Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

What happens when a patient is in X-Ray and the X-Ray machine blows up like a bomb killing the patient and staff in the room? Well, a new report shows that it can happen where machines are connected to any network (including the net) because a team of hackers showed in their report how they were they hacked several D.C. and Maryland Hospitals medical devices and numerous machines including life support, X-Rays, etc.

Area hospitals are riddled with cybersecurity flaws that could allow attackers to hack into medical devices and kill patients, a team of Baltimore-based researchers has concluded after a two-year investigation.

Hackers at Independent Security Evaluators say they broke into one hospital’s systems remotely to take control of several patient monitors, which would let an attacker disable alarms or display false information.

The team says it strolled into one hospital’s lobby and used an easily accessible kiosk to commandeer computer systems that track medicine delivery and bloodwork requests — more opportunities for malicious hackers to create mayhem.

Read more

A very bad and at times dangerous trend:

Hackers for hire; very lucrative new consulting business for out of work tech specialists.

As hackers switch to malware-as-a-service model to make their malicious tools and services available to general public, security firms struggle to find a way to catch the bad guys.

Read more

Ireland has real opportunity to benefit from increased global investment and establish itself as a world-class hub for cyber security practices, solutions and investment, according to a new report from Deloitte. Conducted in association with the International Sustainability and Investment Centre, the report found that Ireland has proven itself to be an innovative centre for technology and has the potential to become a world leader in cyber security.

Respondents to a survey for this report identified increased regulation on data privacy (73%), more sophisticated scamming and phishing (59%), and growth in identity theft (53%) as the major trends in the cyber area over the next five years. This will force businesses to change how they organise and manage their data security.

More than one third (36%) of respondents believe there will a trend towards outsourcing cyber management to third party organisations, and 27 percent think that businesses will establish global/regional centres of excellence for managing this function. The implication of this will be that a small number of locations will be preferred for basing these centres of excellence.

Read more

Law Firms are prime targets for hackers.

Law firms are considered by many hackers to be soft targets with a wealth of valuable information. Data from social security numbers, credit cards, and client confidences is enough to make the criminal mind salivate with malicious intent. Between 31–45% and 10–20% of firms have been infected by spyware or experienced security breaches respectively. But what can a private practitioner or law firm do to prevent these trespasses on their networks?

In this episode of The Florida Bar Podcast, host Adriana Linares welcomes cyber security expert Sherri Davidoff to discuss the dangers to data that exist for law firms today. To begin their dialog, they define what ransomware is and tell us why so many firms give in to its extortion.

Tune in to learn what practitioners can do to counteract or mitigate some of the risks. Spam filters, employee training, role-based access controls, and anti-virus software are among many countermeasures available for even small firms. In addition, lawyers may want to consider network monitoring, cloud-based software platforms, and comprehensive backup and retrieval systems. The key to successfully implementing the latter is to test your IT firm’s ability to restore lost files.

Read more

I wish the CA AG a lot of luck; however, her approach is very questionable when you think about downstream access and feed type scenarios. Example, Business in Boston MA has an agreement with a cloud host company in CA, and Boston also has data that it pulls in from Italy, DE, etc. plus has a service that it offers to all of users and partners in the US and Europe that is hosted in CA.

How is the CA AG going to impose a policy on Boston? It can’t; in fact the business in Boston will change providers and choose to use someone in another state that will not impact their costs and business.

BTW — I didn’t even mention the whole recent announcement from China on deploying out a fully Quantum “secured” infrastructure. If this is true; everyone is exposed and this means there is no way companies can be held accountable because US didn’t have access to the more advance Quantum infrastructure technology.

https://lnkd.in/b9xXVAN

Feb. 17 — California Attorney General Kamala Harris (D) has released the state’s data breach report, laying out the legal and ethical responsibilities of businesses to keep information safe and perhaps most importantly outlining what the state believes is “reasonable security” that companies must employ to avoid possible enforcement actions.

Under the state’s information security statute, businesses must use “reasonable security procedures and practices” that “protect personal information from unauthorized access, destruction, use, modification, or disclosure,” the report said.

Under the guidelines in the report released Feb. 16, failing to implement all 20 of the Center for Internet Security’s Critical Security Controls that apply to an organization’s environment constitutes a lack of reasonable security. The controls define a minimum level of information security all organizations that collect or maintain personal information should meet.

Read more

Microsoft founder Bill Gates has broken with other Silicon Valley giants by backing the FBI in its battle with Apple over hacking into a locked iPhone as part of the investigation into last December’s San Bernardino terror attack.

In an interview with the Financial Times published Tuesday, Gates said a court order requiring Apple to help the FBI access a work phone belonging to gunman Syed Farook was” a specific case where the government is asking for access to information. They are not asking for some general thing, they are asking for a particular case.”

Gates went on to compare the FBI’s request to accessing bank and telephone records. However, he added that the government must be subject to rules about when it can access such information.

Read more

Very concerning news for the US security; we’ll see how the US responds. Remember, our largest hackers in the US is China; so we’ll need to determine what this means as well as how vulnerable we are.

http://www.globaltimes.cn/content/969692.shtml

China’s stock markets have been stabilizing in recent days after the rollercoaster ride at the start of the year. And one bright point has been stocks related to quantum communications, showing renewed investor interest in the new technology, which will play an important role in creating a safety net for the increasingly information technology-savvy economy.

The fact that China has taken an early lead in developing the technology and translating it into real-world quantum communications projects should give added fuel to the market hype about the apparently unfathomable yet promising investment theme.

Thus far, the practical application of the technology has mostly featured quantum key distribution, which uses tricks of quantum mechanics to enable encryption codes or keys shared between two parties that are written upon single photons of light. If an eavesdropper tries to hack the codes, they will immediately be detected because of having caused disturbance to the encoding of the photon.

Read more

FBI not able to hack a phone is really starting to make them look really bad. Granted Apple has created a more advance encryption format on their phones; however, FBI is supposed to be a lot more advance than this.

Why would you want your smart phone encrypted? To protect the information on it should it get lost or stolen, and to ensure no one has tampered with your data.

Read more