Hospitals Should Brace For Surge In Ransomware Attacks
Comments Off on Hospitals Should Brace For Surge In Ransomware Attacks
U.S. hospitals should brace for a surge in “ransomware” attacks by cyber criminals who take computer networks hostage, then demand payment in return for unlocking them, a non-profit healthcare group warned on Friday.
The Health Information Trust Alliance conducted a study of some 30 mid-sized U.S. hospitals late last year and found that 52 percent of them were infected with malicious software, HITRUST Chief Executive Daniel Nutkis told Reuters.
The most common type of malware was ransomware, Nutkis said, which was present in 35 percent of the hospitals included in the study of network traffic conducted by security software maker Trend Micro Inc.
Ransomware is malicious software that locks up data in computers and leaves messages demanding payment to recover the data. Last month, Hollywood Presbyterian Hospital in Los Angeles paid a ransom of $17,000 to regain access to its systems.
This week, an attack on MedStar Health forced the largest healthcare provider in Washington, D.C., to shut down much of its computer network. The Baltimore Sun reported a ransom of $18,500 was sought. MedStar declined to comment.
HITRUST said it expects such attacks to become more frequent because ransomware has turned into a profitable business for cyber criminals.
The results of the study, which HITRUST has yet to share with the public, demonstrate that hackers have moved away from focusing on stealing patient data, Nutkis said.
“If stuff isn’t working, they move on. If stuff is working, they keep doing it,” said Nutkis. “Organizations that are paying have considered their options, and unfortunately they don’t have a lot of options.”
Extortion has become more popular with cyber criminals because it is seen as a way to generate fast money, said Larry Whiteside, a healthcare expert with cyber security firm Optiv.
Stealing healthcare data is far more labor intensive, requiring attackers to keep their presence in a victim’s network undetected for months as they steal data, then they need to find buyers, he added.
“With ransomware I’m going to get paid immediately,” Whiteside said.
Courtesy- http://www.thegurureview.net/aroundnet-category/hospitals-should-brace-for-surge-in-ransomware-attacks.html
Does AVG Respect Your Privacy?
AVG has been answering questions about its new privacy policy after accusations that the firm is about to sell its users down the river.
A Reddit discussion has heard from furious users who spotted that the simplified policy effectively gives the company permission to sell its mailing lists to third parties for fun and profit.
AVG stated under ‘Do You Share My Data?’ in the Q&A about the new policy, which is automatically enforced on 15 October: “Yes, though when and how we share it depends on whether it is personal data or non-personal data. AVG may share non-personal data with third parties and may publicly display aggregate or anonymous information.”
AVG has hit back at the criticism in a blog post today, by which we mean confirmed that its stance is correct, explaining: “Usage data allows [AVG] to customize the experience for customers and share data with third parties that allow them to improve or develop new products.
“Knowing that 10 million users like a certain TV program gives broadcasters the data to get producers to make more of that type of program.
“This is also how taxi firms know how to distribute their fleets, and how advertisers know where to place banners and billboards, for example. Even at AVG, we have published non-personal information that we have collected regarding app performance.”
But AVG added in big, bold type: “We do not, and will not, sell personally identifiable data to anyone, including advertisers.”
This will placate some, but others fear that the lack of choice over this matter, which requires an active decision to opt out, is too clandestine. As ever, there are threats to move to everything from Linux Mint to the Commodore 64, some more serious than others.
Several Redditors have likened it to similar warnings in Windows 10′s Insider Programme which essentially say: ‘we can track you … but we won’t, unless we do.’
Courtesy-TheInq
Zeus Attached To Cancer Email Scam
March 28, 2014 by admin
Filed under Around The Net
Comments Off on Zeus Attached To Cancer Email Scam
Thousands of email users have been hit by a sick cancer email hoax that aims to infect the recipients’ computers with Zeus malware.
The email has already hit thousands of inboxes across the UK, and looks like it was sent by the National Institute for Health and Care Excellence (NICE). It features the subject line “Important blood analysis result”.
However, NICE has warned that it did not send the malicious emails, and is urging users not to open them.
NICE chief executive Sir Andrew Dillon said, “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.
“This email is likely to cause distress to recipients since it advises that ‘test results’ indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
The hoax message requests that users download an attachment that purportedly contains the results of the faux blood analysis.
Security analysis firm Appriver has since claimed that the scam email is carrying Zeus malware that if installed will attempt to steal users’ credentials and take over their PCs.
Appriver senior security specialist Fred Touchette warned, “If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen.
“What they won’t see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger.
“Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400.”
Tizen Announces New Partners
November 25, 2013 by admin
Filed under Smartphones
Comments Off on Tizen Announces New Partners
Samsung and Intel announced on Tuesday that the open source Tizen operating system now has 36 partners, including eBay, Trend Micro and Panasonic.
The full list of new partners was announced at the Tizen Developer Summit, and includes a mix of firms from different sectors. Among the 36 backers are eBay, Nokia’s Here mapping service, Konami, McAfee, Panasonic, Sharp and The Weather Channel, giving us some insights as to what software applications are likely to appear on the Linux based operating system.
Trevor Cornwell, founder and CEO of Appbackr, one of Tizen’s newly added partners, said that his firm found the operating system appealing due to its open nature, perhaps hinting that it is more open than Google’s Android mobile operating system.
He said, “The Tizen OS promises to be the most open and comprehensive software platform available for those companies wishing to target the consumers of connected devices.
“The Association’s commitment to support HTML5 applications, combined with their vision that extends beyond the smartphone and tablet ecosystem to a wider array of other connected device segments, makes it attractive to all types of companies. We look forward to collaborating with the Tizen Association to ensure that all stakeholders can contribute to the development of a platform for this growing market opportunity.”
It’s still unclear when Samsung’s first Tizen powered smartphone will make it to market, but online speculation suggests we’ll be seeing the firm’s debut Android challenging smartphone at some point in 2014.
Further speculation suggests that Samsung’s first Tizen phone will be an updated version of the Galaxy S4, possibly to reduce its reliance on Android.
Is Android Safer Than iOS?
The general consensus is that iOS apps tend to be somewhat safer than their Android counterparts. Apple goes to great lengths to have apps vetted and as a result far fewer iOS apps end up with malware or security issues.
However, a new report fresh out of Appthority claims iOS apps have their fair share of issues and in some respects then can pose an even greater security risk than Android apps. The report covered the top 50 apps from the Apple App Store and Google Play and found that iOS apps exhibited riskier behaviour.
“The majority of iOS apps track for location (60%), share data with advertising or analytics networks (60%) and have access to the user’s contact list (54%). A small percentage of iOS apps also had access to the user’s calendar (14%),” the report found.
However, Android fans shouldn’t be too happy since their platform is not far behind. Half of them share data with ad networks or analytics companies, while 42 percent tracked location. Slightly better, but nothing to be proud about.
One of the most worrying findings is that both Android and iOS apps don’t do much to prevent personal data from leaking from our devices. Not a single iOS app analyzed in the study used encryption to send and receive data, and neither did 92 percent of Android apps.
So while it might seem that Android is a somewhat better platform for users with privacy concerns, both Google and Apple are pants at that sort of thing.