Ransomware attack on US hospitals

Ransomware attack on US hospitals

Since Thursday night, the FBI has been warning of increased cyberattacks on various American hospitals. The used malware Ryuk encrypts the data of the infected systems and thus complicates the further operation of the hospitals. The attack on system-relevant infrastructure such as these is combined with requests for ransom money to release the sensitive data as quickly as possible. The exact number of affected hospitals is not known, only that hospitals in the states of New York, Oregon and Minnesota are involved.

The data encryption has caused significant delays in the clinic process, as the affected clinics have had to reroute some of their patients, which has delayed the waiting times for necessary treatments. Clinics in Germany are also sometimes victims of such cyber-attacks, which can be life-threatening for patients in addition to the financial loss of the organization.

A major ransomware attack took place in the summer of 2019 on central systems of the DRK-Trägergesellschaft Süd-West. Affected were the affiliated hospitals in Rheinland-Pfalz and Saarland, whose provision of care was delayed. According to the media, this incident, fortunately, had no further consequences for patients. No ransom was paid, and the incident lasted from 13th to 26th July. Sodinokibi was identified as the software used, and a Mobile Incident Response Team (MIRT) was deployed to determine the cause of the attack and restore the patient to a working condition.

The BSI (Bundesamt für Sicherheit in der Informationstechnik) recommends the establishment of a functioning and practiced emergency management for such ransomware attacks. It was crucial for the success of the measure that, on the one hand, the crisis treatment in the hospital works and patient care is ensured by analogue data acquisition. It is relevant for IT to narrow down the problem, find the cause and select the necessary measures.

To prevent such attacks from the outset, it is also advisable to sufficiently sensitize employees to the subject of phishing and social engineering and to improve and tighten regulations on password security for remote access. Multifactor authentication for administrative actions is recommended.

#Ransomware #MFA #Cybersecurity #Ryuk #Phishing #SocialEngineering

This site was seized

“This site was seized”

This message was displayed to visitors who had tried to access Donald Trump’s campaign website on Tuesday evening.

The statement that the site had been seized was followed by various unsubstantiated allegations against the US government and Donald Trump himself.

The alleged attackers further claimed to have compromising information about Trump. They offered visitors the opportunity to vote – in exchange for the deposit of a crypto-currency –, to decide whether this information should subsequently be made public – or not. After only a few minutes, however, the statements and accusations had disappeared, and the site was accessible again as normal.

At the end of last week, there were already several reports that a hacker had guessed the password of Donald Trump’s Twitter account. This is supposed to be “maga2020!” (make America great again 2020!) Especially piquant: Twitter offers a two-factor authentication to secure the accounts. However, according to the hacker, Trump had not activated this. The success of this attack was not confirmed by Trump himself or his employees, however.

Regardless of the password strength, we recommend: Use offers such as MFA (Multiple Factor Authentication) to protect your accounts and your sensitive data!

#ITSecurity #MFA

The identity card is becoming digital

The identity card is becoming digital.

Samsung is working together with the German Federal Office for Information Security (BSI), Bundesdruckerei and Deutsche Telekom Security on a hardware-based security architecture that will allow us to store our ID card – and later also our driving licence, health card and other sensitive documents – on our smartphone.

These documents will be stored safely in an embedded secure element.

The eSE (embedded secure element) is a tamper-proof chip that can be embedded in any mobile device. It ensures that data is stored in a secure location and information is only shared with authorized applications and people.

The aim is to provide citizens a simple way to keep sensitive documents safely with them at all times. The solution is the smartphone that almost everyone always carries with them.

Would you store your data such as personal ID, driving licence, health card, etc. on your smartphones? We are interested in your comments.