Shutterstock
Law Firm Cyberattack Exposes Tens of Thousands of Patient Records
… their activity becomes part of that network activity. You can’t move laterally if you’re not on the network. You can’t evade privileges if you’re not on the network.
Finally, you need to find out the hackers compromised.
“Organizations need to start operating with a mindset that a breach investigation is going to require more than a few days or a few weeks of lookback,” Sundaralingam said.
New Simulation Training Mimics Supply Side Attacks
Cloud Range has developed and released new simulation training for detection of supply side attacks like the SolarWinds hack.
A supply chain attack needs only to find the weakest link in a network to be successful, the company said. This type of attack, as a result, proves difficult to prepare for without experiencing it in a live environment.
Debbie Gordon is Cloud Range’s founder and CEO.
Cloud Range’s Debbie Gordon
“Cloud Range has developed this new supply side compromise attack scenario to provide security teams with the opportunity to practice detecting and responding to this attack type in a safe, simulated environment in order to prepare them for a similar attack that may happen in real life in the future,” she said.
Cyber defenders can “build muscle memory” and gain skills to make decisions in a split second, Gordon said.
Cyber professionals are immersed in real world cyberattacks, like the SolarWinds attack, in a safe virtual environment.
“These attacks are especially difficult to identify because the attack is coming from an otherwise trusted source,” Gordon said. “As information security matures, attackers are finding fewer soft targets remain every year. But as the name suggests, a supply chain attack need only find the weakest link in a network to be successful.”
Every SOC relies on third-party tools to perform their work, she said. Frequently patching and updating software address the overwhelming majority of security vulnerabilities. They’re two of the most valuable tools in the workbench of security personnel.
“A supply side compromise occurs when an update or patch from a third party tool has trojanized malware buried within it, waiting to spring into action once installed within an organization,” Gordon said.
By leveraging Cloud Range’s cyber range simulation exercises, MSSPs are more effective and can establish market leadership by showing customers they are proactively preparing for cyberattacks, she said.
“Cloud Range helps MSSPs and other cybersecurity providers meet their customers’ expectations by ensuring their team is constantly practicing and honing their skills in order to keep up with the growing threat landscape,” Gordon said.
Approov: Mobile Health Care Apps Leaking Sensitive Data
Many popular mobile health care apps are leaking sensitive patient data through their APIs, potentially compromising millions of patients.
That’s according to new findings issued by Approov and cybersecurity researcher Alissa Knight.
The study tested 30 popular mobile health apps. The apps exposed a minimum of 23 million users. The average number of downloads for each app tested was more than 772,000. Analysts expect the number of users exposed by the apps now available on major app stores is likely far greater.
Among vulnerabilities detailed in the report:
- One-half (50%) of the records accessed contained names, social security numbers, addresses, birthdates, allergies, medications and other sensitive patient data.
- One-half of the APIs tested allowed users to access the pathology, x-rays and clinical results of other patients.
- One-half of the APIs tested also did not authenticate requests with tokens.
David Stewart is Approov‘s CEO.
Approov’s David Stewart
“The value of health care records on the dark web is $1,000 or six times the value of credit cards,” he said. “It’s very sensitive information because you can learn a lot about someone by reading their health care record.”
Cybercriminals will be all over this, Stewart said. That’s because people are paying that much for the information.
The pandemic has pushed services delivered by mobile apps into the spotlight, Stewart said. Health care organizations need to up their game regarding app and related API security.
