Categories
Cyberinfrastructure Education Network Ransomware Reading Technology

HBO’s The Perfect Weapon

In 2020 HBO released the documentary The Perfect Weapon based upon the best-selling book by David Sanger a New York Times national security correspondent. The book was a fantastic review of cyber attacks conducted by Russia, China and other countries deemed hostile to the US and the West. Accordingly, this documentary reveals how cyber war began. This is certainly the primary strategy today for nation state attacks. This documentary is also available on Amazon Prime.

Stuxnet, known as the cyber attack “Olympic Games” was an original US/Israel joint cyber attack. The concern was understanding the risk to a nuclear war in the Middle East in supporting Israel’s defense. The Bush Administration chose to invoke a new type of warfare.

Categories
Education Ransomware Reading Technology

Latest Read: Sandworm

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Wired’s Andy Greenberg is most certainly a facinating story regarding Russia’s cyber attacks upon Ukraine. In fact, the backstory to Sandworm is quite remarkable. Attacks by Russia against Ukraine are just the latest in a long history of Russian aggression.

Greenberg’s work is certainly remarkable. This provides deep storylines linking Russia to NotPetya, a ransomware attack launched against Ukraine in 2016. Elements of this attack were initially launched as reconnaissance in the prior year.

At the same time, Greenberg provides amazing details regarding cyber attacks Moonlight Maze, Operation Aurora on America by Russia and China.

Indeed Sandworm provides a historical view between Russia and Ukraine upon the heels of World War II.

Harvest of Sorrow

In this period, Stalin produced a truely horrific famine across Ukraine. Unquestionably, the exploitation of Ukraine by the Soviet Union and Hitler’s Germany resulted in the torture and death of millions of Ukrainians. Greenberg notes the unbelievable but true horror by author Anne Applebaum in Red Famine: Stalin’s War on Ukraine:

“stories of desperate peasants resorting to eating leather and rodents, grass, and, in states of starvation-induced mania, even their own children. All of this occurred in one of the most fertile grain-production regions in the world.”

Red Famine by Anne Applebaum

In addition, these horrific attacks are echoed in Harvest of Sorrow by Soviet scholar Robert Conquest. Red Famine’s lessons provide a razor sharp backdrop to Russia’s invasion of Ukraine following the 2014 Winter Olympics in Sochi. This is only the latest attack in a long confrontation between Russia and Ukraine.

Categories
Education Network Ransomware Technology

Philips ISCV and Xcelera flaws

Philips has yet to patch a flaw that allows cybercriminals to inject ransomware or backdoors which can result in PHI at risk of compromise.Philips reveals code execution vulnerabilities in cardiovascular devices

The Philips ISCV version 2.x and earlier and Xcelera 4.x and 3.x the servers contain 20 Windows services of which the executables are being present in a folder where authenticated users have write permissions.  The services run as a local admin account or local system account, and if a user were to replace one of the executables with a different program, that program too would be executed with local admin or local system permissions.

Philips confirms these vulnerabilities affect their IntelliSpace Cardiovascular system version 2.3.1, 3.1 and earlier. Also impacted are version 4.x and 3.x Xcelera systems (PDF). In ISCV version 3.x and earlier and Xcelera 4.x and 3.x there are 16 Windows services flaws allow hackers to run the computer with local admin rights.

Categories
Cyberinfrastructure Education Network Ransomware Technology

Harvard Cybersecurity

Harvard’s cybersecurity course is certainly a demanding slice of your life. However, I gained valuable insights from Eric Rosenbach and cybersecurity leaders from National Security Agency, Akamai, and Google. In addition, this offered me an opportunity to connect with cybersecurity leaders across wide ranging business and geographic locations.harvard cybersecurity2018 proved a challenge, looking beyond repeated megabreaches that dominated news headlines. Did you suffer from breach fatigue? It was like the movie Groundhog Day.

At some point (probably sooner than we think) all the data impacting all the users connected to the global internet will all be available on the dark web. All for a price…

Categories
Cyberinfrastructure Education Milwaukee Ransomware Technology

2018 Ransomware attacks on Healthcare

The impact of ransomware, botnets and crypto mining will continue to impact hospitals and clinics in 2018.

ransomware, botnets and crypto mining

More precise, targeted attacks including botnets and crypto mining are projected to overtake global attacks hospitals witnessed with WannaCry and NotPetya.

Healthcare Information Security teams must show risk tolerance and carefully monitor new trends in malware, patch management, and change management.

Ransomware via botnets and crypto mining will continue to drive agile healthcare technology solutions, This will impact business shifts in governance and policy across US healthcare facilities as new attacks continue to focus on financial based malware.

Moving into the new year global attacks may give way to targeted attacks, botnets and crypto mining that have been branded as WannaMine.