ARTICLES & INSIGHTS

The Week In Review 07/12 – 11/12

 

This week saw yet another global electronics giant, Foxconn, hit by a ransomware attack at a facility in Mexico. Taking place over Thanksgiving weekend and reported this week, the attackers are demanding one of the largest ransoms we can remember at a staggering $34m (roughly 1084 BTC). Also breaking in the media is news that FireEye one of the worlds largest cybersecurity companies was hacked, with the attackers stealing the tools they use to test its clients networks for security holes and vulnerabilities. In a statement, FireEye allluded to the fact that the evidence suggested it was a state/nation actor with extremely advanced cyber capabilities, something backed up by the FBI and Microsoft after both parties ran an independent analysis of the attack.

Millions of IoT devices from over 150 vendors have been discovered to have critical vulnerabilities. The group of flaws, found in the open source TCP/IP stacks, leave devices vulnerable to attacks such as information interception, denial of service and total take over. What makes the situation worse is, the stacks in question are all fairly old, open source, with many versions and variations making it extremely difficult, if not impossible, to patch with no central patching authority. In addition to this, the pressure on the healthcare industry increases further, with cyber attacks on U.S. healthcare organisations up 150% since the start of the pandemic. This additional pressure on top of already stressed systems has highlighted serious pitfalls in healthcare’s IT security expected to have repercussions well into 2021.

With over 2000 engagements with NHS Trusts since 2014, Dionach is a trusted security partner of NHS Digital. Find out how to secure healthcare environments with Dionach’s Healthcare Services.

Read about all of this and more below:

Flaws in Steam let gamers crash opponents computers
(threatpost.com)

Travel agent leaks customer data through hackathon
(theregister.com)

Foxxconn hit by $34m ransomware attack
(bleepingcomputer.com)

Healthcare in crisis
(threatpost.com)

FireEye hacked by state sponsored group
(pcmag.com)

Critical flaws in millions of IoT devices… may never get fixed
(wired.com)

HMRC has reported 11 serious personal data incidents to the ICO this year 
(infosecurity-magazine.com)