Cyber Security Today, March 4, 2022 – Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more

Share post:

Huge numbers of medical infusion pumps are at risk, help for Ukrainian organizations hit by ransomware and more.

Welcome to Cyber Security Today. It’s Friday, March 4th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Internet-connected devices can be scanned by anyone who has the tools. So as a test, researchers at Palo Alto Networks recently scanned for internet-connected infusion pumps used in hospitals and clinics to deliver medications to patients. What they found was 75 per cent of the 200,000 devices they found had known IT security gaps that could be compromised by attackers. That included exposure to one or more of some 40 known cybersecurity vulnerabilities. Just over half of the infusion pumps were susceptible to two known vulnerabilities disclosed in 2019. The healthcare industry has to do better than this. The study is another example of weak security of Internet of Things devices.

CrowdStrike and Avast have released help for organizations in Ukraine struck by the new HermeticRansom strain of ransomware. CrowdStrike put out a script experienced IT professionals can use to decrypt scrambled files, while Avast’s tool has an easier-to-use graphic interface. HermeticRansom is believed to be a piece of malware that deflects attention of victim organizations from its partner data wiping malware called HermeticWiper. So far both pieces of malware have only been seen in Ukraine. That may change depending on how the war with Russia goes.

IT security teams should prepare for a new type of distributed denial of service attack. Researchers at Akamai say someone has weaponized a theoretical attack found last summer by researchers at two American universities. Briefly, the strategy is to abuse what are called middleboxes, which are internet-connected devices like firewalls and content filtering systems for reflection attacks. Akamai estimates there are hundreds of thousands of middleboxes around the world vulnerable to this tactic. What’s worrisome is that it raises the ability of attackers to more easily launch bigger denial of service attacks than we’ve seen so far. That means middleboxes need to be better protected than they have been so far.

Attention software developers using the GitLab platform: You should upgrade to the latest version. Versions 13 and up have a vulnerability that could expose GitLab usernames, names, and email addresses to a remote attacker. The risk, say researchers at Rapid7, is this information could be combined with brute force password guessing or credential stuffing attacks to gain access to other corporate applications.

A lot of people are still using easy-to-guess passwords. That’s according to the latest annual identity exposure report from a security vendor called SpyCloud. Popular passwords last year included “2021,” “covid” and “mask.” Marvel movie enthusiasts chose “loki.” “falcon” and “wanda.” Sports team names remained popular. So was “freebritney.” But the top re-used passwords were the same easily-guessed ones used for years: “pass,” “password,” “123456,” “qwerty”, “111111” and …. I can’t go on, it’s too depressing. Listeners, please make each password different. Make each one out of three words that are meaningful to you that can’t be guessed. And use a password manager to keep track of them all.

Don’t forget later today the Week in Review podcast will be out. In this edition guest commentator David Shipley of Beauceron Security will talk about cyberwar, Russia and Ukraine and how a Canadian healthcare provider was hacked by two ransomware groups.

Links to details about podcast stories are in the text version at ITWorldCanada.com.

You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, March 4, 2022 – Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Pablo Listingart from ComIT – Hashtag Trending the Weekend Edition for May 25, 2024

Pablo Listingart, founder and executive director of ComIT, discusses the resource shortage in cybersecurity and IT and the...

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Consumers don’t trust social media companies with AI. Hashtag Trending for Friday, May 24th, 2024

A new Axios poll says that consumers don’t trust social media giants branching into AI.  Two companies headed...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways