Data loss

AI to Hunt Security Threat

August 25th, 2017

Versive which is based in Seattle recently raised  $12.7 million in a round of funding from Goldman Sachs, Formation 8, Madrona Venture Group and Vulcan Capital. Total investment till date is $54.7 million.

Versive Security Engine is the firm’s products which uses artificial intelligence (AI) technologies for critical threats involving networks and the data. As per the CEO Joseph Polverari, product is “an intelligent, automated threat-hunting solution, built on Versive’s award-winning, enterprise-scale artificial intelligence platform,”

“The Versive Security Engine was developed specifically to help cyber security practitioners effectively harness the power of AI to detect, identify, and mitigate advanced adversaries in ways not previously possible,” continued Polverari.

Versive has also announced a strategic partnership with big data and machine learning specialist Cloudera. Company plans to combine Versive’s AI technology and Cloudera’s analytics and machine learning capabilities.

“Using the Cloudera platform, Apache Spot’s open-data models, and the Versive Security Engine, enterprises can detect attackers that would be unseen with other approaches,” said Sam Heywood, director of Cloudera Cybersecurity Strategy.

Venture capital has increased participation in AI based Cybersecurity firms.

Bricata raised $8 million in a Series A round. It uses AI and machine learning technologies in its intrusion detection and prevention solution.

Darktrace announced that it had raised $75 million in a Series D round of funding.

“It marks another critical milestone for the company as we experience unprecedented growth in the U.S. market and are rapidly expanding across Latin America and Asia Pacific in particular, as organizations are increasingly turning to our AI approach to enhance their resilience to cyber-attackers.”Nicole Eagan, CEO at Darktrace said.

AI-enabled risk-detection solution, San Jose, Calif.-based Balbix mentioned that it got $8.6 million in investments.

Balbix is predictive risk analytics platform which shows results in a heat map.

____________________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leader’s quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

Ukraine’s Postal Service Hit

August 11th, 2017

Ukraine’s national postal service website Ukrposhta was hit by DDoS attacks for two days. The facility mentioned that it was able to start the service after the first day attack. On the second day, the service was slowed down by the attack.

Igal Zeifman Imperva director of marketing said that its not unusual to see such repeat attacks. “Recently, such tactics had become more common due to their ability to disrupt some security measures and cause fatigue to the people in charge of the attack mitigation, forcing them to stay alert even in the quiet time between attacks,” he said.

“In the first quarter of the year, we saw the number of such repeat assaults reach an all-time high, with over 74 percent of DDoS targets attacked at last twice in the span of that quarter,” Zeifman added.

Ukposhta was attacked earlier by hackers. In the late June it was impacted by NotPetya attacks.

As per Kaspersky Lab Q2 2017 DDoS Intelligence Report this quarter saw a 277-hour DDoS attack and 131 percent longer than the longest DDoS attack in Q1 2017.

It also mentioned that DDoS attacks hit 86 countries, up from 72 countries in Q1 2017. The most affected countries were China, South Korea, the U.S., Hong Kong, the U.K., Russia, Italy, the Netherlands, Canada and France.

Kaspersky also said that there is an increase in Ransom DDoS or RDos attacks

“Nowadays, it’s not just experienced teams of hi-tech cybercriminals that can be Ransom DDoS attackers,” Kaspersky Lab head of DDoS protection Kirill Ilganaev said in a statement. “Any fraudster who doesn’t even have the technical knowledge or skill to organize a full-scale DDoS attack can purchase a demonstrative attack for the purpose of extortion.”

“These people are mostly picking unsavvy companies that don’t protect their resources from DDoS in any way and therefore can be easily convinced to pay ransom with a simple demonstration,” Ilganaev added.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Google Employee Data at Risk

July 13th, 2017

Google sent notification letters to a number of employees about the data breach. It mentioned that their names, contact information and payment card data may have been affected.

“This did not affect Google’s systems. However, this incident impacted one of the travel providers used by Googlers, Carlson Wagonlit Travel (CWT).” Statement reads.

CWT and Google were not breached. The report suggests that it was fourth party data breach. Google was working with third-party vendor CWT who was using Sabre’s SynXis CRS.

“CWT subsequently notified Google about the issue on June 16, 2017, and we have been working with CWT and Sabre to confirm which Google travellers were affected,” the company mentioned.

According to the reports, the attacker gained access to some of CWT’s hotel reservations made through Sabre’s SynXis CRS.

“However, because the SynXis CRS deletes reservation details 60 days after the hotel stay, we are not able to confirm the specific inforamtion associated with every affected reservation,” Google noted.

CyberGRX CEO Fred Kneip emailed eSecurity Planet that it is difficult to determine which vendors can cause a data breach.

“A company the size of Google, whose reputation depends in large part on its ability to keep data secure, has thousands of third parties in its digital ecosystem,” Kneip said. “Attackers are clearly focused on the weakest links within those ecosystems — third parties like HVAC vendors and travel agencies — in order to do real damage.”

A recent Bomgar survey of 608 IT professionals shows that an average of 181 vendors are provided access to a company network.

“Security professionals must balance the business needs of those accessing their systems — whether insiders or third parties — with security,” Bomgar CEO Matt Dircks said in a statement.

“As the vendor ecosystem grows, the function of managing privileged access for vendors will need to be better managed through technology and processes that provide visibility into who is accessing company networks, and when, without slowing down business processes,” Dircks added.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Security Survey For Mobile Data Breach

April 25th, 2017

According to the recent survey by Dimensional Research, Sixty-four percent of security professionals feel that their organisations cannot prevent a breach to employees’ mobile devices.

Highlights of the survey are as below:

Twenty percent had suffered mobile breach incident

Twenty-four percent are not sure of the breach or they can’t tell about it

Fifty-one percent believe that breach to mobile is equal to that of PCs

“Perhaps the high level of concern is based on the frequency of mobile device loss or theft, as well as the limited security measures companies use to protect enterprise mobile devices,” the report states.

More than a third of companies fail to secure mobile devices as required and only thirty-eight percent take help of mobile security solution. Fifty-three percent says that lack of budget leads to a less secure environment. Forty-one said the shortage of resources is the reason.

“The dichotomy of management trying to control costs and security professionals struggling with insufficient tools to repel attackers is not a new story line in most enterprises,” the report notes. “Unfortunately, the story usually ends sadly with a huge, embarrassing event with the press blazing headlines of a costly hack and the company suffering brand damage and loss of customer confidence.”

Ninety-four percent feels that mobile attack will increase in coming time

Seventy-nine percent expect that complexity of mobile security will increase

Twenty percent said that mobile breach can cost $500,000 and 11 percent said it will cost more than $1 million for the companies

“The research consistently revealed that the overall focus and preparedness of security for mobile devices is severely lacking,” Dimensional Research principal David Gehringer said in a statement.

“Security professionals identified the risk of mobile devices, but focus and resources assignment seem to be waiting for actual catastrophes to validate the need to properly prepare their defenses,” Gehringer added. “It’s unfortunate that so many companies have not learned from the past and are doomed to repeat wasted costs and the customer outrage of being breached.”

____________________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security software, the market leader in the field of mobile data protection. Encryption is performed with the AES 256 bit encryption algorithm.

Data breaches due to unauthorized access

March 23rd, 2017

Virginia Commonwealth University (VCU) Health System recently announced data breach which affected over 2,700 patients. The incident occurred due to unauthorized access over a three-year period between January 3, 2014 and January 10, 2017.

Facility conducted investigation which found out that employees of community physician groups, and an employee of a contracted vendor had access to patient records without proper explanation. Concerned employees are terminated.

“As part of the health system’s partnership with community physicians, access is provided to their practices so they can view the medical records of their patients who are referred to the VCU Health System for care and treatment. Access also is provided to certain contracted vendors who provide medical equipment to patients for continuity of care at discharge from the hospital.”

Affected information included patient names, addresses, dates of birth, medical record numbers, health care providers, visit dates and Social Security numbers.

Facility is providing one year of free credit monitoring.

Second incident involves Tarleton Medical who announced data breach recently. Incident involves unauthorized access of a data server containing PHI from patient medical records.

Affected information included patient names, addresses, dates of birth, Social Security numbers, and healthcare claims information.

Facility did not mention number of individuals affected. As per the OCR reporting tool, incident affected 3,929 individuals.

“We have taken steps to enhance the security of TM patient information to prevent similar incidents from occurring in the future,” the healthcare organization explained in its notification letter.

Tarleton Medical contacted FBI. It is also offering patients free access to a credit monitoring service for one year.

As per the statement, it advised patients to follow below guidelines:

You can follow the recommendations on the following page to protect your personal information. You can also contact ID Experts with any questions Please note that the deadline to enroll is three months following the date of this letter. To receive the aforementioned services, you must be over the age of 18, have established credit in the U.S., have a Social Security number in your name, and have a U.S. residential address associated with your credit file. Your services start on the date that you enroll in the services and can be used at any time thereafter for 12 months following  enrollment.

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Unauthorized employee access at Vanderbilt University

March 6th, 2017

Vanderbilt University Medical Center (VUMC) recently suffered data breach when it came to know about the unauthorized employee access to patient medical records. As per the reports, concerned employee were working as patient transporters. Patients’ electronic medical records was accessed without necessary permissions.

As per the statement, “The breach prompted the medical center to change the way the patient transport staff gets information so that it no longer gives them access to electronic medical records. Staff in that department were also retrained about appropriate access to information. VUMC is in the process of migrating from its current electronic health record system to a new software system designed by Epic Systems.”

Facilty conducted an audit of electronic medical records (EHR) which was accessed by the employee.  As per the reports, two employees were involved in the breach who viewed adult and pediatric patient information, including patients’ names, dates of birth, and medical record numbers for internal use. One of them got access to patient Social Security numbers in a few instances.

VUMC mentioned that there is no information whether data was downloaded, transferred, or misused in any way. Affected patients received notification letter Facility has offered fraud or identity theft services. As per the report from The Tennessean, incident affected 3,247 medical records.

“We are committed to providing our patients the highest quality care and protecting the confidentiality of their personal information. To our knowledge, the information the employees viewed was not printed, forwarded or downloaded.  So far, we have no reason to believe that our patients’ personal information has been used or disclosed in other ways,” said VUMC Chief Communications Officer John Howser. “While we are not aware of any risk of financial harm to these patients, we are contacting each of them by letter to recommend that they vigilantly review account statements and their credit status.”

_____________________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data breach due to hacking

March 2nd, 2017

Emory Healthcare’s Orthopaedics & Spine Center and Brain Health Center (EHC) at Emory Clinic recently suffered data breach, which impacted almost 80,000 patients. Facility came to know about the incident on Jan 3, 2017. It involved third party database called Waits & Delays. As per the statement, the affected database was used for patients’ appointment information.

Affected information included patient names, dates of birth, contact information, internal medication record numbers, dates of service, and physician names. The above information was removed from the server by an unauthorized individual. The person demanded payment from EHC to restore the data.

As per the reports, individuals who scheduled an appointment at the Orthopaedics & Spine Center within Emory Clinic between March 25, 2015 and January 3, 2017, and any patients with an appointment at Emory Clinic Brain Health Center between December 6, 2016 and January 3, 2016 are potentially affected.

As per the OCR data breach reporting tool, incident affected 79,930 individuals.  Facility mentioned that no Social Security numbers, financial information, diagnoses, or any other information from patient EHRs were accessed during the incident.

Another instance of unauthorized access by an independent security research center was also noticed. It resulted due to efforts of finding gaps in application security to alert companies of areas needing improvement by security company.

Facility launched an internal investigation after the incident. It also notified law enforcement. Potentially affected individuals are also notified. EHC is performing analysis on its current security measures. Internal and external systems which contained patient information will be changed as per the reports.

EHC mentioned that it has no information or indication of accessed data misuse.

“Please refer to the notice you will receive in the mail regarding steps that you can take to protect yourself. In general, we recommend, as a precautionary measure, that you remain vigilant to protect against potential fraud and/or identity theft by, among other things, reviewing your account statements and monitoring credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities, including the police and your state’s attorney general.”

___________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Data breach at rehabilitation facility

February 27th, 2017

Catalina Post-Acute and Rehabilitation recently announced data breach when paper files were left in an unattended area. The patient data and certain employee information were left temporarily vulnerable to possible unauthorized public access. Current or past residents and employees are encouraged to take steps to protect themselves.

Facility has mission statement provided on the website as, “Working together to create a sense of community, our dedicated and compassionate staff will strive to exceed your expectations and make a difference in the lives of those we serve by providing exceptional care and service, and remembering you are the reason we are here.”

The healthcare organization mentioned that it came to know about these files on December 5, 2016. Affected information included demographic information. Diagnoses and Social Security numbers in some cases. As per the OCR reporting tool, the incident affected 2,953 individuals.

Facility mentioned that it launched an investigation into the incident. Also, protocols in place relating to PHI storage and employee information are reviewed. It also mentioned that as per the internal investigation it appears that no patient or employee information was misused.

“Catalina Post-Acute and Rehabilitation is committed to the proper handling and protection of resident and employee information, and regularly assesses its systems and processes to ensure that this information is maintained and managed in accordance with State and Federal Law,” the online statement explained.

Facility also mentioned that consumers may request free copy of their credit report once 12 months from Equifax, Experian and Trans Union. These agencies have central website to provide free credit report.  It has also provided contact number to answer questions and queries of affected individuals.

___________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leaders quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.

Healthcare companies to increase security spending

February 26th, 2017

As per the recent survey of more than 1,100 senior security executives worldwide, here are the results-

  • Seventy six percent of global healthcare organizations plan to increase security budget
  • Eight one percent of U.S. healthcare organizations mentioned that they will increase the security budget

As per the survey conducted by Thales Data Threat, sixty percent healthcare are deploying to cloud, big data, and IoT or container environments without proper security measures.  Ninety percent believes that they can face data breach.

“For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of Internet-connected heart-rate monitors, implantable defibrillators and insulin pumps,” Thales e-Security vice president of strategy Peter Galvin said in a statement. “Adhering to the security status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

As per the Redspin’s Breach Report there is increase in data breach incidents in 2016.

“Healthcare providers have become the primary targets of malicious hackers, and their attacks are becoming increasingly sophisticated and disruptive to operations,” Dan Berger, vice president at CynergisTek, said in a statement (Redspin is now part of the CynergisTek portfolio).

“The dramatic increase in hacking attacks in 2016, coupled with the large number of patient records copmromised in those incidents, points to a pressing need for providers to take a much more proactive and comprehensive approach to protecting their information assets in 2017 and beyond,” Berger added.

Accenture conducted survey which concluded that 26 percent of U.S. consumers faced data breach. Fifty percent faced medical identity theft.

“Health systems need to recognize that many patients will suffer personal financial loss from cyber attacks of their medical information,” Reza Chapman, managing director of cyber security in Accenture’s health practice, said in a statement. “Not only do health organizations need to stay vigilant in safeguarding personal information, they need to build a foundation of digital trust with patients to help weather the storm of a breach.

Fifty percent found the breach by themselves by looking at their credit card statement. Twenty five percent changed their healthcare providers after the breach. Twenty one percent changed insurance plan. And nineteen percent took help of legal counsel.

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Unauthorized EHR access at medical centre

February 22nd, 2017

Dignity Health St. Joseph’s Hospital and Medical Center recently announced data breach, which has potentially affected 600 patient medical record. During routine review of employee access to the hospital’s electronic health records, St. Joseph’s came to know about the incident.

“Dignity Health and St. Joseph’s Hospital and Medical Center are committed to furthering the healing ministry of Jesus, and to providing high-quality, affordable healthcare to the communities we serve.”

As per the reports, sections of patient medical records were viewed without authorization by a part time hospital employee. Facility has sent advisory letters to impacted patients.

St. Joseph’s mentioned that the records did not contain Social Security numbers, billing, and credit card information. It also added that there is “no reason to believe these patients need to take any action to protect themselves against identity theft.”

“Dignity Health St. Joseph’s Hospital and Medical Center is deeply committed to protecting its patients,” the statement explained. “Any person who accesses medical records without a job-related reason is in violation of St. Joseph’s policy and appropriate action has been taken in response to this event.”

The individuals who were patients at St. Joseph’s between Oct. 1, and Nov. 22, 2016 are notified. Potentially affected information included patient medical records, demographic information (e.g. names and dates of birth), and clinical data, such as doctor’s orders and diagnostic information.

“St. Joseph’s regrets any inconvenience caused by this incident. Letters have been mailed to patients whose medical records may have been viewed and the hospital has established a call center to answer any questions they may have. “

An electronic health record (EHR) is a digital patient’s record. EHRs are advantageous as they are  are real-time as well as patient-centric. It also contains broader view of patient’s record and care.

___________________________________________________________________________________

Alertsec Endpoint Encrypt is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.