Ransomware and denial of service attacks are just a glimpse of things to come: hospitals are the next big target for cyber-attacks and the introduction of Internet of Things (IoT) devices make healthcare even more vulnerable.
Connected medical devices can bring increased patient safety and efficiency, particularly if connected to clinical information systems, but European tech security agency Enisa is warning that introducing such technologies also increases risks.
As a result, it said, hospitals need to change their attitude towards security: "The need for improved, and even remote, patient care drives hospitals to transform by adapting smart solutions, ignoring sometimes the emerging security and safety issues. Nothing comes without a price: hospitals are the next target for cyber-attacks," Enisa warned.
The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan.
In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers."
The Tor Project has long offered high-security alternatives for folk who are especially concerned about their privacy. But as the world goes mobile, and is increasingly accessed through smartphones, users become vulnerable to a whole new set of compromises.
That’s where the Tor Phone prototype comes in – and it’s just been significantly improved.
As many as 900,000 Deutsche Telekom customers were knocked offline on Sunday and Monday as an attempt was made to hijack broadband routers into a botnet.
Malicious hackers are commandeering vulnerable Zyxel and Speedport routers, commandeering them into a botnet which they can command to launch huge denial-of-service attacks against websites. The vulnerability exploits the TR-069 and TR-064 protocols, which are used by ISPs to manage hundreds of thousands of internet devices remotely.
In this particular case, an attack was able to fool the vulnerable routers into downloading and executing malicious code, with the intention of crashing or exploiting them. Compromised routers could then be commanded to change their DNS settings, steal Wi-Fi credentials, or bombard websites with unwanted traffic.
There's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday.