Private technology companies providing IT to the NHS need greater scrutiny over hacking threats to patient data amid “deficient” security monitoring. Technology firms storing patient on online databases could be targeted by hackers, a report into healthcare cyber security has warned, with several US health technology companies hit by cyber-attacks and data breaches in recent years. The report from Imperial College London said there were warning signs in the US that healthcare cloud providers were failing to stop cyber-attacks. Expert Comments: Jake Moore, Cybersecurity Specialist at ESET: “In the wake of WannaCry, which attacked many organisations including the NHS, you’d think the security in place…
ISBuzz Team
Its been reported that the US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result. The idea is to use “retro” technology to isolate the grid’s most important control systems, to limit the reach of a catastrophic outage. “This approach seeks to thwart even the most sophisticated cyber-adversaries who, if they are intent on accessing the grid, would have to actually physically touch the equipment, thereby making cyber-attacks much more difficult,” they said in a press release ,…
Earlier today, security researchers disclosed several vulnerabilities impacting Arlo security systems — including baby monitors and wire-free cameras — that would give attackers complete control of the devices, including viewing private video footage and tampering with feeds. The vulnerabilities were found in Arlo’s base stations (firmware version 1.12.0.1_27940) which are used to power the company’s various products. By exploiting the flaws, an attacker could gain control of all cameras connected to the base station. From there, the attacker could view private footage, turn off the cameras and manipulate video feeds. https://twitter.com/drmuhammadmalik/status/1146341115278307328 Expert Comments: Boris Cipot, Senior Security Engineer at Synopsys: “When vulnerabilities are identified,…
This summer has already seen the launch of individual 5G networks across the UK, with more to come. Matthew Aldridge, Senior Solutions Architect at Webroot, believes that while there are obvious positives associated with 5G – decreased latency and increased bandwidth – there are cybersecurity issues with the technology that 5G enables, mainly IoT. Vulnerabilities within IoT networks cannot be ignored as adoption increases with improved connectivity. IoT devices tend to lack any inherent security and increasing the number of devices in a network also increases the attack surface area. https://twitter.com/VodafoneUK/status/1146327198883819520 Experts Comment: Matthew Aldridge, Senior Solutions Architect at Webroot: “As…
SmartMate, a smart home management platform, is leaking data about its customers and their device passwords via an ElasticSearch server that it left exposed on the internet without a password. The server belongs to Orvibo, a Chinese company based in the city of Shenzen, which runs SmartMate, a platform for managing smart appliances in a modern smart home. https://twitter.com/campuscodi/status/1145678691760070658 Experts Comments: Ben Herzberg, Director, Threat Research at Imperva: Misconfigurations that leave servers open and vulnerable is something that we’ve seen resurface over and over again. Once servers are left “open,” it takes barely any time for attackers to become aware of the vulnerability and take over. In our research, we…
The BBC has reported that scammers making bogus claims about sending aid to Sudan in exchange for clicks have continued to crop up on Instagram despite the exposure and suspension of fraudulent accounts, some of which had hundreds of thousands of followers. This serves as a reminder of the opportunistic nature of scammers on social media services and the need to be sceptical of accounts claiming to donate food or supplies or fundraising for a crisis. Expert Comments: Satnam Narang, Senior Research Engineer at Tenable: “Based on our own analysis, Tenable found over 100 accounts that had amassed nearly 900,000 followers, all of which falsely claimed…
New data obtained by RSM under a freedom of information request has revealed that financial services firms reported 819 cyber incidents to the Financial Conduct Authority (FCA) in 2018, a huge rise on the 69 incidents reported in 2017. The retail banks were responsible for the highest number of reports (486), almost 60% of the total. This was followed by wholesale financial markets on 115 reports and retail investment firms on 53. https://twitter.com/it_cisq/status/1145695404643635205 Experts Comments: Anna Russell, VP at comforte AG: “It looks as if stricter data privacy regulations like GDPR have resulted in more transparency in terms of how many cyber…
The rise in automation – particularly automation powered by artificial intelligence (AI) – is having a ripple effect on UK businesses, creating an impact that goes far beyond products or services. At one level, automation and AI offer helpful solutions when recruitment is challenging, or where staff can be better utilized in other parts of an organisation. More broadly, there is no doubt that AI can add value to an increasingly digital workplace, and adoption is rising while some barriers remain. Consequently, one in five businesses intend to implement AI across their organisation in 2019. Some organisations are already experiencing the benefits of AI as it…
Earlier this week, the education secretary laid out plans for guidance to help guard children against online harms including catfishing, targeted advertising and fake news. The guidance is designed to help students understand the motivations of people online and protect themselves. https://twitter.com/Remteksystems/status/1144238131488743424 Ed Macnair, CEO at Censornet: “It is beyond time that online safety was made a priority throughout education. As with every aspect of life, childhood has been altered by the digital age. This has brought a lot of good, not the least in education, but it also brings a great many new risks. Catfishing, fake news, cyber attacks, social…
It has been reported that mobile devices could provide a more secure, user-friendly mode of account authentication, according to an IDG and MobileIron report. The report outlined the major frustrations IT professions have with passwords, as well as better solutions that could potentially replace them altogether. The rise in mobile business devices and apps may present a viable solution for authentication, the report found. The majority of respondents (85%) reported seeing an increase in the number of users needing access to business apps from mobile devices over the past year. More than 75% of respondents cited biometric authentication through mobile devices as the best…