The Week in Blockchain and Cybersecurity News - November 9, 2018
IoT Security is a Perfect Pair for Blockchain
The Internet of Things (IoT) has swept the world. Every day, more devices are being connected to the internet. With these connections; come vulnerabilities and attack paths. The problem is one that has recently plagued organizations to increase the scope of their protection beyond the cloud and traditional perimeters. Recently, the State of California passed a bill, mandating that IoT manufacturers must provide adequate security for their products. This mandate may be the ammunition needed for blockchain to become an integral partner for IoT security. If IoT devices become integrated with the security and integrity of blockchain networks, this could potentially lead to a level of security that justifies these devices being connected to the world.
See the full article here.
Microsoft Eager to Work with President Trump on Cybersecurity
Microsoft recently announced that they want to collaborate with the Trump Administration in creating effective cybersecurity measures for civilians. The ever-growing and complex challenge of protecting the population against cybercrime is one that has the attention of Microsoft and the Federal Government. When it comes to businesses and other entities, options are available. Clear paths to cyber-success do exist for these organizations in the form of education, technology, personnel, policies, and regulations. However, when it comes to the sole persons, options can be few and far between. This new initiative takes on cybersecurity from a true end-user level. The parties involved are seeking to enhance the knowledge of the general public to a level that provides some form of cyber self defense.
Leading Medical Devices Vulnerable to Cyber-Threats
The concerns surrounding medical device security have been relayed in many recent forums. There are few cybersecurity vulnerabilities that hit closer to home than the ones that may cause direct harm to people. Entering the age of cyber defense at such a personal level is one that requires immediate attention. Manufacturers and developers of such critical technologies must remain cognizant of the risks posed if these devices were to be breached. Recently, the ICS-CERT released a warning to the public that Roche Point handheld medical devices carry some serious and exploitable vulnerabilities. If attackers are able to leverage these vulnerabilities, we could be in for true hostage-type situations.
Read the frightening publication here.
Terminated Employee Causes Data Breach
When terminating an employee goes sideways in a hurry: Recently, a Chicago Public School employee was released from their job. As employees are terminated, they usually take their favorite pen, a mousepad, picture frames, and the data of 70,000 people? It is alleged that the employee brought a sizeable database of personal information, along with their other belongings as they left the organization. According to CBS Chicago 28-year-old Kristi Sims may have stolen a database of employees, volunteers, and others. The datasets included names, employee ID numbers, phone numbers, addresses, birth dates, criminal histories, and more. The problem of data loss in such events has been well-documented in the past. Organizations must have stringent procedures that are followed before, during, and after an employee is terminated. It appears that something may have been missed in this case.
Check out the details.
U.S. Hospitals Being Targeted by SamSam Ransomware
Not a new target by any means. However, hospitals are now being specifically targeted by a particularly nasty ransomware variant. Known as SamSam, this ransomware strain is the same one that took down (drum roll) The City of Atlanta. One of the main differences between this strain and others is that attackers seem to be performing in-depth reconnaissance on their targets, prior to deploying this ransomware. Other variants seemed to quickly propagate into the hands of any cyber-attacker in the world. However, SamSam is one that has been the weapon of choice for more sophisticated attacks. If healthcare organizations have not implemented protections against ransomware, now is certainly an opportune time to do so.
Get the details here.
HSBC is Breached
Financial institutions are some of the most heavily targeted organizations for cyber-attackers. The big names have seriously sophisticated security programs and take the necessary precautions to protect their business and customer data. However, even big trees fall. HSBC confirmed that a “limited” data breach had occurred between October 4th and October 14th of 2018. The data breach is one that has potentially affected only 1% of their U.S. customers. The bank has already contacted those affected and this news is relatively quiet for the most part. However, the amount of data breaches that are occurring seem to be causing some fatigue for consumers. This has become the new normal for consumers to have their data stolen. Maybe a more fundamental issue needs to be addressed.
Check the details here.
HTC Blockchain & Crypto-Friendly Smartphone
IBM and Microsoft aren’t the only big names that are investing in blockchain technologies. Recently, mobile device manufacturer HTC released information on their new device: The HTC Exodus 1. The smartphone has been uniquely designed to harness the power of blockchain and comes pre-built with a hardware cryptocurrency wallet. This tech is one that could potentially change the face of smartphones for the foreseeable future. Digital privacy and security, at the consumer level, is a challenge to address. Unlike businesses, end consumers have limited choices when it comes to protecting themselves and their digital lives. Our smartphones go with us just about everywhere so an innovation such as this is one that could be well-received.
Get the scoop here.