Cyber Security Today, March 4, 2022 – Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more

Share post:

Huge numbers of medical infusion pumps are at risk, help for Ukrainian organizations hit by ransomware and more.

Welcome to Cyber Security Today. It’s Friday, March 4th. I’m Howard Solomon, contributing reporter on cybersecurity for

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Internet-connected devices can be scanned by anyone who has the tools. So as a test, researchers at Palo Alto Networks recently scanned for internet-connected infusion pumps used in hospitals and clinics to deliver medications to patients. What they found was 75 per cent of the 200,000 devices they found had known IT security gaps that could be compromised by attackers. That included exposure to one or more of some 40 known cybersecurity vulnerabilities. Just over half of the infusion pumps were susceptible to two known vulnerabilities disclosed in 2019. The healthcare industry has to do better than this. The study is another example of weak security of Internet of Things devices.

CrowdStrike and Avast have released help for organizations in Ukraine struck by the new HermeticRansom strain of ransomware. CrowdStrike put out a script experienced IT professionals can use to decrypt scrambled files, while Avast’s tool has an easier-to-use graphic interface. HermeticRansom is believed to be a piece of malware that deflects attention of victim organizations from its partner data wiping malware called HermeticWiper. So far both pieces of malware have only been seen in Ukraine. That may change depending on how the war with Russia goes.

IT security teams should prepare for a new type of distributed denial of service attack. Researchers at Akamai say someone has weaponized a theoretical attack found last summer by researchers at two American universities. Briefly, the strategy is to abuse what are called middleboxes, which are internet-connected devices like firewalls and content filtering systems for reflection attacks. Akamai estimates there are hundreds of thousands of middleboxes around the world vulnerable to this tactic. What’s worrisome is that it raises the ability of attackers to more easily launch bigger denial of service attacks than we’ve seen so far. That means middleboxes need to be better protected than they have been so far.

Attention software developers using the GitLab platform: You should upgrade to the latest version. Versions 13 and up have a vulnerability that could expose GitLab usernames, names, and email addresses to a remote attacker. The risk, say researchers at Rapid7, is this information could be combined with brute force password guessing or credential stuffing attacks to gain access to other corporate applications.

A lot of people are still using easy-to-guess passwords. That’s according to the latest annual identity exposure report from a security vendor called SpyCloud. Popular passwords last year included “2021,” “covid” and “mask.” Marvel movie enthusiasts chose “loki.” “falcon” and “wanda.” Sports team names remained popular. So was “freebritney.” But the top re-used passwords were the same easily-guessed ones used for years: “pass,” “password,” “123456,” “qwerty”, “111111” and …. I can’t go on, it’s too depressing. Listeners, please make each password different. Make each one out of three words that are meaningful to you that can’t be guessed. And use a password manager to keep track of them all.

Don’t forget later today the Week in Review podcast will be out. In this edition guest commentator David Shipley of Beauceron Security will talk about cyberwar, Russia and Ukraine and how a Canadian healthcare provider was hacked by two ransomware groups.

Links to details about podcast stories are in the text version at

You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, March 4, 2022 – Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for Friday, December 8, 2023

This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and  why outdated Microsoft Exchange servers are s

Canadian mid-sized firms pay an average $1.13 million to ransomware gangs

Survey for Palo Alto Networks also shows fewer firms willing to pay da

Cyber Security Today, Dec. 8, 2023 – Ransomware is increasingly impacting OT systems, and more

This episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads  using photos of celebrities

Canadian privacy czars release principles for responsible development of AI

The principles remind AI developers they have to follow Canadian data pr

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways