Security News Update for the Week Ending September 2, 2022
Why PREVENTING Ransomware is the Only Option
Patients of Methodist McKinney Hospital and two of its surgery centers are preparing for their data to be sold on the dark web. Healthcare is a prime target for hackers for a number of reasons. The hospital decided not to pay the ransom for 360 gigabytes of stolen data, so the hackers are just going to sell it. This hack, in what is a relatively new ransomware twist, involved just stealing the data and trying to extort money from the hospital. No encryption was involved. The hospital is in a no-win situation, telling patients to watch for fraud. The problem is there is no real “tail” for healthcare fraud – it can happen years later. I am sure there will be fines from the feds and state and likely lawsuits that go on for years. Prevention is a better option, even though it costs money now. This will probably cost them tens of millions of dollars in the end. Credit: CBS News Dallas
Library Supplier Baker & Taylor Hit By Ransomware
200 year old Baker & Taylor supplies libraries with content, software and services. They were hit by a ransomware attack in mid-August and are still struggling to get back online. This is the true cost of ransomware. What happens in the weeks where your company is out of commission. This also affects their library customers as the online services they provide to consumers are also down. Credit: The Record
Bionic Beaver Bug Knocks Azure VMs Offline
Bionic Beaver is Ubuntu’s name for version 18.04 of their Linux distribution. Apparently, Microsoft had some problems with the update and users who were updated no longer have a working DNS service, effectively taking the system down. Microsoft has a number of suggestions, all of which include some downtime. This is a challenge of the cloud where the service provider chooses when to do updates, affecting your availability. Credit: Bleeping Computer
Pay the Ransom and Get Your Data Leaked Anyway
Barracuda Networks is reporting on the story of a customer who got hit by ransomware, paid the ransom and the criminals leaked his data anyway. Consider that these guys are breaking the law to start with, so one should not expect them to keep any promises they make. While this story is very short on details, it does point out that paying ransoms are dicey at best. Credit: ZDNet
Former Denver Teachers Withdraw Guilty Pleas in Peanut Butter Cyber Espionage Case
Sometimes you can’t make up craziness as strange as reality. Navy nuclear engineer Jonathan Toebbe and his wife, former Denver teachers, had pleaded guilty to charges of trying to sell nuclear secrets to foreign governments. They hid SD cards with the data in PB&J sandwiches left at dead drops for FBI agents who were pretending to be foreign agents. Prosecutors agreed to a 12-17 year sentence, but the judge balked and now the two are going to trial. Stay tuned but this could take a while. Credit: 9News Denver