Studio Green @ ASCAP Launches With Song Contest to Celebrate Earth Day

Posted in Commentary with tags on April 20, 2023 by itnerd

In celebration of Earth Day, The American Society of Composers, Authors and Publishers (ASCAP), the only US performing rights organization (PRO) that operates as a not-for-profit, today announced the Green Theme Song ContestPowered by Studio Green @ ASCAP. Harnessing the passion and creativity of the songwriting community to raise awareness, the contest marks the public launch of Studio Green @ ASCAP, the PRO’s environmental sustainability initiative. Music creators are invited to submit an environmentally-inspired song for a chance to win a $1,000 prize and have their song featured as the Studio Green @ ASCAP theme music for special episodes of VERSED: The ASCAP Podcast

A panel of ASCAP hitmakers from Champagne Therapy Music Group will select the winning song. Contest judges include: Grammy-nominated writer-producer Tommy Brown (“thank u, next” by Ariana Grande and “Holy (feat. Chance The Rapper)” by Justin Bieber); multi-platinum, Grammy-winning songwriter Melanie Fontana (“Weapons” by Ava Max and “Boy with Luv (feat. Halsey)” by BTS) and chart-topping writer-producer Mr. Franks (“positions” by Ariana Grande and “Better (feat. Yo Gotti)” by Meghan Trainor).

As part of ASCAP’s Earth Day awareness campaign, Maroon 5 lead guitarist and songwriter James Valentine talks about his career and environmental advocacy work on behalf of REVERB on the latest episode of VERSED: The ASCAP Podcast. The special episode, in partnership with Studio Green @ ASCAP, also features music entrepreneur Peter Shapiro as he discusses the role sustainability plays in his career as owner of beloved music venues such as Brooklyn Bowl and Capitol Theatre (Port Chester, NY) and as a producer of major concerts around the country.

Studio Green @ ASCAP is an employee-driven initiative to help educate the ASCAP community about environmental issues, connect music creators with resources to help them live and create more sustainably and reduce ASCAP’s carbon footprint. The program was originally introduced in 2021 as an internal campaign offering educational seminars, volunteer opportunities and employee challenges. In honor of Earth Day 2023, Studio Green @ ASCAP is hosting an employee volunteer day with in-person events in Atlanta, Los Angeles, Nashville and New York as well as a virtual volunteer opportunity. 

Submissions for the Green Theme Song Contest, Powered by Studio Green @ ASCAP, are now open to eligible ASCAP members through midnight PT the night of May 19, 2023. To enter the contest or view the terms and conditions, please visit www.ascap.com/greentheme.   

Leave a comment »

Petition Launched To Get TD Bank To Support Google Pay

Posted in Commentary with tags on April 20, 2023 by itnerd

I wrote a while ago about the fact that TD Bank doesn’t for whatever reason support Google Pay. At the time I said this:

I find it mind blowing that in 2021 TD Canada doesn’t support Google Pay as there are a ton of Android phones out there due to the fact that a number of companies make Android phones with the hardware to do contactless payments. TD Canada really needs to do something about this because this is a serious #Fail and at some point, customers of TD Canada will start dealing with other banks in Canada who supported Google Pay ages ago.

That was in 2021 and two years later, there is still no support for Google Pay. That’s where this petition hopes to change things:

Android TD_Canada customers are stuck (in 2019 no less) with no reliable mobile payment system.  TD Canada has decided instead of letting Google handle mobile payments through platform integrated GooglePay, they themselves will take on (duplicate) the development burden and create their own payment app.  The resulting app doesn’t work on Android 10, doesn’t even support their own debit card, is a pain to open, and only has SMS based 2fa.

We hate it, we all hate it, it’s terrible.

Complains have been going on for years, through constant tweets falling on deaf ears.

Even more frustrating is that they have allowed ApplePay through iPhone for years.

TD is falling behind even small credit unions providing GooglePay support.

Get with the times, listen to your customers, stop thinking your development team is better or more equipped than Google.  

GIVE
US
GOOGLE
PAY

As I type this, this petition had just under 2700 signatures. That’s not a trivial amount. But it highlights the fact that TD bank has not only dropped the ball, they dropped the ball years ago. And people on Team Android aren’t happy. And rightfully so.

TD Bank appears on the outside to be a customer centric organization. This is their chance to prove it by adopting Google Pay.

4 Comments »

HYAS Introduces  HYAS Protect At Home Protective DNS Service

Posted in Commentary with tags on April 20, 2023 by itnerd

In an interesting move, HYAS Infosec today moved to “protect the protectors” by offering them free access to HYAS’s industry-leading protective DNS, which detects and blocks communication to adversarial domains — regardless of whether adversaries have already used the domains operationally. New HYAS Protect At Home provides cybersecurity’s first responders with both an early warning and an additional line of defense to help harden their home networks against cyberattacks.

Exploits are continuously evolving to avoid detection by most cybersecurity solutions designed for the home – where gamers, shoppers, online community members, and other family members are often just one bad click away from unintentionally opening the door to an attacker. HYAS Protect At Home changes that equation and offers cybersecurity pros a new level of protection to proactively mitigate threats in real time.

Protective DNS is endorsed by CISA and considered a best practice in network security, and HYAS Protect protective DNS is increasingly used by security-aware organizations around the world. It combines authoritative knowledge of attacker infrastructure and unrivaled domain-based intelligence to proactively enforce security and block the command and control (C2) communication used by malware, ransomware, phishing, and other forms of cyberattacks. HYAS Protect At Home is a free edition featuring:  

No configuration required – protection is available out-of-the-box, driven by HYAS unique enterprise-grade domain reputation data

  • Easy blocking of broadly defined domain categories like gambling, adult websites, etc.
  • Configurable allow/block lists, policies, and rules
  • Dashboard to visualize blocked sites, threats, and other data

I’ll be trying this and I will be doing a review of it when I get a chance. So stay tuned for that.

Leave a comment »

Armorblox Launches Graymail and Recon Attack Protection

Posted in Commentary with tags on April 20, 2023 by itnerd

Armorblox, today announced its newest product, Graymail and Recon Attack Protection, developed to decrease the time security teams spend managing graymail and mitigate the security risks from malicious recon email. This is in addition to the announcement of new capabilities across two main products of the Armorblox cloud-delivered email security and data loss prevention platform: Advanced Data Loss Prevention and Abuse Mailbox. The new capabilities are designed to enhance overall productivity across security teams by providing custom, automated workflows across user-reported threats, improved graymail detection and classification, and enhancements to data protection features.

The new features build on the platform’s existing capabilities, which provide comprehensive email protection for automatically detecting and protecting against emerging language-based cyber threats, preventing accidental or malicious data leakage and compliance violations across all communication channels, and saving security teams time from having to manually sort through graymail and respond across individual user-reported threats.

According to the company’s latest threat report released last week, security teams can find themselves spending almost 30 hours a week manually sorting and deleting graymail across user mailboxes. Armorblox Graymail and Recon Attack Protection uses advanced machine learning algorithms and large language models to detect and classify graymail and reduces the risk of malicious recon email being mistaken for genuine communications.

New Armorblox capabilities include:

  • Improved Graymail Detection and Protection against Recon Threats: Armorblox Graymail and Recon Attack Protection uses advanced machine learning algorithms and large language models to enable the precise detection and classification of graymail, such as newsletters and marketing emails, and unwanted solicitation from a legitimate source – all while reducing the risk of malicious reconnaissance threats, emails disguised as genuine graymail communications with the intention of eliciting a response prior to exfiltrating sensitive data. Automatic remediation removes the need for manual review, saving security teams up to 30 hours each week, and end-user preferences (based on movement of graymail) are automatically monitored and applied for all future incoming graymail communications.
  • Abuse Mailbox Custom Workflows for End-User Reported Phishing Threats: Security teams can now automate the feedback loop back to end users for user-reported phishing incidents submitted to Armorblox Abuse Mailbox. This keeps end users informed of the status of user-reported threats and engaged in the security process. Preconfigured templates allow security teams to automate the response back to end users based on incident type, while custom templates allow for pre-authorized workflows to be quickly and efficiently identified as exceptions for a reduction in false positives.
  • Custom DLP Workflows: Armorblox Advanced Data Loss Prevention provides powerful data protection capabilities, including automatic classification, protection, and encryption of sensitive information (PII/PCI/PHI, source codes, tabular data, across languages). The latest enhancements bring investigation, management, and response to sensitive emails that have been blocked together into a streamlined workflow. Insightful DLP analysis per incident allows admins to quickly remediate (delete or request alterations) or release the email to be sent.

Armorblox is committed to providing security teams with the most advanced, comprehensive email security and data protection solutions on the market, so that organizations can stay ahead of emerging threats, protect organization-specific sensitive data, and ensure compliance across industry regulations.

Armorblox Large Language Models (LLM) and Artificial Intelligence capabilities include:

  1. GPT Large Language Models & AI – Analyzes the content and context of email communications: text in email body and attachments for tone (like urgency) and intent (unusual requests) often seen in social engineering tactics, and provides in-depth email analysis to protect against sender impersonation, ransomware/extortion, account compromise attacks and graymail.
  2. Computer Vision – Follows URLs to final destination and inspects in real-time to protect against fake landing pages used in malicious credential phishing campaigns. Minute, visual deviations such as image and layouts often go unnoticed by the human eye, Armorblox analyzes and safely redirects end users away from these malicious pages.
  3. Malware & File Attachment Inspection – Provides static and dynamic analysis of attachments, malware, and advanced persistent threat analysis, while ensuring there are no delays in end users gaining access to critical emails nor disruption to email-based business workflows.
  4. Contextual Analysis & Attacks Overview – Creates both user-specific and organization models for custom behavior baselines, so that how and who one communicates with are continuously monitored and anomalous communications and conversations are automatically flagged.

Learn More

Armorblox experts will be hosting demos at RSA Conference 2023, San Francisco, April 24-27, Booth #5304, Moscone, North Expo.

Leave a comment »

Linktree Phishing Attack: Hackers Steal Credentials via Popular Social Media Tool While Spoofing Microsoft 

Posted in Commentary with tags on April 20, 2023 by itnerd

Linktree has become a popular tool for creating bio pages on social media platforms like Instagram and TikTok, allowing users to share their information and social media handles easily. Unfortunately, its ease of use and popularity has caught the attention of hackers, who now use it as a medium for phishing attacks.

Avanan, a Check Point Software Company, has disclosed how hackers exploit Linktree to steal user credentials. Avanan’s cybersecurity researchers have prepared an attack brief that discusses the techniques employed by these cybercriminals to deceive their victims.

In this attack, hackers create legitimate Linktree pages hosting malicious URLs to harvest credentials. They send phishing emails with spoofed Microsoft OneDrive or Sharepoint notifications, tricking users into clicking the malicious links. The victims are then redirected to a fake Office 365 login page where their credentials are stolen.

You can read about this attack here.

Leave a comment »

62% of Canadian SMBs are Optimistic about the Future, Forecasting up to 20% Growth in the Next Six Months: Zoho

Posted in Commentary on April 20, 2023 by itnerd

The newly released Zoho Canada SMB Outlook Report by Zoho Corporation, a leading global technology company, reveals that Canadian small and medium-sized business leaders are optimistic about their business prospects. According to the survey, 62.1% of respondents expect to grow between 1% and 20+%. 

Surveying 1,016 Canadian business leaders (C-level to manager) in March about business performance, staffing, the economy, and tech usage, the Zoho Canada SMB Outlook Report additionally reveals that 64.6% of business respondents say their pricing has been impacted by inflation.

Key Survey Findings:

  • Respondents continue to be optimistic about their business, with 62.1% expecting to grow between 1% and 20+%.
  • Ontario respondents are particularly optimistic, with 63.8% expecting to grow between 1-20+%.
  • Employees are key in terms of lessons learned, business challenges, and tech priorities. However, businesses are holding steady with their staffing plansbased on 70.1% indicating no change in their hiring plans, 25.8% hiring, and only 4.1% anticipating layoffs. 
  • Inflation is nearly twice the challenge as interest rates are for businesses.
  • Respondents seem to be confident with how cybersecurity and customer privacy are handled but this confidence may be misplaced since one-third of people indicate that they don’t know about their business’s efforts in these areas. 

The Zoho Canada SMB Outlook Report builds on three previous versions that surveyed individuals in October, 2022, May, 2022, and October, 2021. The previous October report indicated that 73% of respondents were optimistic about the future. Currently, optimism is down more than 10 percentage points. 

Note that Ontario businesses are the most optimistic about the next six months, replacing Quebec respondents who were the most positive according to their responses in the previous two surveys.

Business Growth:

Respondents continue to feel good about their business prospects with 62.1% of respondents expecting to grow between 1% and 20+%. This optimism includes 38.2% expecting growth of 1-10%, and 15.4% expecting growth of 10-20%, and 8.5% expecting 20+% growth. 

Conversely, 31.2% anticipate zero growth while only 7.8% expect declines.

  • Alberta – 53% expecting to grow between 1-20+%
  • BC – 65% expecting to grow between 1-20+%
  • ON – 63.8% expecting to grow between 1-20+%
  • Quebec – 59.7% expecting to grow between 1-20+%

Staffing:

Staffing plans indicate that respondents are holding steady with 70.1% projecting no change in their hiring plans, 25.8% hiring, and only 4.1% anticipating layoffs.

  • Alberta – 41.8% hiring, 50.9% no change, 7.3% layoffs
  • BC – 41.3% hiring, 53.3% no change, 5.4% layoffs
  • ON – 43.6% hiring, 51.9% no change, 4.5% layoffs
  • Quebec – 44.8% hiring, 48.7% no change, 6.5% layoffs

While respondents planning to hire have decreased 17.6% since the previous survey, fewer people currently anticipate layoffs. With nearly 20% more respondents indicating no change in hiring plans, it seems that they are optimistically holding steady with staffing plans.

Lessons learned from managing your business through the past 12 months. Staff were the priority based on the combined focus on pay/benefits and flexible work models, which was consistent across provinces.

  • 22.1% – increased staff pay and benefits
  • 20.6% – more aggressive pricing
  • 20.5% – more flexible work models
  • 19% – cost reductions
  • 17.8% – increased efficiencies

The Economy:

Inflation continues to impact businesses with 49.8% of respondents saying they’ve been impacted and 19.2% indicating no changes.

  • Alberta – 54.6% yes, 15.1% no change
  • BC – 44.8% yes, 20.7% no change
  • ON – 49.5% yes, 20.3% no change
  • Quebec – 56.3% yes, 15.3% no change

Fewer respondents say inflation is impacting business versus the previous report’s 64.6%.

Response to interest rates: 28.2% increased prices, 18.1% delayed capital expenses, and 10.6% delayed hiring.

  • Alberta – 33.6% increased prices, 15.1% delayed capital expenses, 8.4% delayed hiring
  • BC –  31.6% increased prices, 18.4% delayed capital expenses, 5.7% delayed hiring
  • ON –  27.3% increased prices, 16.8% delayed capital expenses, 12.3% delayed hiring
  • Quebec –  25.7% increased prices, 27.1% delayed capital expenses, 11.1% delayed hiring

Notably, 43.1% of all respondents said rates didn’t impact their business.

Inflation’s impact on offers for new hires is limited with 34.6% saying it’s affected offers, 24.8% saying it hasn’t, and 40.5% saying the question isn’t applicable.

  • Alberta – 37.8% said it’s affected offers, 22.7% said it hasn’t, and 39.5% said N/A
  • BC – 31.6% said it’s affected offers, 28.7% said it hasn’t, and 39.7% said N/A
  • ON – 34.7% said it’s affected offers, 23.5% said it hasn’t, and 41.8% said N/A
  • Quebec – 36.8% said it’s affected offers, 25.7% said it hasn’t, and 37.5% said N/A

Inflation’s overall impact on new hire offers is down, with fewer people saying it’s impacted offers.

Inflation is nearly twice the challenge as interest rates are for businesses. 42.3% of respondents said high inflation is the bigger challenge, while 21.7% said it was high interest rates, and 36% weren’t sure which was more of a challenge.

  • Alberta – 51.3% high inflation, 18.5% high interest rates, 30.3% weren’t sure
  • BC – 44.3% high inflation, 21.3% high interest rates, 34.5% weren’t sure
  • ON – 40.5% high inflation, 22.2% high interest rates, 37.3% weren’t sure
  • Quebec – 42.4% high inflation, 24.3% high interest rates, 33.3% weren’t sure

High interest rates matter, but only for just over a third of respondents who say rates have caused them to adjust pricing: 36.2% say yes, 26% say no, 37.8% N/A

  • Alberta – 39.5% yes, 25.2% no, 35.3% NA
  • BC – 36.2% yes, 23% no, 40.8% NA
  • ON – 36.5% yes, 26.2% no, 37.3% NA
  • Quebec – 36.1% yes, 28.5% no, 35.4% NA

Technology

Customer experience is a business automation priority. Respondents indicated the following workflow automation priorities: 41.4% on customer experience, 15% on finance, 14.7% on custom applications, 7.8% on HR, 21.1% unknown.

  • Alberta –  40.3% on customer experience, 17.6% on finance, 15.1% on custom applications, 9.2% on HR, 17.6% unknown.
  • BC –  36.8% on customer experience, 16.1% on finance, 18.4% on custom applications, 13% on HR, 21.3% unknown.
  • ON –  45% on customer experience, 13.7% on finance, 12.1% on custom applications, 7.4% on HR, 21.7% unknown.
  • Quebec –  34.7% on customer experience, 16.7% on finance, 19.4% on custom applications, 8.3% on HR, 20.8% unknown.

Tech priorities focused on staffing, which was mirrored for provinces.

  • 21.1% – facilitating remote work
  • 20.5% – investing in talent and digital skills
  • 20% – automating or digitizing processes
  • 19.6% – creating or improving digital product and services
  • 18.9% – improving decision-making processes

Respondents seem to be confident with how customer privacy is handled, but this confidence may be misplaced since one-third of respondents don’t know their business’ process. 53.8% yes, 12.9% no, 33.3% don’t know.

  • Alberta – 45.4% yes, 10.1% no, 44.5% don’t know
  • BC – 55.2% yes, 14.9% no, 29.9% don’t know
  • ON – 53.5% yes, 11.9% no, 34.5% don’t know
  • Quebec – 60.4% yes, 16.7% no, 22.9% don’t know

Respondents have some confidence in their cybersecurity, but this confidence may be misplaced given that more than one-third of respondents don’t know their business’ process: 50.8% yes, 13.4% no, 35.8% don’t know.

  • Alberta – 48.7% yes, 13.4% no, 37.8% don’t know
  • BC – 49.4% yes, 17.2% no, 33.3% don’t know
  • ON – 49% yes, 12.8% no, 38.2% don’t know
  • Quebec – 61.1% yes, 11.1% no, 27.8% don’t know

Report Methodology

Conducted in March, 2022, using Zoho Survey and Zoho Analytics, this study contacted 1,016 individuals across Canada. Participants in the study included a range of business leaders, from manager roles to the C-level, at small and large enterprises across a variety of industries.

The Canadian SMB Outlook Report builds on three previous versions that also surveyed individuals in October, 2022, May, 2022, and October, 2021.

Leave a comment »

25% Increase in Victims, Novel Coercive Tactics Rise, Industry-Specific Shifts: GuidePoint Security

Posted in Commentary with tags on April 20, 2023 by itnerd

GuidePoint Security has published its quarterly GuidePoint Research and Intelligence Team’s (GRIT) Q1 2023 Ransomware Report, which found a significant increase in public ransomware victims compared to Q4 2022 and new coercive tactics being deployed by ransomware groups as the RaaS ecosystem evolves.

Key Findings Include:

  • A 25% increase in public ransomware victims compared to Q4 2022 and a 27% increase compared to Q1 2022.
  • LockBit remains the most prolific ransomware threat group, while the rapid exploitation of a file-sharing application vulnerability brought Clop into a leading position.
  • The data also revealed some shifts in the industries targeted by ransomware groups, with a 65% increase in observed victims in the legal industry and a 17% increase in publicly posted victims in the education sector.
  • Novel coercive tactics such as releasing sensitive data, including graphic medical images, and DDoS attacks have been observed, increasing pressure on victims to consider payment.

You can read the report here.

Leave a comment »

Legacy Verified Checkmarks To Disappear TODAY Says Twitter

Posted in Commentary with tags on April 20, 2023 by itnerd

If you have a legacy verified checkmark, and you didn’t pay Elon Musk $8 a month ($11 on iOS) to keep it, then according to Twitter, you will lose that checkmark today:

Part of me wonders is doing this today which is known as 4/20 day or the day that Cannabis users celebrate the use of the drug is a coincidence. Or is more of Elon’s juvenile humour. Leave a comment below and share your thoughts on that.

In any case, by nuking legacy verified checkmarks, it means that the only people who will have checkmarks are the people who paid to get attention. Which there aren’t a lot of those on Twitter. And not many have any significant levels of followers. And as I’ve said before, this move will drive more people from Twitter. And by not having “notable” people on Twitter will make it far less appealing to advertisers. Which sends Twitter into a bigger death spiral that it already is in. It’s pretty clear at this point that Elon is going to die on this hill as he seems to be on a suicide mission to destroy Twitter.

Oh well. There’s always Mastodon as it’s a far better place than Twitter.

2 Comments »

Just-in-Time Logistics And Cybersecurity – How To Reduce The Attack Surface

Posted in Commentary with tags on April 20, 2023 by itnerd

Inspired by the most recent Toyota third party breach, Snehal Antani, CEO of Horizon3.ai, has come up with defensive suggestions for enterprises concerned with these third-party risk exposures.

Here’s some background on this from Bloomberg: 

“Kojima is a small company and little-known outside Japan, where it produces cup holders, USB sockets and door pockets for car interiors. But its modest role in the automotive supply chain is a critical one. And when the company was hacked in February 2022, it brought Toyota Motor’s entire production line to a screeching stop. The world’s top-selling carmaker had to halt 14 factories at a cost of about $375 million.”

That’s not a good place to be. Here’s what Snehal Antani, CEO and Co-Founder of Horizon3.ai suggests to try and mitigate this threat:

 “JIT Logistics, made popular by Walmart’s efficiency in the 2000’s, now poses a significant cybersecurity risk to global organizations. An interesting example occurred with a Toyota supplier recently:

   “Large organizations have the resources to build a world-class security operations center (SOC), but their suppliers often don’t have the talent or resources to defend against cyber-attacks effectively. Often these smaller suppliers are barely treading water, with IT Operations and CyberSecurity being a single team (or person!)

   “This is especially challenging in the era of cyber-enabled economic warfare, where nation-states will execute cyberattacks to cause internal strife and economic pain that is below the threshold for war. Companies in manufacturing, pharmaceuticals, agriculture, energy production, etc, that have embraced just-in-time logistics are ripe targets, where a small action leads to outsized impact.

   “So what? As security practitioners, we often default to thinking of SBOM when discussing supply chain security. However, that’s an orthogonal issue. As a CEO or COO, I would work closely with my CISO and procurement team to do the following:

  1. Map my suppliers
  2. Conduct sensitivity analysis to determine which suppliers pose the greatest impact on my operations if they are disrupted due to a cyberattack
  3. Identify the exploitable attack surface of my critical suppliers, while also assessing their ability to detect & respond to cyber attacks
  4. Expand the scope of the SOC to include security overwatch for those critical suppliers unable to defend themselves.
  5. Subsidize cybersecurity investments for the critical suppliers that lack the ability to harden, detect, and respond to breaches
  6. Invest in diversifying those suppliers to reduce the operational impact if any one supplier is disrupted
  7. Ultimately transform the vendor risk assessment process to hold suppliers truly accountable for their security posture: their exploitable attack surface, their ability to detect & respond, and improvements to both over time

   “Early adopters in this space are leveraging autonomous pentesting to identify the exploitable attack surface of their critical suppliers and making investments to proactively harden their systems and improve their detection & response time.

Leave a comment »

Point32Health Gets Pwned…. And The Way They Handled Disclosing It Is Sub Optimal

Posted in Commentary with tags on April 20, 2023 by itnerd

New England based Point32Health, the parent company for both Tufts Health Plan and Harvard Pilgrim Health Care, confirmed they experienced a ransomware incident on Monday. The attack affected systems it uses to service members, accounts, brokers and providers.

Patients reported issues accessing the system as far back as last Thursday and as of yesterday, the web site remained down. The company did not confirm the technical problems were a ransomware attack until their statement issued on Wednesday.

On April 17, Point32Health identified a cybersecurity ransomware incident that impacted systems we use to service members, accounts, brokers and providers. At this time, most systems impacted are on the Harvard Pilgrim Health Care side of our business. After detecting the unauthorized party, and out of an abundance of caution, we proactively took certain systems offline to contain the threat. We have notified law enforcement and regulators, and are working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation.

Roy Akerman, Co-Founder & CEO, Rezonate had this to say:

   “Attackers continue to target Health Care businesses mainly for two reasons: the first, the criticality of restoring business operation is of first degree. It has direct impact on life saving operations and critical telemetry both doctors and patients are in need. Second, Health Care PII (personal Identifiable Information) is of high-demand in malicious forums and dark web. While a compromised credit card goes on sale for $1.99, an unreplaceable “human print” remains the highest cost, and respectively value, for the attacker to use and compromise.

   “Together, alongside a distributed and dynamic infrastructure as we usually encounter with Health Care providers, protecting the infrastructure and at the same time being ready to react fast remains a challenge.

   “While info about the initial access techniques into how the attacker was able to deploy the ransomware and propagate across the network, methods have not changed, and we believe that the same common techniques as seen recently used by leading ransomware groups will be similar here as well.”

The way that this was disclosed by Point32Health was sub optimal seeing as problems were seen last week. It really seems that based on the available facts that they were hoping to get this sorted and not admit to anything. But they were ultimately forced to. I don’t know if that is actually the case, but Point32Health needs to explain this better than they have. Otherwise the trust level that patients have with Point32Health will nosedive.

Leave a comment »

« Older Entries
Newer Entries »