6-24-19 – News This Past Week

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks
This was the first documented digital attack known to have compromised electrical grid operations in the United States due to a moderately basic hack and showed us how the potential for far more significant disruption is a legitimate concern to industry professionals and consumers alike.

Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

For the industrial Internet of Things, defense in depth is a requirement
What the “4.0” revision adds compared to Industries 1.0 through 3.0 is a complex set of linkages between information and operational technologies. (IT stores, transmits, and manipulates data, while “OT” detects and causes changes in physical processes, such as devices for manufacturing or climate control.)
https://arstechnica.com/information-technology/2019/06/more-sensors-more-problems-industrial-iot-platforms-need-safeguarding/

Hospitals are being suffocated by robocalls
But it’s reaching a feverish pitch at the organizations for which it’s far more than an annoyance – rather, as hospital cybersecurity chiefs tell it, it’s a question of life and death. Spearphishers are placing spam calls to patients – using numbers spoofed to look like they’re coming from legitimate healthcare organizations and pretending to be hospital representatives
Hospitals are being suffocated by robocalls

Robocalls are overwhelming hospitals and patients, threatening a new kind of health crisis
But doctors, administrators and other hospital staff struggled to contain a much different kind of epidemic one April morning last year: a wave of thousands of robocalls that spread like a virus from one phone line to the next, disrupting communications for hours.
https://www.washingtonpost.com/technology/2019/06/17/robocalls-are-overwhelming-hospitals-patients-threatening-new-kind-health-crisis/?noredirect=on&utm_term=.0d8eb79835be

Power Outage Hits Millions in South America
The outage, which began in the interconnection system at the Yacyreta Dam, had a significant cybersecurity impact on one-third of the “CIA triad” — confidentiality, integrity, and availability of data
https://www.darkreading.com/iot/power-outage-hits-millions-in-south-america/d/d-id/1334983

Utilities, Nations Need Better Plan Against Critical Infrastructure Attackers
The attackers behind the Triton, or Xenotime, intrusions into critical infrastructure (CI) safety systems are testing their skills against electric power companies. Options for defense are still limited, however
https://www.darkreading.com/utilities-nations-need-better-plan-against-critical-infrastructure-attackers/d/d-id/1334977

Tiny TPM Promises to Secure IoT Devices
The Trusted Computing Group, founded by companies such as AMD, HP, IBM, Intel and Microsoft in 2003 to protect cryptographic keys on computers against tampering, recently announced its work to develop the specification for the “world’s tiniest Trusted Platform Module
https://www.tomshardware.com/news/smallest-tpm-chip-iot-devices-cybersecurity,39669.html

Smart TV Malware Is Another Thing We Have To Worry About, According To Samsung
As if worrying about our phones and computers being infected with malware wasn’t bad enough, it seems that Samsung might have caused a bit of undue panic and stress with a recent warning/reminder that the company issued
https://www.ubergizmo.com/2019/06/smart-tv-malware-samsung-warning/

Bugs in a popular hospital pump may let attackers alter drug dosages
Healthcare security firm CyberMDX has discovered two bugs affecting a popular infusion pump, allowing hijackers to remotely access and control it. Homeland Security has disclosed the vulnerabilities in the Alaris Gateway Workstation, a hospital pump that delivers fluids into a patient’s body in a controlled manner
https://www.engadget.com/2019/06/14/alaris-hospital-pump-vulnerabilities/

Posted in Uncategorized.