Medical Data Becoming Valuable To Hackers
Comments Off on Medical Data Becoming Valuable To Hackers
The personal information stored in health care records fetches increasingly impressive sums on underground markets, making any company that stores such data a very attractive target for attackers.
“Hackers will go after anyone with health care information,” said John Pescatore, director of emerging security trends at the SANS Institute, adding that in recent years hackers have increasingly set their sights on EHRs (electronic health records).
With medical data, “there’s a bunch of ways you can turn that into cash,” he said. For example, Social Security numbers and mailing addresses can be used to apply for credit cards or get around corporate antifraud measures.
This could explain why attackers have recently targeted U.S. health insurance providers. Last Tuesday, Premera Blue Cross disclosed that the personal details of 11 million customers had been exposed in a hack that was discovered in January. Last month, Anthem, another health insurance provider, said that 78.8 million customer and employee records were accessed in an attack.
Both attacks exposed similar data, including names, Social Security numbers, birth dates, telephone numbers, member identification numbers, email addresses and mailing addresses. In the Premera breach, medical claims information was also accessed.
If the attackers try to monetize this information, the payout could prove lucrative.
Credentials that include Social Security numbers can sell for a couple of hundred dollars since the data’s lifetime is much longer compared to pilfered credit card numbers, said Matt Little, vice president of product development at PKWARE, an encryption software company with clients that include health care providers. Credit card numbers, which go for a few dollars, tend to work only for a handful of days after being reported stolen.
ARM Buys Offspark For IoT
ARM has snaffled up Dutch Internet of Things (IoT) company Offspark.
The move is designed to improve ARM’s security credentials for IoT offerings.
Offspark is the creator of PolarSSL, a widely used protocol for IoT security products, and ARM hopes that the combined companies can offer a one-stop shop for IoT developers.
Krisztian Flautner, ARM’s IoT manager, said: “PolarSSL technology is already deployed by the leading IoT players.
“The fact that those same companies also use ARM Cortex processor and software technologies means we are now able to provide a complete bedrock solution for the industry to innovate from.”
The product will be renamed ARM Mbed TLS, but will remain open source, reports Tech Week Europe.
Paul Bakker, CEO of Offspark, added: “Security is the most fundamental aspect in ensuring people trust IoT technology and that is only possible with a truly tailored solution.
“Together, ARM and Offspark can provide security to the edge of any system and we look forward to working with our partners to help them deliver some exciting new projects.”
Developers will be able to license the technology for commercial use as well as embedding it into future ARM products.
Last week the company released the ARM Cortex-A72 processor, a 64-bit effort offering support for Android 5.x Lollipop and incorporating the big.LITTLE architecture that prioritises jobs to different processor cores based on their computational requirements.
A message on the Offspark website indicates that it has been taken down and redirects to ARM.
ARM Develops IoT For Students
ARM has created a course to teach IoT skills to students at University College London (UCL)
The course is designed to encourage graduates in science, technology, engineering and maths (Stem) to seek careers in IT.
The IoT Education Kit will teach students how to use the Mbed IoT operating system to create smartphone apps that control mini-robots or wearable devices.
Students are expected to be interested in building their own IoT business, or joining IoT-focused enterprises like ARM. The course will also try to limit the number of Stem graduates pursuing non-technology careers.
ARM reported statistics from a 2012 study by Oxford Policy and Research revealing how many engineering graduates (36 percent of males, 51 percent of females), technology graduates (44 percent, 53 percent) and computer scientists (64 percent, 66 percent) end up with non-Stem jobs.
The IoT Education Kit will be rolled out by UCL’s Department of Electronics from September 2015, with a week-long module for full-time and continuing professional development students.
The Kit comprises a complete set of teaching materials, Mbed-enabled hardware boards made by Nordic Semiconductor, and software licensed from ARM. A second teaching module for engineering graduates is being developed for 2016.
“Students with strong science and mathematical skills are in demand and we need to make sure they stay in engineering,” said ARM CTO Mike Muller.
“The growth of the IoT gives us a great opportunity to prove to students why our profession is more exciting and sustainable than others.”
UCL professor Izzat Darwazeh also highlighted the importance of Stem skills, saying that “many students are not following through to an engineering career and that is a real risk to our long-term success as a nation of innovators”.
Is The Internet Secure?
June 9, 2014 by admin
Filed under Around The Net
Comments Off on Is The Internet Secure?
Hacker blogger Quinn Norton is getting a lot of coverage with her blog claiming that the Internet is broken. She argues that every computer and every piece of software we use is vulnerable to hackers because of terrible security flaws. Norton blames these flaws on the fact that developers who face immense pressure to ship software quickly.
Norton says that those bugs may have been there for years unnoticed, leaving systems susceptible to attacks. One of her hacker mates accidentally took control of more than 50,000 computers in four hours after finding a security vulnerability. Another one of her colleagues accidentally shut down a factory for a day after sending a “malformed ping.”
She said that the NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom. The other problem is software is too complicated and the emphasis placed on security too light.
“The number of people whose job it is to make software secure can practically fit in a large bar, and I’ve watched them drink. It’s not comforting. It isn’t a matter of if you get owned, only a matter of when,” Norton said.
Is Yahoo Really Back?
Yahoo has once again made the list as one of the world’s 100 most valuable brands.
The Internet company nabbed the 92nd spot in the annual list of global companies from multiple industries including technology, retail and service, released Tuesday by BrandZ, a brand equity database. The ranking gave Yahoo a “brand value” of US$9.83 billion, which is based on the opinions of current and potential users as well as actual financial data.
Apple occupied the number-one position on the list, with a brand value of $185 billion. Google was number two, with a value of roughly $114 billion.
The BrandZ ranking, commissioned by the advertising and marketing services group WPP, incorporates interviews with more than 2 million consumers globally about thousands of brands along with financial performance analysis to compile the list. Yahoo last appeared on the list in 2009 at number 81.
Yahoo’s inclusion on the 2013 list comes as the Internet company works to reinvent itself and win back users. Previously a formidable player in Silicon Valley, the company has struggled in recent years to compete against the likes of Google, Facebook and Twitter.
Improving its product offerings on mobile has been a focus. New mobile apps for email and weather have been unveiled, along with a new version of the main Yahoo app, featuring news summaries generated with technology the company acquired when it bought Summly.
Most notably, Monday the company announced it is acquiring the blogging site Tumblr for $1.1 billion in cash. Big changes to its Flickr photo sharing service were also announced.
Yahoo’s rebuilding efforts have picked up steam only during the last several months, but the 2013 BrandZ study was completed by March 1.
However, last July’s appointment of Marissa Mayer as CEO likely played a significant role in the company’s inclusion in the ranking, said Altimeter analyst Charlene Li. “Consumer perception has gone up since then,” she said.
“Yahoo’s leadership has a strong sense of what they want to do with the brand,” she added.
Yahoo’s 2012 total revenue was flat at $4.99 billion. However, after subtracting advertising fees and commissions paid to partners, net revenue was up 2 percent year-on-year.