Archive for the ‘Personal Health Information’ category

Google Employee Data at Risk

July 13th, 2017

Google sent notification letters to a number of employees about the data breach. It mentioned that their names, contact information and payment card data may have been affected.

“This did not affect Google’s systems. However, this incident impacted one of the travel providers used by Googlers, Carlson Wagonlit Travel (CWT).” Statement reads.

CWT and Google were not breached. The report suggests that it was fourth party data breach. Google was working with third-party vendor CWT who was using Sabre’s SynXis CRS.

“CWT subsequently notified Google about the issue on June 16, 2017, and we have been working with CWT and Sabre to confirm which Google travellers were affected,” the company mentioned.

According to the reports, the attacker gained access to some of CWT’s hotel reservations made through Sabre’s SynXis CRS.

“However, because the SynXis CRS deletes reservation details 60 days after the hotel stay, we are not able to confirm the specific inforamtion associated with every affected reservation,” Google noted.

CyberGRX CEO Fred Kneip emailed eSecurity Planet that it is difficult to determine which vendors can cause a data breach.

“A company the size of Google, whose reputation depends in large part on its ability to keep data secure, has thousands of third parties in its digital ecosystem,” Kneip said. “Attackers are clearly focused on the weakest links within those ecosystems — third parties like HVAC vendors and travel agencies — in order to do real damage.”

A recent Bomgar survey of 608 IT professionals shows that an average of 181 vendors are provided access to a company network.

“Security professionals must balance the business needs of those accessing their systems — whether insiders or third parties — with security,” Bomgar CEO Matt Dircks said in a statement.

“As the vendor ecosystem grows, the function of managing privileged access for vendors will need to be better managed through technology and processes that provide visibility into who is accessing company networks, and when, without slowing down business processes,” Dircks added.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

AI Security Company Series D Round

July 10th, 2017

Darktrace U.K.-based startup which has offices in San Francisco has recently raised $75 million in a Series D round of funding.

Nicole Eagan, CEO at Darktrace, mentioned that Insight Venture Partners’ participation in the investment “is another strong validation of the fundamental and differentiated technology that the Enterprise Immune System represents,” in a statement. “It marks another critical milestone for the company as we experience unprecedented growth in the U.S. market and are rapidly expanding across Latin America and Asia Pacific in particular, as organizations are increasingly turning to our AI approach to enhance their resilience to cyber-attackers.”

Company uses artificial intelligence to tackle security threats. The Enterprise Immune System uses the algorithm in real time to stop the attack. It tracks normal behaviour and security threats. It also detects insider threats and zero-day attacks.

“Unlike more common forms of malware, which rely on human-mediated methods such as phishing to co-opt people into triggering the payload, this type of attack uses a worm to move from machine to machine without human intervention,” Andrew Tsonchev, director of Cyber Analysis at Darktrace, wrote in a blog post. “Fortunately, it is precisely this – a dramatic change in internal activity – which has allowed us to effectively fight back.”

Company mentioned that its contract value has now reached $200 million. Bookings are also increased in the US. The headcount in last year is doubled to 500. It has 450 partners. Most important the software has detected over 48,000 serious threats.

“Unlike more common forms of malware, which rely on human-mediated methods such as phishing to co-opt people into triggering the payload, this type of attack uses a worm to move from machine to machine without human intervention,” Andrew Tsonchev, director of Cyber Analysis at Darktrace, wrote in a blog post. “Fortunately, it is precisely this – a dramatic change in internal activity – which has allowed us to effectively fight back.”

Another AI based security company Attivo Networks has also raised $15 million.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers

Healthcare Industry Most Affected by Data Breach

July 8th, 2017

As per reports, healthcare industry was frequently attacked by cyber hackers. Vectra Networks survey suggests that 164 threats were detected per 1,000 host devices. The education industry has 145 threat detections per 1,000 host devices.

 “The data shows that healthcare and education are consistently targeted and attackers can easily evade perimeter defenses,” the report mentions.

There is a rise of 265 percent in the average number of reconnaissance, lateral movement and exfiltration detections. Also, 333 percent rise was recorded for reconnaissance detections. Finance and technology received below-average threat detection rates mainly due to stronger policies and good response. Media companies have highest rates of exfiltration.

Healthcare industry now has a significant number of IoT.

 “These unsecured devices are easy targets for cybercriminals,” the report mentions.

As per Synopsys survey, sixty percent of manufacturers and 49 percent of HDOs said that usage of mobile devices in hospitals and other healthcare organizations increase data risk. But only 17 percent are employing steps to prevent attacks.

 “The security of medical devices is truly a life or death issue for both device manufacturers and healthcare delivery organizations,” Ponemon Institute chairman and founder Dr. Larry Ponemon said in a statement. “According to the findings of the research, attacks on devices are likely and can put patients at risk. Consequently, it is urgent that the medical device industry makes the security of its devices a high priority.”

Medical devices are difficult to secure as per the eighty percent of respondents.

 “These findings underscore the cyber security gaps that the healthcare industry desperately needs to address to safeguard the wellbeing of patients in an increasingly connected and software-driven world,” Synopsys global director of critical systems security Mike Ahmadi said in a statement.

“The industry needs to undergo a fundamental shift, building security into the software development lifecycle and across the software supply chain to ensure medical devices are not only safe, but also secure,” Ahmadi added.

___________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

 

Content to Prevent Data Breach

July 3rd, 2017

Egnyte a Calif. based content collaboration and governance specialist has launched a new cloud-based solution which looks after insider threat. The product focus on IT security professionals. Nowadays distributed workspace needs shared information system which uses on-premises collaboration platforms or cloud-based services which may cause data breach.

“As users and organizations are more global and interdependent they need to share more content with each other and then need to do it in a secure way using EFSS [enterprise file synchronization and sharing] solutions not email attachments for instance,” Isabelle Guis, chief strategy officer at Egnyte mentioned.

“But as you hire contractors and have many places where your content resides (on-premises, cloud, cloud apps, etc.) it is very difficult to enforce the security policies at the repository level or even train all your users and new hires to properly handle their content.”

Data leaks can occur due to various loopholes.

“For example, a merger and acquisition folder could be shared via a public link and one of the intended recipients forwards the link to someone who should not see that data,” Guis said. “Or, a very common example – a disgruntled employee downloads all of ‘their’ work, which is actually the company’s IP [intellectual property], right before leaving your company and going to a competitor,” a situation allegedly at the center of the high-stakes Google-Uber lawsuit.

Egnyte product looks for sensitive content in the database.

Then it “provides real–time analysis of all the content within an organization and presents actionable insights to help administrators prevent these types of aforementioned data breaches,” Guis said.

“Egnyte Protect continuously analyzes an organization’s entire content environment and classifies the most sensitive information, such as credit card numbers, social security numbers, sensitive IP, HIPAA information, and much more,” she added. “Then, in real–time, Egnyte Protect identifies vulnerabilities, alerts administrators, and offers actions that can immediately fix any issue that is found across all of the organization’s content repositories.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Kmart Attacked by Hackers Again

July 2nd, 2017

Kmart suffered another data breach when its server was attacked by hackers.

 “Our Kmart store payment data systems were infected with a form of malicious code that was undetectable by current anti-virus systems and application controls,” a Kmart FAQ on the data breach states. “Once aware of the new malicious code, we quickly removed it and contained the event.”

 Sears Holdings owns Kmart. It has not mentioned the number of affected card holder in the statement. Also, the location impact is also not disclosed. But it mentioned that only card information got breached.

 “All Kmart stores were EMV ‘Chip and Pin’ technology enabled during the time that the breach had occurred and we believe the exposure to cardholder data that can be used to create counterfeit cards is limited,” the company stated. “There is no evidence that kmart.com or Sears customers were impacted nor that debit PIN numbers were compromised.”

 This is the second breach in three years. Security of the card is crucial and online shops are finding it difficult to secure.

 “Consumers should monitor the transactions on any account linked to credit or debit cards they have used in a Kmart store and report any fraudulent transactions to their bank as soon as they are identified,” Capps said. “Given the brisk migration to a chip-and-pin system, we are unlikely to see the stolen credentials used for in-person payments, but they can be used for online transactions. “

 In 2014, Kmart was affected by malware.

 “We will likely find that this attack started with a stolen credential, used to inject the malware into Kmart’s networks,” Nir Polak, CEO of security vendor Exabeam mentioned. “In this modern operating environment, better behavioral analysis — focused on both use of credentials and on the system processes that are spawned from malware — is the best way to detect and shut down these attacks.”

____________________________________________________________________________________________

 Alertsec encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Ransomware Attack at Airway Oxygen

June 25th, 2017

Michigan-based Airway Oxygen, Inc. recently suffered data breach due to ransomware attack. Facility is notifying patients that their PHI may have been affected. Airway Oxygen supplies medical equipment.  It mentioned that facility becomes aware of the breach when ransomware was installed in its technical infrastructure. The incident prevented Airway from accessing its own data.

Affected information included full names, home addresses, dates of birth, telephone numbers, diagnoses, types of services provided, and health insurance policy numbers. Bank account numbers, debit or credit card numbers, and Social Security numbers were not included in the breach.

As per the OCR tool, 500,000 individuals were affected by the breach.

“Since learning of the incident, we immediately took steps to secure our internal systems against further intrusion, including by scanning the entire internal system, changing passwords for users, vendor accounts and applications, conducting a firewall review, updating and deploying security tools, and installing software to monitor and issue alerts as to suspicious firewall log activity,” explained the statement, which was signed by Airway Oxygen President Stephen Nyhuis.

Facility in the statement mentioned that it has notified FBI. Also, the cyber security firm is hired to help in the investigation.

“We take the security of those with whom we work and their data very seriously and our team is working diligently to ensure breaches of this type do not happen in the future.”

As per the statement, facility mentioned that steps were taken to secure internal systems. Scanning of the technical infrastructure was carried out. Passwords were changed for the users. Vendor accounts are monitored and review is done for security firewall, security tools. New software installation is done to alert for any such incidents in future.

Customers are advised to place a credit fraud alert. Also, a toll-free number is provided to assist the users.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Security of the end point devices

June 15th, 2017

A Recent survey conducted by Ponemon Institute shows that Sixty-three percent of participants are not able to monitor endpoint devices after they leave the corporate network. Fifty-five percent of endpoint devices contain sensitive data.

Absolute sponsored the survey which also contains below findings –

Fifty-six percent of participants don’t have a cohesive compliance strategy

Seventy percent mentioned that they have a below average ability to limit endpoint failure damages

Twenty-eight percent use automated analysis and inspection for determining compliance.

“It’s clear that enterprises face real visibility and control challenges when it comes to protecting the data on corporate endpoints, ensuring compliance and keeping up with threats,” Ponemon Institute chairman and founder Dr Larry Ponemon said.

The number of malware-infected endpoints devices has increased in the past one year. Also, forty-eight percent are not happy with their endpoint security solution.

“The trends that drove the extraordinary activity in 2016 are continuing unabated in 2017,” Risk-Based Security executive vice president Inga Goddijn said in a statement. “We have seen the return of widespread phishing for W-2 details, large datasets continue to be offered for sale, and misconfigured databases remain a thorny problem for IT administrators.”

Another survey by SACA shows that fifty-three percent reported an increase in cyber attacks. There is a general rise in data breaches.

“There is a significant and concerning gap between the threats an organization faces and its readiness to address those threats in a timely or effective manner,” ISACA board chair Christos Dimitriadis said in a statement. “Cyber security professionals face huge demands to secure organizational infrastructure, and teams need to be properly trained, resourced and prepared.”

Many believe there should be a rise in the budget for the security.

“The rise of CISOs in organizations demonstrates a growing leadership commitment to securing the enterprise, which is an encouraging sign,” Dimitriadis said. “But that’s not a cure-all. With the number of malicious attacks increasing, organizations can’t afford a resource slowdown. Yet with so many respondents showing a lack of confidence in their teams’ ability to address complex issues, we know there is more that must be done to address the urgent cybersecurity challenges faced by all enterprises.”

___________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

IoT Security

June 6th, 2017

The Internet of Things (IoT) is seeing the rapid rise but it seems to repeat the history of technology evolution. The pace of growth is not matched with security requirements. IoT helps automation as well as real-time synchronization of business processes. The implementation helps for precise response in real time.

 “IoT devices assist businesses in real-time responses to supply-and-demand market effects, they empower patients and healthcare professionals to continuously monitor conditions, and they enable electric grid operators to adjust the production, flow, and cost of electricity according to real-time market demands to ensure the most efficient, resilient, and cost-effective solution,” says James Scott, senior fellow at the Institute for Critical Infrastructure Technology, a Washington DC-based cybersecurity think tank.

 Hundreds of companies now provide IoT solutions. But security aspect is lagging behind.

 “As was shown in the Dyn attack, we appear doomed to repeat the mistakes we made with PCs and mobile devices in IoT,” says Tom Byrnes, founder and CTO of ThreatSTOP. “Once again, cost reduction has made security an afterthought, if a consideration at all, with predictably disastrous consequences.”

It is different than other systems as threat involved is higher due to many connection points. As per the Intel, 200 billion IoT devices will be online by 2020.

“Most IoT devices and sensors lack any form of security or security-by-design,” says Scott.

 “Without the layered security of the IoT microcosms, hacktivists can disrupt business operations, cyber-criminals can compromise and ransom pacemakers, and cyber-jihadists or nation-state sponsored threats can compromise and control the grid,” to name just a few of the potential IoT security attack scenarios.

“Every IoT device has inherent vulnerabilities and exploitable weaknesses resulting from a culture that sacrifices security in the design process in favour of meagre savings and in the rush to market,” says Scott. “The overwhelming preponderance of insecure IoT devices in the future will render security an impossibility in the future.”

Most of IoT devices do not have computational power or battery life to have security applications.

“We need to develop cost-effective IoT devices that incorporate security-by-design rather than cheaper and less secure alternatives,” says Scott. “While that may save a few dollars in the short-term, it puts the public and critical infrastructure at risk of losing millions of dollars and valuable data in the long-term.” 

Also, there is a lack of platform standards.  

“With old devices lasting longer than ever before, there are many devices currently in use that do not support new standards,” says Sam Rehman, Chief Technology Officer of Arxan. “Hackers will always see legacy devices as a prime choice of the entry.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Increase in DDoS Attacks

May 26th, 2017

Verisign recent report shows that 59 percent of distributed denial of service attacks peaked over 1 Gbps. Also, 23 percent peaked over 10 Gbps. The average peak attack size was 14.1 Gbps which is 26 percent increase over the last quarter.

The biggest attack included 60 Gbps for more than 15 hours.

“The attackers were very persistent in their attempts to disrupt the victim’s network by sending attack traffic on a daily basis for over two weeks.”

Survey also mentioned that IT services/cloud/SaaS industry was the prime target.

“In Q1 2017, Verisign observed that DDoS attacks remain unpredictable and persistent, and vary widely in terms of volume, speed and complexity,” the report mentioned. “To combat these attacks, it is becoming increasingly important to constantly monitor attacks for changes in order to optimize the mitigation strategy.”

Imperva’s Global DDoS Threat Landscape mentioned that 74 percent of DDoS attack victims were repeated.

“In the most extreme case, an established U.S.-based science news website was hit 1,046 times by low-volume bursts lasting 10 minutes or less,” Igal Zeifman, Incapsula security evangelist at Imperva, told eSecurity Planet by email. “This attack, and many other repeat assaults, fit the pattern of online harassment.”

“These attacks are a sign of the times — launching a DDoS assault has become as simple as downloading an attack script or paying a few dollars for a DDoS-for-hire service,” Zeifman added.

“Using these, non-professionals can take a website offline over a personal grievance or just as an act of cyber vandalism in what is essentially a form of Internet trolling.”

It also mentioned that the U.S. was the most targeted country and majority of attacks came from China.

Neustar’s Worldwide DDoS Attacks and Cyber Insights Research Report mentioned that the average cost of a DDoS attack amounts to $2.5 million in lost revenue.

“The question organizations must ask now is how they are prepared to manage these highly disruptive events,” Neustar head of research and development Barrett Lyon mentioned in a statement.

“Are they prepared for the bad day where they customers call and ask why the website is down?”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Cyber Security Professional Salaries

May 16th, 2017

Salaries of information security personnel of U.S. government agencies should increase approximately $7,000 to match the annual salaries of their private sector counterparts.

As per the recent survey sponsored by (ISC)2, Booz Allen Hamilton and Alta Associates, eighty seven percent believe that hiring and retaining qualified information security professionals is important for organization’s infrastructure.

“It’s crystal clear that the government must enhance its benefits offering to attract future hires and retain existing personnel given its fierce competition with the private sector for skilled workers and the unprecedented demand; unfortunately, the layers of complexity involved in fulfilling that goal are significant,” (ISC)2 managing director Dan Waddell mentioned in a statement.

As per the respondents, effectiveness of the security can be achieved by –

Increase in training programs (62 percent)

Monetary package for professional cyber security certifications (62 percent)

Improving salary packages (57 percent)

Flexible work schedules (56 percent)

“In today’s environment where cyber talent is scarce, organizations must recruit and train untapped talent pools, focusing on women, minorities, veterans and older workers,” Booz Allen Hamilton senior executive advisor Ron Sanders said.

“And while it can be difficult for government agencies to compete on salary alone when vying for these cyber warriors, they can appeal to a recruit’s sense of mission and purpose, tout the cutting-edge work being done and highlight opportunities for advancement,” Sanders added.

Challenges in Security

“The U.S. federal government is racing to boost data security against odds not generally faced in the private sector today,” 451 Research principal analyst Garrett Bekker said in a statement. “A major challenge in securing the far-flung systems in the U.S. federal government is the plethora of aging legacy systems still in place, with one example being a 53-year-old Strategic Automated Command and Control System at the Department of Defense that coordinates U.S. nuclear forces and uses 8-inch floppy disks.”

“In short, this ‘perfect storm’ of very old systems, tight budgets and being a prime cybercrime target has created a stressful environment,” Bekker added.

Accenture conducted survey of 3500 US citizens. It found out that seventy four percent do not have much confidence in government considering data security.

“While government agencies face many cyber security challenges, the research found strong citizen support for government organizations to take steps to increase data security and protect citizen information,” Accenture public service strategy lead Peter Hutchinson said in a statement.

“Government agencies that take a comprehensive end-to-end security approach by integrating cyber security deep into their organizations will not only secure their data, but also win the trust and confidence of the citizens they serve,” Hutchinson added.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.