FDA Warns of Cyber Security Flaws in Hospira Infusion Pump

JEFF GOLDMAN | April 26, 2016

article image
The FDA recently issued an alert warning of cyber security vulnerabilities in Hospira's Symbiq Infusion Pump and advising health care facilities "transition to alternative infusion systems and discontinue use of these pumps." Hospira and independent researcher Billy Rios determined that the Sympiq Infusion System can be accessed remotely through a hospital's network, enabling an attacker to control the device and change the dosage being delivered, "which could lead to over- or under-infusion of critical patient therapies," according to the alert.

Spotlight

Staminus

Staminus specializes in DoS and DDoS attack protection and mitigation (Denial of Service) for TCP SYN floods, http GET and POST floods, UDP and DNS floods, ICMP floods, Spoofed IP Attacks, teardrop attacks and many more using our revolutionary SecurePort DDoS Protection Technology.

OTHER ARTICLES

Webroot: Widespread Lack of Cybersecurity Best Practices

Article | April 7, 2020

A new list of most and least cyber secure U.S. states shows a disturbing lack of cybersecurity best practices. According to Webroot‘s fourth annual ranking, New York, California, Texas, Alabama and Arkansas are the least cyber secure states in the country, while Nebraska, New Hampshire, Wyoming, Oregon and New Jersey are the most cyber secure. Tyler Moffitt, Webroot security analyst, tells us none of the states had an average score greater than 67%. Also, there is very little difference between the most secure and least secure states, he said. No state scored a “C” grade or higher. That underlines a lack of cybersecurity education and hygiene nationally. However, the most cyber secure state (Nebraska at 67%) did score substantially better than the least (New York at 52%). This score was calculated through a variety of action- and knowledge-based variables, including residents’ use of antivirus software, use of personal devices for work, use of default security settings, use of encrypted data backups, password sharing and reuse, social media account privacy, and understanding of key cybersecurity concepts like malware and phishing,” Moffitt said.

Read More

CISOS PARTICIPATE IN CYBER WARGAMES TO HONE RANSOMWARE RESPONSE PLANS WITH EC-COUNCIL

Article | March 2, 2020

EC-Council, leading global information security certification body, conducted a table-top, cyber wargame among top cybersecurity executives in Tampa, Florida. The sold-out session, “CISO wargame,” included 27 senior executives from the largest managed IT service providers in the United States. The event presented the security experts with a simulated incident where an organization is hit by a ransomware attack. Participants had to work to contain the damage of the attack, which grew more complicated as the 4-hour exercise unfolded. Participants were tasked with deciding whether to pay a ransom and use ransom negotiators as well as to communicate with employees, stockholders, and the media about the breach.

Read More

Cybersecurity: Five Key Questions The CEO Must Ask

Article | December 15, 2020

Just about every single day, somewhere in the world, a company falls victim to cyber attackers, even with millions spent on cybersecurity. Every company is a target because they have data and there are too many doors, windows and entryways for cyber attackers to get in, whether on-premise or in the cloud. It is not a question of if, but when, the attackers will get in. Prevention efforts are of course important, but since attackers will get in, equal attention must be on detection going forward. And the focus must be on early detection, otherwise, it will be too late. My book, Next Level Cybersecurity, is based on intensive reviews of the world’s largest hacks and uncovers the signals of the attackers that companies are either missing or don’t know how to detect early, apart from all of the noise. So, the attackers are slipping by the cybersecurity, staying undetected and stealing data or committing other harm. In the book I explain the Cyber Attack Chain. It is a simplified model that shows the steps that cyber attackers tend to follow in just about every single hack. There are five steps: external reconnaissance; intrusion; lateral movement; command and control; and execution. At each step, there will be signals of the attackers’ behavior and activity. But the signals in the intrusion, lateral movement and command and control steps provide the greatest value because they are timely. The external reconnaissance step is very early and the signals may not materialize into an attack, while detecting signals in the execution step is too late because by this time the data theft or harm will have already occurred. My research uncovered 15 major signals in the intrusion, lateral movement and command and control steps that should be the focus of detection. My research of the world’s largest hacks reveals that if the company had detected signals of the attackers early, in the intrusion, lateral movement or command and control steps, they would have been able to stop the hack and prevent the loss or damage. My book shows how to detect the signals in time, using a seven-step early detection method. One of the key steps in this method is to map relevant signals to the Crown Jewels (crucial data, IP or other assets). It is a great use case for machine learning and AI. There is a lot of noise, so machine learning and AI can help eliminate false positives and expose the attackers’ signals early to stop the hack. There are two blind spots that just about every single company world-wide faces that cyber attackers will exploit, beginning in 2019, that companies must get on top of. One blind spot is the cloud. There is a false sense of comfort and lack of attention to detection, thinking the cloud is safer because of the cloud provider’s cybersecurity or because the cloud provider has an out-of-the-box monitoring system. However, if the company fails to identify all Crown Jewels and map all relevant cyber attacker signals for the monitoring, the attackers will get in, remain undetected and steal data or commit other harm in the cloud. The other blind spot is Internet of Things (IoT). IoT devices (e.g. smart TVs, webcams, routers, sensors, etc.), with 5G on the way, will be ubiquitous in companies world-wide. While IoT devices provide many benefits, they are a weak link in the chain due to poor built-in security and lack of monitoring. Cyber attackers will focus on IoT devices to make the intrusion, then pivot to get to the Crown Jewels. Detecting early signals of cyber attackers trying to exploit IoT devices will be critical. Companies world-wide need to make cybersecurity a priority, starting in the board room and with the CEO. It all starts at the top. My intensive reviews of the world’s largest hacks reveal in each case a common theme: inadequate or missing CEO and board cybersecurity oversight. Here are five key questions from my book that the CEO must take the lead on and together with the board ask of the management team to make sure the company will not become the next victim of cyber attackers and suffer significant financial and reputational harm: Have we identified all of our Crown Jewels and are not missing any? Do we know where all of the Crown Jewels are located? Have we identified all of the ways cyber attackers could get to the Crown Jewels? Have we mapped high probability signals of cyber attackers trying to get to the Crown Jewels with each Crown Jewel? Are we sifting through all of the noise to detect signals early and reporting to the CEO and the board in a dashboard report for timely oversight? If your answer is No to any of the questions or you are unsure, you have a gap or blind spot and are at risk, and you must follow up to get to a high confidence Yes answer. In my book, Next Level Cybersecurity, I provide other key questions to ask and a practical seven-step method to take cybersecurity to the next level to stay one step ahead of the attackers. It is written in plain language for boards, executives and management, so everyone can get on the same page and together mitigate one of the most significant and disruptive risks faced today, cybersecurity.

Read More

Noxious Zero-Click Attack: What Is It And How To Avoid It

Article | January 19, 2021

For years, we have been told that cyber-attacks happen due to human-errors. Almost every person has stressed about training to prevent cyber-attacks from taking place. We have always been on the alert to dodge errant clicks or online downloads that might infect devices with security threats. However, not all attacks need a user’s oversight to open the door. Although avoiding clicking on phishing emails is still significant but there is a cyber threat that does not need any human error and has been in the recent news. It is known as Zero-Click attack where some vulnerabilities can be misused by hackers to launch attacks even without interaction from the victim. Rather than depending on the hardware or software flaws to get access to the victim’s device, zero-click attacks eliminate the human error equation. There is nothing a victim can do once coming into the limelight of the hacker. Also, with the flourishing use of smartphones around the world that entails all the personal information and data, this thread has expanded enormously. How Zero-Click Attacks Occur? The core condition for successfully pulling off a zero-click is creating a specially designed piece of data which is then sent to the targeted device over a wireless network connection including mobile internet or wifi. This then hit a scarcely documented vulnerability on the software or hardware level. The vulnerability majorly affects the messaging or emailing apps. The attacks that have begun from Apple’s mail app on iPhone or iPad, have now moved ahead on Whatsapp and Samsung devices. In iOS 13, the vulnerability allowed zero-click when the mail runs in the background. It enables attackers to read, edit, delete, or leak the email inside the app. Later these attacks moved to Samsung’s android devices having version 4.4.4 or above. The successful attacks provide similar access to the hackers as an owner, entailing contacts, SMS, and call logs. In 2019, a breach on Whatsapp used the voice call functionality of the app to ring the victim’s phone. Even if the victim didn’t pick the call and later deleted it, the attacks still installed malicious data packets. These grants access to the hacker to take complete control of call logs, locations, data, camera, and even microphone of the device. Another similar attack had happened due to the frangibility in the chipset of WI-FI that is used in streaming, gaming, smart home devices, and laptops. The zero-click attack blooms on the increase of mobile devices as the number of smartphones have reached above 3 billion. How To Avoid Zero-Click Attacks? Most of the attacks of zero-click target certain victims including corporate executives, government officials, and journalists. But anyone using a smartphone is a possible target. These attacks cannot be spotted due to the lack of vulnerabilities. So the users have to keep the operating system along with the third-party software updated. Also, it is a must to give minimal permissions to apps that are being installed on the device. Moreover, if you own a business and are afraid of the zero-click attacks on your company’s app, you can always seek IT consultations from top-notch companies orhire developersthat will help in developing applications with hard-to-creep-into programming languages where detecting an attack is efficient.

Read More

Spotlight

Staminus

Staminus specializes in DoS and DDoS attack protection and mitigation (Denial of Service) for TCP SYN floods, http GET and POST floods, UDP and DNS floods, ICMP floods, Spoofed IP Attacks, teardrop attacks and many more using our revolutionary SecurePort DDoS Protection Technology.

Events