Archive for October 25, 2023

Newer Entries »

Judy Security Launches Next-Generation Control Center

Posted in Commentary with tags on October 25, 2023 by itnerd

Judy Security today announced Judy Control Center. The new platform offers advanced multi-tenant reporting, analytics and guidance, empowering MSPs and MSSPs with seamless cybersecurity management. Featuring a redesigned user-centric interface, Judy’s Control Center simplifies the acquisition of valuable insights for partners and customers without unnecessary complexity, enabling them to enhance security and optimize workflow through detailed threat analysis.

The Judy Control Center transforms threat management with its comprehensive set of new features through a single pane of glass:

  • Comprehensive Insights: Provides real-time insights and reporting, from identifying which features end users use the most, to gathering data on the detection of bugs and threat incidents.
  • Multi-Tenant, Partner-Oriented Architecture: Streamlines usability without unnecessary complexities, ensuring seamless access to critical insights.
  • Actionable Response: Allows access to transparent insights into Judy’s event responses, fostering trust and enabling data-driven decision-making.
  • Advanced Threat Hunting: Harnesses sophisticated data to elevate incident awareness, empowering partners and customers to navigate the dynamic threat landscape with real-time situational awareness.
  • Cross-Platform Compatibility: Seamlessly navigate various systems, including Windows, MacBooks, Chromebooks, Android devices, and iPhones.
  • In-Depth Telemetry: Provides comprehensive and detailed data about security operation and performance for maximum efficiency in troubleshooting. This empowers users to implement improvements where needed in security architecture.

With the new Judy Control Center, partners and customers have a gateway to maximize the benefits of working with Judy, and empower themselves to effectively harness Judy’s intelligence, make informed decisions, and optimize their security strategies. Today’s announcement lays the foundation for the Judy Control Center with plans for additional enhancements in the coming months.

To learn more or schedule a demo of the Judy Control Center visit: https://tinyurl.com/bookjudy.

Leave a comment »

TELUS Achieves Historic ISO 31700-1 Privacy By Design Certification

Posted in Commentary with tags on October 25, 2023 by itnerd

TELUS has marked a historic milestone by becoming the first company in the world to achieve the ISO 31700-1 Privacy by Design certification. This achievement substantiates TELUS’ commitment to safeguarding privacy and advancing the principles of trustworthy data practices across Canada and beyond.

The certification was awarded to TELUS Data for Good, powered by the TELUS Insights platform, a first-of-its-kind program focused on leveraging de-identified data for social good. KPMG, the international auditing and advisory firm, conducted a comprehensive evaluation and provided TELUS Data for Good with a clean report confirming the program aligns with international privacy criteria, and the requirements laid out under the ‘7 Foundational Principles of Privacy by Design’ – originally developed by privacy expertDr. Ann Cavoukian – which underpin the ISO 31700 Privacy by Design Standard.

TELUS has woven privacy, and trustworthy data practices into every facet of its business operations, ensuring that all employees at every level are actively engaged in maintaining its stringent standards. The Data for Good program, launched in 2017 and winner of the 2020 HPE-IAPP Privacy Innovation Award, offers researchers access to high-quality, strongly de-identified and aggregated data and insights to support a range of social impact initiatives like the design of public parks, efficient transportation systems in response to natural disasters, and efforts to reduce climate change. To learn more about how the TELUS Insights platform can improve decision-making in commercial sectors, see TELUS’ Big Data Solutions & Analytics.

In supporting Canadians’ understanding of how data and technology can be used for social good, TELUS’ online Privacy Centre lays out clear details about the Data for Good program and how the data de-identification process works, as well as the additional steps taken to protect their privacy.

For information visit telus.com/trust.

Leave a comment »

IBM Says That Generative AI vs Human Phishing Techniques Save Hackers 16 Hours

Posted in Commentary with tags on October 25, 2023 by itnerd

According to new IBM research, AI vs. human deceit: Unravelling the new age of phishing tactics, generative AI tools can save phishing attackers 16 hours of work designing a scam email, but it still doesn’t have the human effect for creating convincing emails.

Researchers used five prompts, such as top areas of concern for employees and social engineering techniques, which churned out convincing phishing emails in just 5 minutes.

Meanwhile, the IBM X-Force Red social engineering team created their own phishing emails which tapped “creativity and a dash of psychology” to resonate more authentically with their targets which social engineering expert for IBM X-Force Red, Stephanie Carruthers, claimed is hard for AI to replicate. This process generally takes the IBM X-Force Red team about 16 hours and that’s not factoring in the infrastructure set-up.

A round of A/B testing revealed a 14% click rate for the human-generated phishing email which was slightly higher than the 11% rate of the AI-generated email. Also, the human-generated email was reported less frequently (52%) than the AI version (59%).

“Humans may have narrowly won this match, but AI is constantly improving. As technology advances, we can only expect AI to become more sophisticated and potentially even outperform humans one day,” Carruthers concluded.

Emily Phelps, Director, Cyware had this to say:
 
   “Generative AI is a huge tool for adversaries to expedite common threat tactics such as phishing. Although humans may have the edge for now, AI technologies are improving with each passing day. The time to prepare for these evolving tactics is now. We can no longer rely on poor grammar and typos to clue us in to phishing emails so we must bolster regular security awareness training. Organizations must strengthen security controls to better validate who can access data. As adversaries continuously adapt their tactics, organizations must as well, updating threat detection, improving threat intelligence orchestration, and maintaining vigilance across all levels to defend against today’s threats.”

AI could seriously tip the scales in favour of the bad guys on a number of fronts. Hopefully we heed the warnings that IBM have presented and come up with countermeasures that tip the scales back in our favour.

Leave a comment »

US Healthcare Ransomware Costs $77.5 Billion In Downtime 

Posted in Commentary with tags on October 25, 2023 by itnerd

A study of Ransomware attacks on healthcare companies, directly dealing with patients and their data over the past seven years, the cost in downtime alone hit a staggering $77.5 billion dollars.

The report by Comparitech reviewed 539 confirmed ransomware attacks on US healthcare organizations, affecting some 52 million patient records and 10,000 separate facilities. The report covers the period form 2016 – 2023.

The impact of a forced shutdown on healthcare providers can be catastrophic, crippling key systems and preventing them from accessing patient data.  

The study shares the example of CommonSpirit Health, an Illinois-based healthcare system with 142 hospitals and more than 700 care sites, that suffered a ransomware attack in October 2022. For just this one provider, the cost of the attack so far has hit over $160 million and rising. That attack took 400 care sites offline for three weeks.

Key Findings in study:

  • 539 separate ransomware attacks on medical organizations
  • 9,780 separate hospitals/clinics/organizations affected
  • 52,298,595 individual patient records were impacted
  • Ransomware amounts varied from $1,600 to $10 million
  • Downtime varied from minimal disruption (thanks to frequent data backups) to months upon months of recovery time
  • Average of 14 days downtime for a total of 6,347 days.
  • Hackers demanded more than $39 million across 34 attacks and received payment in 31 out of 160 cases where the medical organizations disclosed whether or not they paid the ransom. They are more likely to disclose that they haven’t paid the ransom than if they have)
  • The overall cost of these attacks is estimated at around $77.5 billion
  • Conti, Maze, Hive, Pysa, and LockBit were the most prolific hackers. The first three dominated in 2020/21 with Hive taking over in 2022 and LockBit accounting for the most attacks so far this year

Jan Lovmand, CTO, BullWall had this comment:

  “These findings are deeply concerning and not surprising. The financial toll of $77.5 billion is substantial, but the real human cost is immeasurable. This is a full-on battle. Ransomware attacks on healthcare facilities pose a grave threat to public health and safety. These assaults not only shut down delivery of critical medical services, causing delays in essential surgeries and treatments that jeopardize patients’ lives, but they also breach the sanctity of sensitive patient data. The aftermath of such attacks can be catastrophic, leaving hospitals grappling to recover their data and regain control over their systems. Whether the ransom is surrendered or not, the toll in both financial losses and compromised patient care deals a crippling blow to these already strained institutions.”

   “Hospitals and healthcare organizations have a bullseye painted on them in the eyes of cybercriminals. A heavy reliance on technology to manage a huge range of functions, from patient records to surgical equipment, provides a vast attack surface of uniquely susceptible targets. This vulnerability is further exacerbated by their meager resources allocated for bolstering cybersecurity defenses. However, with ransomware showing no sign of abating, it is imperative to invest in countermeasures that can stop these attacks without necessitating a complete shutdown of IT systems and healthcare services. A good Ransomware containment defense and off-site backups are table stakes.”


Emily Phelps, Director, Cyware follows with this:

   “Healthcare continues to be one of the most targeted industries because of their valuable data and limited security resources. Because of the complexity to secure vast organizations that maintain new and legacy systems, adversaries can exploit gaps in their defenses. With advanced technologies such as AI, threat actors can also operate faster, further complicating an already difficult situation for these healthcare entities.

   “To mitigate the risks, healthcare organizations must be able to move from a reactive to a proactive security posture. To do this, they need access to relevant, context-rich threat intelligence which helps them understand what threats should be prioritized – healthcare ISACs can help provide this to organizations that become members. But the intelligence must also be prioritized and orchestrated appropriately in order to take meaningful action. Security orchestration and collaboration, combined with automated threat intelligence platforms help ensure the right information gets to the right people at the right time.”

I’ve said it before and I’ll say it again. With the exception of education, healthcare is a prime target for threat actors. Those in healthcare need to do everything possible to reduce their attack surface as it’s high time that they stop being prime targets.

Leave a comment »

Newer Entries »