Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Global Attacks. Show all posts
Technology
Amazon Cryptography CyberCrime CyberThreat Global Attacks Google Microsoft NIST PQC Quantum Technology

Microsoft and Amazon’s Quantum Progress Poses New Risks for Encryption

 


Microsoft, Amazon, and Google have all announced recent advances in quantum computing that are likely to accelerate the timeline for the possible obsolescence of current encryption standards. These developments indicate that it will become increasingly important to address the vulnerabilities posed by quantum computing to existing cryptographic protocols shortly. Those who are leading the way in the technological race are those who are advancing quantum computing technology, which is the most powerful technology that will be able to easily decrypt the encryption mechanisms that safeguard the internet's security and data privacy. 

On the other hand, there are researchers and cybersecurity experts who are working on the development of post-quantum cryptography (PQC) - a new generation of encryption technologies that can handle quantum system computational power with ease. A quantum-resistant encryption system must be prioritized by organisations and governments to ensure long-term security of their data and digital communications, especially as the quantum era has come closer than anticipated to being realized. 

Even though quantum decryption and quantum-resistant encryption are competing more than ever, the race for global cybersecurity infrastructure requires strategic investment and proactive measures. There has been an important advancement in quantum computing in the field, with Amazon Web Services (AWS) announcing the inaugural quantum computing chip called Ocelot, which represents a significant step in the pursuit of practical quantum computing. 

One of the most critical challenges in the field is error correction. Using Ocelot, Amazon Web Services claims that it may be possible to drastically reduce the cost of quantum error correction by as much as 90 percent, thus speeding up the process toward fault-tolerant quantum systems being realized. In the future, error correction will continue to be an important barrier to quantum computing. This is because quantum systems are inherently fragile, as well as highly susceptible to environmental disturbances, such as fluctuating temperatures, electromagnetic interference, and vibrations from the environment.

As a result of these external factors, quantum operations are exposed to a substantial amount of computational errors, which make it extremely challenging to maintain their stability and reliability. Research in quantum computing is progressing rapidly, which means innovations like Ocelot could play a crucial role in helping mitigate these challenges, paving the way for more robust and scalable quantum computing in the future. 

If a sufficiently advanced quantum computer has access to Shor's algorithm or any potential enhancements to it, it will be possible for it to decrypt existing public key encryption protocols, such as RSA 2048, within 24 hours by leveraging Shor's algorithm. With the advent of quantum computing, modern cybersecurity frameworks are going to be fundamentally disrupted, rendering current cryptographic mechanisms ineffective. 

The encryption of any encrypted data that has been unauthorizedly acquired and stored under the "harvest now, decrypt later" strategy will become fully available to those who have such quantum computing capabilities. A severe breach of internet communications, digital signatures, and financial transactions would result in severe breaches of trust in the digital ecosystem, resulting in serious losses in trust. The inevitability of this threat does not depend on the specific way by which PKE is broken, but rather on the certainty that a quantum system with sufficient power will be able to achieve this result in the first place. 

Consequently, the National Institute of Standards and Technology (NIST) has been the frontrunner in developing advanced encryption protocols designed to withstand quantum-based attacks in response to these threats. Post-quantum cryptography (PQC) is an initiative that is based on mathematical structures that are believed to be immune from quantum computational attacks, and is a product of this effort. To ensure the long-term security of digital infrastructure, PKE must be replaced with PQC. There is, however, still a limited amount of awareness of the urgency of the situation, and many stakeholders are still unaware of quantum computing's potential impact on cybersecurity, and are therefore unaware of its potential. 

As the development of quantum-resistant encryption technologies through 2025 becomes increasingly important, it will play an increasingly important role in improving our understanding of these methodologies, accelerating their adoption, and making sure our global cybersecurity standards will remain safe. For a cryptographic method to be effective, it must have computationally infeasible algorithms that cannot be broken within a reasonable period. These methods allow for secure encryption and decryption, which ensures that data is kept confidential for authorized parties. However, no encryption is completely impervious indefinitely. 

A sufficiently powerful computing machine will eventually compromise any encryption protocol. Because of this reality, cryptographic standards have continuously evolved over the past three decades, as advances in computing have rendered many previous encryption methods obsolete. For example, in the "crypto wars" of the 1990s, the 1024-bit key encryption that was at the center of the debate has long been retired and is no longer deemed adequate due to modern computational power. Nowadays, it is hardly difficult for a computer to break through that level of encryption. 

In recent years, major technology companies have announced that the ability to break encryption is poised to take a leap forward that has never been seen before. Amazon Web Services, Google, and Microsoft have announced dramatic increases in computational power facilitated by quantum computing technology. Google introduced "Willow" in December and Microsoft announced "Majorana 1" in February, which signals a dramatic rise in computational power. A few days later, Amazon announced the "Ocelot" quantum computing machine. Each of these breakthroughs represents an important and distinct step forward in the evolution of quantum computing technology, a technology that has fundamentally redefined the way that processors are designed. 

In contrast to traditional computing systems, quantum systems are based on entirely different principles, so their efficiency is exponentially higher. It is evident that advances in quantum computing are accelerating an era that will have a profound effect on encryption security and that cybersecurity practices need to be adjusted urgently to cope with these advances. In recent years, quantum computing has made tremendous strides in computing power. It has led to an extraordinary leap in computational power unmatched by any other technology. In the same manner as with any technological breakthrough that has an impact on our world, it is uncertain what it may mean. 

However, there is one aspect that is becoming increasingly clear: the computational barriers that define what is currently infeasible will be reduced to problems that can be solved in seconds, as stated by statements from Google and Microsoft. In terms of data security, this change has profound implications. It will be very easy for quantum computers to unlock encrypted information once they become widely accessible, thus making it difficult to decrypt encrypted data today. Having the capability to break modern encryption protocols within a matter of seconds poses a serious threat to digital privacy and security across industries. 

The development of quantum-resistant cryptographic solutions has been undertaken in anticipation of this eventuality. A key aspect of the Post-Quantum Cryptography (PQC) initiative has been the leadership role that NIST has been assuming since 2016, as it has played a historical role in establishing encryption standards over the years. NIST released a key milestone in global cybersecurity efforts in August when it released its first three finalized post-quantum encryption standards. 

Major technology companies, including Microsoft, Amazon Web Services (AWS), and Google, are not only contributing to the advancement of quantum computing but are also actively participating in the development of PQC solutions as well. Google has been working with NIST on developing encryption methods that can withstand quantum-based attacks. These organizations have been working together with NIST to develop encryption methods that can withstand quantum attacks. During August, Microsoft provided an update on their PQC efforts, followed by AWS and Microsoft. 

The initiatives have been in place long before the latest quantum hardware advances, yet they are a strong reminder that addressing the challenges posed by quantum computing requires a comprehensive and sustained commitment. However, establishing encryption standards does not guarantee widespread adoption, as it does not equate to widespread deployment. As part of the transition, there will be a considerable amount of time and effort involved, particularly in ensuring that it integrates smoothly into everyday applications, such as online banking and secure communications, thereby making the process more complex and time consuming. 

Because of the challenges associated with implementing and deploying new encryption technologies on a large scale, the adoption of new encryption technologies has historically spanned several years. Due to this fact, it cannot be overemphasized how urgent it is for us to prepare for a quantum era. A company's strategic planning and system design must take into account PQC considerations proactively and proactively. It has become increasingly clear that all organizations must address the issue of PQC rather than delay it. The fundamental principle remains that if the user breaks encryption, they are much more likely to break it than if they construct secure systems. 

Moreover, cryptographic implementation is a complex and error-prone process in and of itself. For the cybersecurity landscape to be successful at defending against quantum-based threats, a concerted, sustained effort must be made across all aspects. There is a lot of excitement on the horizon for encryption, both rapidly and very challenging. As quantum computing emerges, current encryption protocols face an existential threat, which means that organizations that fail to react quickly and decisively will suffer severe security vulnerabilities, so ensuring the future of digital security is imperative.
Read more »
National Security
Cyber Attacks CyberCrime Cybersecurity CyberThreat Global Attacks Google Mandiant Incident Response Groud National Security

National Security Faces Risks from Cybercrime Expansion

 


The incidence of cyberattacks globally increased by 125% in 2021 compared to 2020, posing a serious threat to businesses and individuals alike. Phishing continues to be the most prevalent form of cybercrime worldwide and is expected to continue this upward trend into 2022, showing that cybercrime is becoming more prevalent worldwide. 

 There was a report in 2021 that around 323,972 internet users were victims of phishing attacks, covering nearly half of all the individuals who were affected by data breaches. During the peak COVID-19 pandemic, around 220% of complaints of phishing were reported, further escalating cybersecurity risks. 

Nearly one billion emails were exposed as well in 2021, which has affected approximately one in five users of the internet, with approximately 60 million emails being exposed. The constant exposure of sensitive information may have contributed to the prevalence of phishing attacks, which reinforces the importance of enacting stronger cybersecurity measures to reduce the risk of such attacks. There have been numerous instances where criminal groups have deployed ransomware to disrupt business operations for extortion. 

They have recently included threats concerning the exposure of their stolen data in their extortion strategies. Now that this method is regarded as a standard practice, it has resulted in a significant increase in the amount of sensitive information that is publicized, which has resulted in such data becoming increasingly accessible, which presents opportunities for state intelligence agencies to obtain and utilize such data to their advantage.

The Mandiant Incident Response Group of Google recently released a report that indicated that in 2024, the organization worked to mitigate nearly four times as many cyber intrusions related to financially motivated groups as those related to nation-states. This report may help shed further light on the issue. Despite the differences in motivation, cybersecurity experts have observed that the tactics, techniques, and procedures used by financially motivated cybercriminals and state-sponsored threat actors appear to be merging, potentially by design, together as they pursue their objectives. 

In the opinion of Ben Read, Senior Manager at Google's Threat Intelligence Group, an expansive cybercriminal ecosystem has increased the number of state-sponsored hacking attacks, most likely because the ecosystem provides malware, exploits weaknesses, and, in some cases, facilitates broad-based cyber operations. In the course of his speech, he pointed out that when outsourcing capabilities to third parties, they are frequently more cost-effective and offer greater functionality than when developed directly by governments. 

According to a geopolitical perspective, a market-driven cyber attack can be just as damaging and disruptive as one orchestrated by a nation-state, underscoring the need for a comprehensive cybersecurity strategy that attracts as many resources as possible. Cybercrime played a significant role in the COVID-19 pandemic. Businesses were compelled to change over to remote working environments rapidly as a result of the virus spreading, which created vulnerabilities in security protocols and network misconfigurations that were exploited by cybercriminals. 

Consequently, malware attacks increased by 358% in 2020 and were 100 times greater than in the previous year as a result of the pandemic. Cybercrime victims per hour were also at an all-time high as a result of the epidemic. Cybercrime victims have been reported to have fallen victim to cybercrime on an average of 53 persons every hour for the entire year of 2019. However, the number is projected to be 90 per hour for 2020, which reflects a surge of 69%. 

It has been demonstrated that cybersecurity risks are increasing as a result of the rapid digital transformation resulting from the global health crisis in Pakistan. Cybercrime has become increasingly common in recent years in Pakistan, with financial fraud being the most common reported crime. The number of financial fraud-related cybercrimes reported in 2020, out of 84,764 total complaints received, surpassed incidents of hacking (7,966), cyber harassment (6,023), and cyber defamation (6,004) by a margin of 20,218 victims. 

Social media has further aggravated the problem as well, with the number of complaints submitted about financial fraud on these platforms increasing by 83% between 2018 and 2021. In 2021 alone, 102,356 complaints were filed, with 23% of the cases being linked to Facebook and one other social network. As a consequence, cybercrime has also seen a sharp increase in India, with reported cases of cybercrime increasing significantly over the last few years. 

In 2018, there were 208,456 reported incidents, and in the first two months of 2022, this number had already exceeded 212,485, which is significantly higher than the number of cases in 2018. There is no doubt the pandemic triggered a steady rise in cybercrime incidents, which increased from 394,499 in 2019 to 1,158,208 in 2020 and to 1,402,809 in 2021 due to the pandemic. In 2022, cybercrime in India is projected to increase by 15.3% from the first quarter to the second quarter, in addition to the number of websites that have been hacked in India, increasing from 17,560 in 2018 to 26,121 in 2020. 

As Ransomware attacks have risen over the years, it has also become a major concern for Indian organizations, with 78% affected by these attacks in 2021, which resulted in 80% of them encrypting data, a number that is higher than the global average of 66% for attacks and 65% for encryption. According to the Home Ministry, financial fraud continues to account for the largest percentage of reported incidents among cybercriminals in India, accounting for 75% of them between 2020 and 2023, reaching a peak at over 77% in that period. 

As a result of joint sanctions imposed on Tuesday by the United States, the United Kingdom, and the Australian governments, security experts and experts are concerned about a Russian bulletproof hosting provider, Zservers. Zservers is suspected of facilitating ransomware attacks, including those orchestrated under LockBit. There are certain applications that, according to the UK government, form part of an illicit cyberinfrastructure that facilitates cybercriminal activities, such as ransomware attacks, extortion, and storage of stolen data, and sustains the operations of cybercriminal businesses, which are responsible for such operations.

The British Foreign Secretary, David Lammy, has described Russia as a corrupt and implacable country characterized by its ruthlessness and corruption, stating that it is not at all surprising that some of the world's most notorious cybercriminals operate within its borders. Russian intelligence agencies themselves have been reported to use these cybercriminal tools and services. Google's Threat Intelligence Group has highlighted that Russian military operations in Ukraine are being supported by criminal cyber capabilities as part of Russia's strategy for bolstering military operations.

There are several specific examples, including the Russian military intelligence unit Sandworm, also known as APT44, that utilizes commercial hacking tools for cyber espionage and disruption, and Moscow also uses the RomCom group to conduct espionage activities against Ukraine, a group normally associated with cybercrime. It should also be noted that Russia is not the only country accused of blurring the line between state-sponsored hacking and crime. 

The Iranian threat actors have been reported to use ransomware to generate financial resources. They are also known to engage in cyber espionage, while Chinese cyber espionage groups are known to also get involved in cybercrime as a means to complement their activities. It is suspected that North Korea is a nation that actively exploits cyber operations for financial gain, and it heavily targets cryptocurrency exchanges and individual crypto wallets to generate revenue for its regime to support its nuclear programs. 

The threat of cybercrime is on the rise, and the government is being urged to take stronger measures to combat it. In a recent report, the Google Threat Intelligence Group emphasized the critical importance of disrupting cybercriminal operations, emphasizing that cyber threats are becoming a major national security threat. Google Threat Intelligence head Sandra Joyce recently issued a warning that cybercrime no longer needs to be seen as a minor issue and that considerable efforts are required to mitigate its impacts on international security going forward.
Read more »
Supply Chain Attack
Cyber Attacks File Transfer Tool Global Attacks Global Firms Malicious Payload Supply Chain Attack

BBC, British Airways Among High Profile Victims in Global Supply-Chain Hack

 

A rising number of organisations, including the BBC, British Airways, Boots, and Aer Lingus, are being impacted by a widespread attack.

Staff members have received warnings that personal information, including social security numbers and, in some circumstances, bank information, may have been stolen.

The hackers used a well-known piece of software as a gateway to access numerous businesses simultaneously. There are no reports of money being taken or requests for ransom.

One of the impacted businesses in the UK is the payroll services provider Zellis, which reported that data from eight of its customer organisations had been stolen. 

Organisations are notifying employees on their own, though it wouldn't give names. The BBC informed the staff via email that the stolen data contained staff ID numbers, dates of birth, residential addresses, and national insurance numbers. 

British Airways employees have been told that some of their bank information may have been stolen. The National Cyber Security Centre of the UK stated that it was keeping an eye on the situation and recommended businesses using the affected software to apply security updates.

The attack was initially made public last week when US business Progress Software said that hackers had discovered a way to access its MOVEit Transfer application. The majority of MOVEit's users are in the US, although the programme is well-known throughout the world for safely moving sensitive files.

When the exploit was found, according to Progress Software, it immediately informed its clients and made a security update available for download. 

A company spokeswoman stated that the company is collaborating with the police to "combat increasingly sophisticated and persistent cybercriminals intent on maliciously exploiting vulnerabilities in widely used software products".

Businesses using MOVEit were advised to download a security patch on Thursday by the US Cybersecurity and Infrastructure Security Agency to prevent further breaches. 

However, security researcher Kevin Beaumont claimed that because many impacted companies had not yet installed the remedy, internet scans revealed that thousands of company datasets may still be exposed.

Experts predicted that instead of extorting money from individuals, cybercriminals would try to do so from businesses. Although no public ransom demands have been made as of yet, it is anticipated that cybercriminals will start emailing impacted firms to demand payment. They'll probably threaten to release the info online for other hackers to browse. 

Victim organisations caution personnel to be alert for any dubious communications that could result in additional cyberattacks. Microsoft stated that it felt the perpetrators were connected to the infamous Cl0p ransomware organisation, which is thought to have its base of operations in Russia, despite the fact that no official attribution had been established.

The US tech giant claimed in a blog post that it was attributing assaults to Lace Tempest, a ransomware operator and owner of the Cl0p extortion website where victim data is exposed. According to the business, the hackers who were behind the attack have previously used similar methods to extort victims and steal data. 

"This latest round of attacks is another reminder of the importance of supply chain security," stated John Shier, from cyber security company Sophos. "While Cl0p has been linked to this active exploitation it is probable that other threat groups are prepared to use this vulnerability as well."
Read more »
Threat Intelligence
Cyber Crime Cybersecurity Agencies Global Attacks IRS Pilot Program Threat Intelligence

IRS Sends Cyber Attachés Abroad to Combat Cybercrime

 

The Criminal Investigation (CI) of the Internal Revenue Service (IRS) is taking a courageous initiative in the fight against cybercrime by sending cyber attachés across four continents. Earlier on Thursday, the regulator provided this update.

The most recent plan focuses on preventing tax and financial crimes involving cryptocurrencies, decentralised finance, peer-to-peer payments, and mixing services; the CI hopes to improve global cooperation in the struggle against these illegal practises. 

The effort highlights the IRS's dedication to always being one step ahead of cybercriminals in the rapidly changing digital environment. 

Beginning of the global cyber showdown

A pilot programme run by the IRS CI will begin in June and place cyber attachés in key sites throughout the world. Sydney, Singapore, Bogota, and Frankfurt were selected as the cities for deployment, representing Australia, Asia, South America, and Europe, respectively. 

These attachés will use their specialised expertise in close cooperation with regional law enforcement organisations to combat tax evasion, financial fraud, and other illegal actions made possible by digital currency. 

The IRS CI seeks to foster a seamless interchange of knowledge, information, and resources with foreign counterparts by stationing cyber attachés abroad. This proactive strategy is aware that a unified worldwide front is necessary to effectively battle cybercrime.

Jim Lee, Chief of the CI, emphasises the significance of providing international partners with the same level of expertise and resources as those available within the United States. To address the global scope of cyber threats, this programme will need to forge powerful multinational coalitions. 

The use of cyber attachés expands on the CI's prior international cooperation initiatives. A permanent cyber attaché from the CI has been based at the Europol headquarters in The Hague, Netherlands, since 2020. 

To promote collaboration and coordination with European law enforcement authorities, this role was created. With the expansion of the attaché programme, the CI is now able to reach more people and have a greater influence in areas that are known to be hubs for cybercriminal activity. 

An emphasis on crypto-inspired crimes 

Cybercriminals are using cryptocurrency for different illegal activities as the world becomes more digitised. The IRS's decision to give tax and financial crimes involving cryptocurrencies top priority shows how determined it is to confront these new dangers head-on. 

The CI attempts to safeguard people, businesses, and the economy by focusing on criminal activity such as tax fraud, drug trafficking, money laundering, public corruption, and healthcare fraud.

U.S. authorities are increasingly going after cybercriminals, especially those who use cryptocurrencies or decentralised finance (DeFi) to do their crimes. In a recent development, the IRS seized two domains connected to the notorious mixing service, ChipMixer, which is notorious for its involvement in hacking schemes, fraud, cryptocurrency heists, and ransomware operations. 

Such measures strongly suggest that law enforcement organisations are aggressively going after persons who use digital currencies for illegal purposes. Nevertheless, despite the ongoing cybercrimes in the sector, the cryptocurrency market has remained calm. With a valuation firmly above $1 trillion, the global cryptocurrency market has lost 1.1% during the last 24 hours.
Read more »
User Privacy
Cyber Attacks Data Safety Global Attacks Ransomware Gang Ransomware Operation User Privacy

Targeting Businesses Globally, the Medusa Ransomware Gang Gains Momentum

 

In 2023, a ransomware operation by the name of Medusa began to gain momentum. It targets corporate targets globally and demands a million-dollar ransom.

Starting in June 2021, the Medusa operation saw just a small number of victims and a low level of activity. However, the ransomware gang ramped up its operations in 2023 and established a "Medusa Blog" that allowed victims who declined to pay a ransom to have their data released. 

Last week, Medusa came under public scrutiny after claiming responsibility for an attack on the Minneapolis Public Schools (MPS) district and sharing a video of the data that was taken. 

Will the genuine Medusa rise up? 

Medusa is the name of several malware families, including the well-known MedusaLocker ransomware operation, an Android malware family, and a Mirai-based botnet with ransomware capabilities.

Owing to the family's popularly used name, there has been some ambiguous information about it, leading many people to believe it is the same as MedusaLocker. Yet, there are significant operational differences between the Medusa and MedusaLocker malware.

The MedusaLocker operation debuted in 2019 as a Ransomware-as-a-Service, with a large number of affiliates, a ransom note typically called How_to_back_files.html, and a wide range of file extensions for encrypted files. 

For negotiation, the MedusaLocker operation uses a Tor website at qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion. 

However, the.MEDUSA static encrypted file extension and the !!!READ_ME_MEDUSA!!!.txt ransom notes have been used by the Medusa ransomware operation since its launch in June 2021. 

Using Windows devices to encrypt data 

Currently, it is unknown if BleepingComputer has a Medusa encryption programme for Linux; they have only been able to analyse the Windows version. The Windows encryptor will accept command-line arguments that let a threat actor control the encryption settings for files on the system. For instance, the ransomware will display a console and display status messages as it encrypts a device if the -v command line argument is used.

The Medusa ransomware terminates over 280 Windows services and processes for programmes that might stop files from being encrypted on a regular basis, without command line parameters. Windows services for database servers, backup servers, and security applications are among them. Then, in order to impede file recovery, the ransomware will erase Windows Shadow Volume Copies. 

Michael Gillespie, a ransomware expert, examined the encryptor as well and revealed to BleepingComputer that it encrypts files using AES-256 + RSA-2048 encryption with the BCrypt library. 

Like the majority of ransomware operations that target businesses, Medusa features a website called "Medusa Blog" that leaks data. The usage of this website is a part of the gang's double-extortion scheme, in which victims who decline to pay a ransom are given access to their data. 

A victim's data is not instantly made public when they are joined to the data leak. As an alternative, the threat actors offer the victims payment choices to delay the release of data, erase the data, or download the entire set of data. The cost of each of these choices varies. 

The ransom is demanded to increase the victim's stress and frighten them into paying a ransom. Regrettably, there are no documented flaws in the Medusa Ransomware encryption that allow victims to recover their files without paying.
Read more »
ransomware attacks
Cyber Attacks Global Attacks Healthcare Hacking Healthcare system ransomware attacks

Significant Rise in Cyberattacks Against Healthcare Facilities, 68 Attacks in Q3 2021

 

Cyberattacks against healthcare facilities increased alarmingly last month, around 68 healthcare providers were locked out of their networks by ransomware attacks in the third quarter of this year, putting patient security and privacy at risk. 

Without a holistic whole-facility cybersecurity approach, specialists fear that patients would be unable to get essential care at a targeted facility. The Hillel Yaffe Medical Center in Hadera, Israel, and Johnson Memorial Health Hospital in Franklin, Indiana, are just two examples of the medical facilities targeted. 

The early-October cyberattack at Johnson Memorial Hospital locked databases and compromised patient data. A ransom amount was surprisingly not demanded. Hillel Yaffe Medical Center was attacked by Black Shadow, a reportedly Iran-backed group, in early November. Investigators believed it would take many weeks to recover and grasp the full scope of what had happened because 290,000 people's personal data had been leaked. 

Healthcare facilities' legacy OT equipment becomes exposed to hackers as they upgrade. Water, HVAC, oxygen, electrical, and other key systems are all connected, yet they may not be properly monitored or protected in terms of cybersecurity. Any of these utilities being compromised will have a detrimental influence on patient care, perhaps putting the lives of individuals being treated at risk. 

Ilan Barda, CEO of Radiflow stated, “Accessing patient data is worrisome, but the idea of hackers gaining access to components in a specific ward or even a single operating room is alarming.” 

“CISOs at facilities should focus on both IT systems and OT environments, starting from risk assessment to threat monitoring. There should be continuous holistic risk management for more mature organizations that combine both IT and OT systems. With Radiflow, teams can monitor the full range of a healthcare OT security from one central location.” 

With 68 global attacks on healthcare facilities in Q3 of this year alone, the US Department of Health and Human Services (HHS) had warned of worrisome trends in 2021.
Read more »
Subscribe to: Posts (Atom)