, cancelled doctor's appointments, and other delays in the delivery of care. In 2020, Russian hackers launched a ransomware attack against United Health Services, which is affiliated with over 400 hospitals, making it one of the largest attacks of its kind in history and one of the largest attacks in the history of cybercrime. 

Despite these alarming facts, the incident clearly illustrates the vulnerability of healthcare systems to cyberattacks. Critical services are being disrupted across several states as a result. Due to the need for robust cybersecurity measures being urgently needed, the reliance on paper records is an indication of the need. 

As a result of the outbreak of the pandemic, the healthcare sector has been exposed to an increased level of cyber threats. Keeping the data of our patients secure and ensuring the uninterrupted delivery of care in a world that is becoming more interconnected is a vital task of healthcare providers and technology partners working together.
Read more »
U.S.
Coronavirus cyber attack Twitter U.S.

Ransomware Attack Takes Down Massive Food-Supply Chain Providing Distribution of Temperature-Sensitive COVID-19 Vaccines

 

A company whose cold-storage capacities are extremely integral to the U.S. food-supply chain and the Coronavirus vaccine distribution affirmed an operation affecting cyberattack, as per a filing with the Securities and Exchange Commission (SEC). 

Americold is by far the largest cold-storage provider in the U.S. what's more, it operates 183 temperature-controlled warehouses globally, incorporating Argentina, Australia, Canada, and New Zealand; and just got hold of a similar company in Europe. 

For 'an idea of scale’, it holds the agreement for linking the ConAgra food-producing giant to supermarkets and customers. 

The attack appears all the earmarks of being a ransomware episode that began on Nov. 16 and even influenced the organization's phone systems, email, inventory management, and request satisfaction, as indicated by reports on Twitter. 

The filing with the SEC was brief and read that: “As a precautionary measure, the company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations… Security, in all its forms, remains a top priority at Americold, and the company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information.” 

The attack is probably going to be 'highly targeted' and 'very thought of', as per researchers. 

Chloé Messdaghi, Vice President of strategy at Point3 Security, said by means of email, “Human-operated ransomware attacks begin with trojans or other exploits against unsophisticated vectors. Once a way in is found, malware is planted and privileges are elevated. These attacks often exfiltrate data before encrypting files and the attacks are drawn out, with months of potential compromise adding to the potential harms that can result.” 

She added, “That’s why these types of attacks4 pose a greater threat than automated attacks such as WannaCry or NotPetya – they’re intentional and secretive.” 

Fundamentally, Americold has likewise been in conversion with providing storage and transport to the distribution of temperature-sensitive Coronavirus vaccines, as indicated by reports. 

Andrea Carcano, a fellow benefactor of Nozomi Networks, said through email, “The attack against Americold highlights a concerning trend of attackers targeting larger and more critical organizations, these threats should be a wake-up call for security professionals responsible for keeping not only IT, but operational technology (OT) and internet of things (IoT) networks safe. In the manufacturing business, time is money, so the disruption of IT services as well as manufacturing downtime and shipment delays, translates to lost revenue.”

Read more »
malware
Coronavirus Cybersecurity HDFC Bank India malware

Cyber Attacks in India At A Steady Rise as Per India's Cybersecurity Chief

 

National Cyber Security Coordinator Lt Gen (retd) Rajesh Pant recently discussed cyberattacks in India 'having gone up a multifold' in the current environment and alluded to 'China' as a "major challenge" from a cybersecurity perspective for India.

"In such unprecedented times, you mentioned two Cs the challenge of corona and the challenge of cyber. Actually, at the perch which I sit, there are 3 Cs. The third 'C' of course is on our northern border, which is another challenge that we are facing”, Pant said at an event coordinated by the largest private sector lender HDFC Bank. 

He had assumed control over the role of India's cybersecurity chief, later added that almost consistently, 4 lakh malwares are found and 375 cyber-attacks are witnessed. 

Apart from falling prey to voice call-based frauds, individuals ought to likewise be cautious about the click-baits, which are conveyed to extract data from an internet user. 

"This disease of just clicking on the link, this is another reason where the malware drops,” he stated, requesting everyone to contemplate the ongoing cases of frauds at City Union Bank where an individual entered the core banking system through a simple click, and furthermore the ones at Bangladesh Bank and Cosmos Bank. 

"The issue is some of us get unaware and that's how problems start occurring. It's a question of being conscious all the time, not a question of not knowing," said chief risk officer of HDFC Bank Jimmy Tata, as HDFC Bank launched the 'Mooh Bandh Rakho' campaign with the Bank authorities stating that the objective is to zero in on the youth, to spread awareness through different mediums, including more than 1,000 secure banking workshops and furthermore even a rap-song.

Pant had likewise before called for setting up a dedicated industry forum for cybersecurity to develop trusted indigenous solutions for check cyber-attacks. 

“Last year, our official figures were Rs 1.25 lakh crore lost due to cybercrimes in India. Ransomware attacks are increasing every day and these criminals have been working from home. They have no qualms. They are heartless people. They are attacking hospitals because they know in an emergency hospital will pay,” Pant had said at an event organized by industry body Ficci.
Read more »
Vulnerability
Coronavirus Cyber Security National cyber security strategy Vulnerability

The Union Government To Come Up With National Cyber Security Strategy 2020

National Security Adviser Ajit Doval announced that the Union government is set to come up with National Cyber Security Strategy 2020 for guaranteeing a safe, secured, trusted, and resilient cyberspace. 

The proposed strategy toward uniting all cybersecurity agencies for making sure about, reinforcing, and synergizing the cybersecurity ecosystem by closely connecting with businesses, citizens, and beyond.

That endeavors were being made by adversaries to exploit the crisis in the wake of the pandemic through different misinformation, fake news, and social media campaigns. 

"For our adversaries, the huge data floating around in cyberspace is a goldmine for extracting information to undermine the privacy of our citizens and add to the vulnerability of protecting data of our critical information infrastructure, “Mr. Doval said.

He said that phishing campaigns utilizing the Coronavirus theme targeted banks, defence, and critical infrastructure during this period. 

Mr. Doval drew attention to how various conspicuous UPI IDs and web portals were produced while fake Arogya Setu applications propped up to misuse individuals' data only hours after the Prime Minister announced the launch of the PM Cares fund. 

He stated, "Malicious domains and websites to the tune of around 5,000 were registered in a short span of time. We have also witnessed an increase of 500% in cybercrime owing to people’s limited awareness and poor cyber hygiene. Financial frauds have also increased tremendously owing to the increased reliance on digital payment platforms...”

He regretted that absence of indigenous digital solutions like information-sharing facilities and social media platforms had antagonistically influenced the country's self-reliance and cybersecurity. 

He encouraged new start-ups to think of solutions linked with the nation's requirements and build-up ability to guarantee that the country's critical cyber assets were being monitored by skillful native professionals in resonance with the Prime Minister's take for Atmanirbhar.

Read more »
Scam
Coronavirus Cyber Fraud Information Security News Scam

Russian media reported on fake domains for pre-ordering coronavirus vaccine

After the Russian Ministry of Health registered the first coronavirus vaccine, the number of new domains associated with the vaccine increased on the Internet.

Creating a phishing site takes three to four hours thanks to designers and illegal CDNs, and earnings from them can range from thousands of dollars and much more depending on the audience and period, said Andrey Zaikin, head of the Information Security department at CROC IT company.

In the ten days since the vaccine was registered, 113 related domains appeared in the .com and .ru zones, said Eugene Voloshin, Director of the cybersecurity company Bi.Zone. Infosecurity a Softline Company adds that in July-August 2020, 445 domains were registered, which is about nine per day.

Such sites started appearing in March. They offered to buy a non-existent vaccine and medication for coronavirus.

One resource in English offered to pre-order a vaccine in the amount of 10,000 to 1 million doses and pay a quarter of the cost of the batch, reported the Telegram channel @In4security.

According to Check Point, the number of actual attacks related to the coronavirus has decreased: in July, there were about 61 million on average per week, and in June - about 130 million per week. In contrast, Trend Micro believes that the number of Internet threats exploiting the topic of coronavirus is growing, as the number of complaints from citizens has increased three to four times. In the first half of 2020, the company identified 9 million such threats.

The volume of phishing increased as people became much more active on the Internet during the pandemic and this continues to this day, believes expert of Kaspersky Lab. 

Read more »
Technology
Coronavirus Drones Smart City Technology

The Need for Smart Cities in the Post-Pandemic World


Due to coronavirus pandemic, there has been a lockdown worldwide, and it seems, the streets and the normal life has been put on hold. While many people have complained about not getting to go out and enjoy, some people have also cherished their times at home and say it is a good thing, as it has caused the betterment of the environment and planet earth. Going through this current phase, the common question is, 'What happens after all this ends?' And more importantly, 'The concept of smart cities making these improvements permanent.'


This lockdown showed the importance of technology during times of crisis and has raised the question about the future of smart cities. In Singapore, drones were used to ensure people followed the social distancing protocol. Whereas in North Carolina, drones had delivered emergency health supplies to hospitals and people at home. Daniel Rus, a scientist at MIT, and her lab designed a robot used to disinfect food banks in Boston.

In an interview with BBC News, Daniel said that robots are playing a vital role in the fight against the pandemic. According to her, robots might play an essential role in the future when smart cities are built. In the present times, the cities gather data from sensors all over the city, such as traffic lights, lamp posts, or cameras. The data obtained helps determine the AQI (Air Quality Index) and the traffic situation in an area, all of which allows the human life. The lockdown made people realize the importance of such data. For instance, for the first time, people want to know the transport that has come in and went out of the city. They want to know whether the people around them are healthy or not.

Therefore, the post coronavirus world should consider whether they need such technology or not; that is, should the electric vehicles mandated in cities as they offer a better environment? Companies are starting to think about the "Work from Home" concept, as they have realized the additional resources and money that is spent on offices.
Read more »
Zoom
Coronavirus Microsoft 365 Phishing emails Technology Zoom

Microsoft Office 365 Users Targeted By a New Phishing Campaign Using Fake Zoom Notifications



As people across the world struggle to survive the onslaught of the corona pandemic by switching to the work-from-home criteria, the usage and demand of cloud-based communication platform providing users with audio and videoconferencing services have seen a sudden upsurge.

Zoom is one such platform that has from the beginning of 2020 has seen an extremely high increase of new monthly active users after a huge number of employees have adopted remote working.

However recently Microsoft Office 365 users are being targeted by a brand new phishing campaign that utilizes fake Zoom notifications to caution the users who work in corporate environments that their Zoom accounts have been suspended, with the ultimate goal of stealing Office 365 logins.

Reports are as such that those targeted by this campaign are all the more ready to believe in such emails during this time since the number of remote workers participating in daily online meetings through video conferencing platforms, as Zoom has definitely increased because of stay-at-home orders or lockdowns brought about by the pandemic.

 As of now the phishing campaign mimicking automated Zoom account suspension alerts has received by more than 50,000 mailboxes based on details given by researchers as email security company Abnormal Security who recognized these continuous attacks.

The phishing messages spoof an official Zoom email address and are intended to imitate a real automated Zoom notification.

Utilizing a spoofed email address and an email body practically free from any grammar blunders or typos (other than a self-evident 'zoom' rather than 'Zoom account') makes these phishing messages all the more persuading and conceivably more viable.

The utilization of a lively "Happy Zooming!" toward the end of the email could raise a few cautions however, as it doesn't exactly fit with the rest of the message's tone.




As soon as the users click the "Activate Account" button, they are redirected to a fake Microsoft login page through 'an intermediary hijacked site'.

On the phishing landing page, they are asked to include their Outlook credentials in a form intended to exfiltrate their account subtleties to attacked controlled servers.

On the off chance that they succumb to the attackers' tricks, the victims' Microsoft credentials will be utilized to assume full control for their accounts and all their data will be ready for the picking, later to be utilized as a part of identity theft and fraud schemes like the Business Email Compromise (BEC) attacks.

Despite the fact that the US Federal Bureau of Investigation (FBI) had warned of BEC abusing popular cloud email services, like Microsoft Office 365 and Google G Suite through Private Industry Notifications issued in March and in April.

Even after this, Office 365 users are continuously targeted by phishing campaigns with the ultimate objective of reaping their credentials.

Regardless Microsoft has warned of phishers' ongoing movement to new types of phishing strategies, like consent phishing, other than conventional email phishing and credential theft attacks.

Microsoft Partner Group PM Manager Agnieszka Girling says, "While application use has accelerated and enabled employees to be productive remotely, attackers are looking at leveraging application-based attacks to gain unwarranted access to valuable data in cloud services,"

The company additionally has made a legal move to destroy some portion of the attack infrastructure used to host malignant 365 OAuth apps utilized in consent phishing to seize victims' Office 365 accounts.

Read more »
Wi-fi
Coronavirus Cyber Attacks Cyber Security Wi-fi

A New and Amazingly Simple Device in an Era of Pandemics to Protect Your Privacy



A period of pandemics and social distancing sent more people than ever into the work-from-home world. These new realities mean average consumers at home wound up confronted with yet another problem. 

A considerable lot of their household internet setups came up short on the security and protection of bigger workplace setups that incorporate upgraded cybersecurity and firewalls. Here steps in a new and incredibly simple on-hand device to plug those privacy gaps at the source. 

The Firewalla cybersecurity unit hit the market before anyone even realized what a coronavirus was. Nobody could've envisioned how ideal its feature would be. It was initially expected to prevent the 'creep next door' from redirecting the user's Wi-Fi sign or taking advantage of their home security cameras. 

The device is made to shield all devices on the system from cyberattacks and alert the user when anything worrying is to such an extent as endeavored. When the user purchases the unit and assigns out its guard duty, there's no monthly fee. 

The magic device additionally comes with a rather one of a kind feature through which it constructs a personal online firewall, there's the "Family Time Social Hour" ability that totally blocks every single social media platform for each hour in turn. 

Regardless of whether the user needs to compel everybody to complete some work or ground kids in some face-to-face interaction, a world without Twitter or Facebook for an hour is indeed a brilliant place. 

Apart from this addition keeping the user's private messages, documents, and other online behavior behind their home's own readymade firewall, this little blue box empowers monitoring of any minor's Wi-Fi use. 

Parents can likewise utilize Firewalla to keep out unwanted sites and online networking intruders. 

Nonetheless, the devices are pretty simple to set up and ready to improve personal and home-based situated online security in numerous ways, the Firewalla is a sensibly evaluated and viable choice for ensuring online privacy regardless of whether your home hasn't become a base for pandemic-time homebound work. 

The Firewalla Blue comes with 500Mb processing power, while the more affordable Firewalla Red offers 100Mb and sells for $109. As of now, only Firewalla Red is accessible at Amazon. Nonetheless, both the versions remain accessible and in stock at the Firewalla website.


Read more »
Subscribe to: Posts (Atom)