New Jersey Hospital Network Faces Lawsuit Over Ransomware Attack

Infosecurity | February 21, 2020

A proposed class-action lawsuit has been filed against New Jersey's largest hospital health network over a ransomware attack that happened in December. Threat actors infected the computer systems of Hackensack Meridian Health, causing a system-wide shutdown on December 2. The attack disrupted services at 17 urgent care centers, hospitals, and nursing homes operated by the network.  News of the attack was leaked to the media on December 5. Eight days later, Hackensack confirmed that it had paid an undisclosed sum to retrieve files encrypted in the ransomware attack. Now, a proposed class-action lawsuit has been filed in a Newark district court by two plaintiffs seeking compensation, reimbursement of out-of-pocket expenses, statutory damages, and penalties.

Spotlight

Since our last Security Threat Report, malware and related IT security threats have grown and matured, and the developers and publishers of malicious code and websites have become far more creative in camouflaging their work.

Spotlight

Since our last Security Threat Report, malware and related IT security threats have grown and matured, and the developers and publishers of malicious code and websites have become far more creative in camouflaging their work.

Related News

DATA SECURITY

Imperva Extends its Data Security Fabric to Include Enterprise Data Lakes Built on AWS

Imperva | July 27, 2022

Imperva, Inc., a comprehensive digital security leader, announces that its award-winning Imperva Data Security Fabric (DSF) now provides data-centric protection and compliance for enterprise data lakes built on Amazon Web Services (AWS). Imperva reinforces its commitment to securing data and all paths to it by allowing AWS customers to secure their data with one comprehensive platform, leveraging a unified security model across Amazon Aurora, Amazon Redshift, Amazon Relational Database Service (Amazon RDS), Amazon DynamoDB, Amazon Athena, and AWS CloudFormation without requiring any changes to their existing data infrastructure. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Many security teams have gaps in their resources and domain expertise required to ensure their data lake meets organizational compliance and security policies. In particular, organizations must be able to simultaneously identify when a compromised user accesses sensitive data, while also preventing data from being stolen by malicious insiders. These gaps can mean that organizations must choose between limiting the data they store in a data lake, and putting themselves at risk of non-compliance, or in the worst-case scenario, a data breach. Imperva DSF includes User Entity Behavior Analytics (UEBA) models that can identify suspicious data access patterns, such as excessive access to sensitive records, the use of privileged service accounts by interactive users, and suspicious network connections. This helps organizations automatically identify and detect potential data breaches without the need for specialized data security analysts. Finally, with Imperva DSF, security operations teams can create playbooks to automatically mitigate threats using native AWS features like security groups or revoking user access using AWS IAM. This ensures organizations stay in compliance while also helping to prevent data breaches. Comprehensive Data Security From one holistic dashboard, Imperva DSF delivers a broad range of data security capabilities – including data discovery, classification, monitoring, access control, risk analytics, compliance management, security automation, threat detection, and audit reporting. This makes it easier for customers to protect the migration of sensitive data, including Personally Identifiable Information (PII) like customer names, email addresses, phone numbers, and gender, and adhere to privacy regulations, such as the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI-DSS), and the Health Insurance Portability and Accountability Act (HIPAA). Tens of thousands of organizations build data lakes on AWS and configure AWS Lake Formation, AWS Identity and Access Management (IAM), and Amazon Simple Storage Service (Amazon S3) policies to secure access to them. Imperva DSF leverages services like AWS Lake Formation and AWS Glue to discover data lakes, monitor how users query and access stored data, and detect and prevent malicious user access and data leakage incidents. Imperva DSF also safeguards critical data workloads across all of their databases, file repositories, data warehouses, multicloud, and data lake environments. Imperva Data Security Fabric can be deployed directly in any AWS Regions using pre-built AWS CloudFormation templates. Once deployed, Imperva DSF will begin discovering and monitoring data lakes. More than 400 pre-defined vulnerability assessment tests are available for cloud databases on AWS. Also, Imperva DSF takes the complexity out of deciding which baselines to establish by including policies based on Center for Internet Security (CIS) and Defense Information System Agency’s (DISA) Security Technical Implementation Guide (STIG) benchmarks that are adapted for the cloud. "AWS allows organizations to quickly and securely build solutions that help them to reach new markets and deliver new services to end users,” says Dan Neault, SVP and GM, Data Security, Imperva. “Imperva Data Security Fabric gives organizations building data lakes on AWS a streamlined experience for securing data, and confidence that their data lakes are in compliance.” About Imperva DSF on AWS The support of data lakes is the latest milestone in Imperva’s work with AWS. Imperva is an AWS Partner with the AWS Security Independent Software Vendor (ISV) Competency and Amazon RDS Ready Product validation. Imperva also participates in AWS Marketplace and AWS ISV Accelerate Program. About Imperva Imperva is the cybersecurity leader whose mission is to help organizations protect their data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.

Read More

SOFTWARE SECURITY

Syscoin Launches Network Rollup Facility

Syscoin | June 13, 2022

Syscoin, a cutting-edge base layer protocol that incorporates the composability of Ethereum-style smart contracts with the Bitcoin Network's industry-leading security, announced today the upcoming release of Rollux, a suite of developer-ready scaling solutions for developing decentralized applications at the speed of Web2 architectures. “At Syscoin, we are constantly improving the architecture of our platform to offer the most capable solution for developers who want to build with Bitcoin’s security, Ethereum’s flexibility, and, beginning today, Syscoin’s own scaling solutions. The launch of our in-house Layer 2 rollup suite marks a major milestone in the evolution of the Syscoin Network toward being the ultimate foundation for applications aimed at individuals, global enterprises and even governments around the world.” Jag Sidhu, Syscoin Foundation’s lead developer and president Moreover, Syscoin uses its unique Proof-of-Data-Availability (PoDA) breakthrough with Rollux to secure accessible off-chain data for rollups. Apart from Ethereum, Syscoin will be one of the first chains to host optimistic rollups and the only one to use Bitcoin's gold-standard proof-of-work hashing for its own security. As Ethereum evolves toward a proof-of-stake consensus paradigm, this difference will become more relevant. Syscoin's development plan is divided into three segments. The first phase concluded in December with the release of Syscoin's Network-Enabled Virtual Machine (NEVM). Syscoin's NEVM parallel Layer 1 chain allows developers to construct Ethereum-compatible, smart-contract-based decentralized apps on the Syscoin Network. Rollux is Syscoin's in-house Layer 2 rollup suite and marks the next step in the company's evolution. Rollux will provide scaling solutions to applications that use the Syscoin Platform foundation layer in order to provide decentralized services at Web2-like speeds. Furthermore, the Rollux suite will be a comprehensive Layer 2 solution that covers the full range of scaling methods. Rollux will first provide Optimistic rollouts before extending to include ZK rollups when they become practicable. When it is released, Rollux's optimistic rollup utility will use modular scaling technologies to provide the most efficient, cost-effective, scalable, and secure Layer 2 available. Syscoin will unleash performance and scalability 50 times that of existing Layer 2s and 5000 times that of the Ethereum mainnet with direct EVM counterparts like Arbitrum's Nitro and Optimism's Cannon. This powerful platform will continue to progress the sector for many years to come, ultimately ushering in stateless Layer 2 systems that offer a significant advancement in scalability and security. Syscoin Rollux will represent the cutting edge of scaling technology for Solidity-based smart contracts, with Layer 2 scaling coupled to Bitcoin's security standard. Moreover, since the smart contract layer is entirely EVM-compatible, it will be straightforward to onboard applications from Ethereum that want to add Bitcoin's security at scale. Finally, since the non-profit Syscoin Foundation is releasing the Rollux suite, the project will avoid charging excessive fees and using token schemes that add friction and costs to consumers.

Read More

SOFTWARE SECURITY

Zscaler Advances Cybersecurity and UX with New AI/ML Capabilities

Zscaler | June 23, 2022

Zscaler, Inc., the global leader in cloud security, unveiled today new breakthrough AI/ML innovations driven by the world's largest security cloud for unsurpassed user protection and digital experience monitoring. The new capabilities expand Zscaler's Zero Trust Exchange security platform, allowing companies to implement a Security Service Edge (SSE) that safeguards against the most advanced cyberattacks while providing an outstanding digital experience to users and easing zero trust architecture adoption. Cyberattacks on encrypted internet traffic have increased 314%, ransomware has increased 80%, and double extortion attacks have increased roughly 120%. Phishing is also on the rise, with businesses such as finance, government, and retail experiencing yearly increases in assaults of more than 100% in 2021. Organizations must adjust their defenses to real-time risk changes in order to battle growing threats. However, lean IT and security teams are facing security alert fatigue as they become more exposed to real-time attacks, and they frequently lack the resources and capabilities to adequately analyze and respond to the rising amount of threats. Zscaler is tackling these difficulties by offering one-click root cause analysis to rapidly identify the issues causing bad digital experiences, freeing up IT and security teams from debugging and allowing them to focus on preventing attacks. AI-powered security assists IT workers by automating threat detection in order to provide better and quicker protection. “Cybercriminals are using AI, automation, and advanced techniques to train machines to hack or socially engineer victims faster than ever before. To help our customers combat these escalating techniques, we’ve dramatically advanced AI and machine learning in our cloud to take advantage of our massive data pool, giving our customers granular real-time risk visibility and a solution to combat attackers that no other security vendor can provide.” Amit Sinha, President, Zscaler “Delivering seamless digital experiences, from employee devices to the applications they need, goes hand in hand with securing our sensitive business applications and data, no matter where it resides. Zscaler’s integrated cloud platform helped us effortlessly adopt a zero trust architecture, reduce risk, accelerate our digital transformation, and achieve business goals.” said Darren Beattie, Modern Workplace and Security Operations Manager at Auckland New Zealand-headquartered Tower Limited. “With Zscaler’s AI-powered Zero Trust platform based on a SSE framework, we are able to augment and expand the reach of our IT and security team to stop the growing frequency of advanced cyberattacks. The threat landscape is constantly evolving, and these new AI capabilities will effectively enable us to see real-time changes in risk, automate our response process, and stay ahead of the attackers,” said Stephen Bailey, Vice President of Information Technology at Cache Creek Casino Resort.

Read More