US hospital paid hackers to be protected from ransomware infection

US hospital named Indiana hospital paid $60,000 to hackers to protect themselves from ransomware attack. The hospital said that they had no choice and couldn’t wait for the backup to be pulled themselves up from ransomware. Ransomware means a type of malicious software designed by some hackers to block a computer, device or security system until the amount of money is paid to them.
IT team from the hospital warned that they were being attacked by ransomware “Samsam”. The ransomware attack spread over the hospital network and encrypted hospital’s information systems.
To be protected from the attack, the hospital called FBI cyber-crime task force but they didn’t find any solution and couldn’t be recovered in time. So the hospital had no choice and paid the hackers by using bitcoins.
After paying them, the hackers who created the ransomware accepted the payment and sent the decryption keys to the hospital to unlock the data.

I have been reading about it from the sources below.
http://www.theregister.co.uk/2018/01/16/us_hospital_ransomware_bitcoin/
http://www.zdnet.com/article/us-hospital-pays-55000-to-ransomware-operators/

— Ragib M.

 

Advertisements

The Unseen Flaw in Computers with Intel Processors

Most of the time when you think of having your information leaked from your personal computer, you think of hackers abusing oversights in a program or human error. However, this is not the case with the exploit known as “Meltdown” and this exploit has been possible since Intel processors since 1995.

Besides a patch released by Microsoft and Apple that were quickly released as soon as the news of “Meltdown” was announced, not much can be down about this exploit and how to protect your private information on your computer. “Meltdown” is a Kernel leak that allows applications on a computer to access memory from other programs, meaning that any outside user attacking your computer can use this to obtain any information on your computer or do anything on your computer. This is due to an oversight in what is called branch prediction, which your processor loads data in preparation for a conditional statement so it determine what to within that block of code. Before reaching this conditional, it loads the data on the CPU’s cache and will executes both of these at the same time. While data in cache isn’t accessible by any program, it can be exposed, hence leading to this information leak. Functionally, this can act similarly to a backdoor, but on a hardware level, meaning detection of any information leak is extremely difficult as it does not leave any traces behind in traditional log files.

-Steven Galarza

Sources:

https://meltdownattack.com/

https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/

https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html

 

 

Security Breaches and the Supreme Court

Nearly everyone, if not everyone, will be a victim of a breached company as a result of a cyber attack. As of now, the company will contact you, you’ll receive a new credit card, be offered credit monitoring, and the company will fix the problem that allowed the breach to occur. This is very common practice for corporations, and we see this happening far too often. What hasn’t been decided yet is if an individual or a group can sue a company as a result of a data breach.With this question comes many more, such as:

  • Should the courts consider possible future harm?
  • Should the courts consider the fear and emotion that an individual goes through?
  • What should a consumer be doing to prevent damage from these breaches?
  • How imminent is the future harm?
  • What is the economic value of privacy?

Courts have been struggling with these problems, and the rulings haven’t followed a pattern or set a strong precedent. The most practical way to decide on answers for these questions is for the Supreme Court to hear cases and make a decision. Going forward, a ruling in favor of suing could lead to larger economic consequences for companies that are breached. A ruling in favor of corporations would put the responsibility on the consumer to monitor their credit, use  complex and unique passwords, and be wary of who they give their personal information to.

 

Source: https://securityboulevard.com/2017/11/supreme-court-decide-breach-victims-rights/

-Matthew Smith

A Flaw in the World of Mobile Computing

The prospect of needing credentials to access a developer account in an app or to a website that provides an API is not a new concept. And the proliferated stereotype of the lazy developer is nothing to write home about. But some app developers have taken to new levels of carelessness. Appthority calls a new vulnerability they have found, “The Eavesdropper Vulnerability”. This is when the developer hard codes in their credentials to access the features of the device, specifically for the Twilo API. Those who exploit this vulnerability are able to access text messages, Twilo metadata, call metadata, and voice recordings.

This vulnerability does not rely on anything but the hard coded credentials themselves. No jailbreak, hacking, or effort is required. All that is needed to acquire these developer’s credentials is to find and app that uses the Twilo API, skim through it to find them in plain text, then use your favorite method to exfiltrate the data using the credentials.

What’s the solution here? More security conscious developers. There is no other option here than to have developers remove their credentials from the app’s code. That and to not do it again. This vulnerability was entirely preventable, those responsible for it simply did not.

Alan Richman.

Source: https://www.appthority.com/mobile-threat-center/blog/eavesdropper-mobile-vulnerability-exposing-millions-conversations/

Boeing 757 planes susceptible to security breaches

Recently a group of experts worked with homeland security to see if they could hack into a Boeing 757 jetliner. The team was succesful in the hack. The exact details were not disclosed for obvious reasons but they did say they got to the planes system through the radio frequency communications. Robert Hickey from Homeland Security presented at CyberSat Summit and most other experts said we have known that for years it’s no big deal, but when Hickey went to tell pilots of what they found they had no idea their planes were at risk to cyber attacks. Now Boeing 757’s have not been made since 2004 so it seems like it shouldn’t be an issue anymore, except many airlines like United and Delta still use these planes. president Trumps personal plane he uses to fly most places is also a 757. This issue is also difficult to patch they say it would $1 million to change one line of code on a planes system and would take a year to implement, making a patch near impossible. Boeing has said it isn’t something to worry about because it is an older model and system and the new planes like the 787 can’t be affected and were designed with security in mind. Which is good to hear a vulnerability in a plane could cause catastrophic problems.

-Levi Walker

Sources:

http://nypost.com/2017/11/14/cybersecurity-expert-claims-he-was-able-to-hack-into-a-parked-boeing-757/