- Computer virus attack forces hospitals to cancel operations, shut down systems. From ZDNet.
A computer virus has forced three hospitals offline and caused the cancellation of all routine operations and outpatient appointments.
The Northern Lincolnshire and Goole NHS Foundation Trust says a “major incident” has been caused by a “computer virus” which infected its electronic systems on Sunday. As a result of the attack, the hospital has taken the decision to shut down the majority of its computer networks in order to combat the virus.
“A virus infected our electronic systems [on Sunday] and we have taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it,” said Dr Karen Dunderdale, the trust’s deputy chief executive, according to the BBC.
- Brazilian Hospitals Infected with Ransomware After RDP Brute-Force Attacks. From Softpedia.
Members of TeamXRat, a hacking crew based in Brazil, have created their own ransomware variant that they spread to local companies and hospitals after taking control over their servers and networks via RDP (Remote Desktop Protocol) brute-force attacks.
The group, who has previously created and sold banking malware, is at its first attempt at creating ransomware, which, based on a Kaspersky Lab analysis, seems to be derived from the Xorist ransomware, detected and decrypted back in March.
One Single Ransomware Gang Made over $121 Million. From Softpedia.
A group or individual operating a ransomware distribution operation has earned 189,813 Bitcoin (over $121 million) from his/their activities, according to a recent quarterly report published this week by McAfee Labs.
Experts say that the crook’s current Bitcoin wallet address still holds around $94 million, meaning the crook spent $27 million, either on servers and other costs or on himself.
These kinds of profits are exactly what drive cyber-criminals to ransomware operations.
Ransomware incidents up 128% compared to last year:According to McAfee’s telemetry data, the total number of ransomware infections has grown 128 percent year-over-year. Every quarter, the company’s security experts find new versions of ransomware, more than the previous one.
- Newkirk Products, Inc. Provides Notice Of Data Breach. From PR Newswire. Newkirk Products, Inc. (“Newkirk”) today announced a cyber security incident involving unauthorized access to a server containing certain personal information. Newkirk is a service provider that issues healthcare ID cards for health insurance plans including Blue Cross and Blue Shield of Kansas City, Blue Cross Blue Shield ofNorth Carolina, HealthNow New York Inc., BlueCross BlueShield of Western New York, BlueShield of Northeastern New York, and Capital District Physicians’ Health Plan, Inc. (CDPHP), and, through Newkirk’s relationship as a service provider to DST Health Solutions, Inc., Gateway Health Plan, Highmark Health Options, West Virginia Family Health, Johns Hopkins Employer Health Programs, Inc., Priority Partners Managed Care Organization and Uniformed Services Family Health Plan.
Ransomware Attacks May Trigger Breach Notifications. From On The Wire. A powerful California congressman is pushing the federal government to treat ransomware attacks on medical facilities as data breaches and require notifications of patients. The pressure is coming from Rep. Ted Lieu (D-Calif.) and follows comments from officials at the Department of Health and Human Services about the department’s plan to issue guidance to health care organizations about ransomware attacks. The Office for Civil Rights section of HHS, which has responsibility for health information privacy, will provide guidance on how to handle ransomware attacks, and Lieu is eager to ensure that the guidance specifically addresses how ransomware attacks relate to data breach regulations.
He Was a Hacker for the NSA and He Was Willing to Talk. I Was Willing to Listen. From The Intercept. The sender was a hacker who had written a series of provocative memos at the National Security Agency. His secret memos had explained — with an earthy use of slang and emojis that was unusual for an operative of the largest eavesdropping organization in the world — how the NSA breaks into the digital accounts of people who manage computer networks, and how it tries to unmask people who use Tor to browse the web anonymously. Outlining some of the NSA’s most sensitive activities, the memos were leaked by Edward Snowden, and I had written about a few of them for The Intercept.
- Detailed account of the Hacking Team data breach by FinFisher. From Softpedia. Hacking Team is a Milan-based IT company that sells offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. On July 5, 2015, the Twitter account of the company was compromised by an unknown individual who leaked links to over 400 gigabytes of data, including alleged internal e-mails, invoices, and source code. This article explains how that breach was conducted.
- Dump Adobe QuickTime, Department Of Homeland Security tells Windows users. From Krebs On Security. Apple is deprecating QuickTime for Microsoft Windows. They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it. Furthermore, there are two new, unpatched vulnerabilities which could be used to remotely compromise Windows computers.
- More US commandos, choppers and bases are hacking ISIS. From Daily Beast. Three U.S. officials told The Daily Beast that US cyber operations against ISIS have moved beyond mere disruption and are entering a new, more aggressive phase that is targeted at individuals and is gleaning intelligence that could help capture and kill more ISIS fighters.
- The National Institute of Standards and Technology is poised to deliver new cybersecurity guidance, according to NIST fellow Ronald Ross. From HealthcareITNews. “We can build and deploy systems that we can trust, too, in a hospital environment, so the systems can better withstand cyberattacks, are more penetration-resistant, and limit the damage an adversary can do if an attack comes through the perimeter,” Ross said.
- Indian political party accused of hacking Facebook. From Economic Times. An internal email communique allegedly from the AIADMK IT Wing president to his team informing that they have hacked Facebook for making posts about their party “go viral” has leaked and the mail itself has gone viral.