Categories
Cyberinfrastructure Education Globalization Innovation Network Reading Technology

Latest Read: The Perfect Weapon

The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age by David E. Sanger is an amazing read. To be frank this book is very quite unnerving, yet should be certainly mandatory reading. We have been at war for a couple of years on an electronic battlefield. This seems to be acting as a deterrent to actual war on a global scale.

Above all, we live today in a more complex world now regarding COVID-19. Recent cyber attacks and the flattening of attack tools is unquestionably changing the world right in-front of our eyes.

Sanger’s book will help you see it even more clearly: today a perfect storm is forming across the internet.

Therefore, The Perfect Weapon reveals so much in the opening chapters regarding successful Russian attacks upon US military and government networks.

On the contrary, the previous generation was driven by nuclear mutually assured destruction. In contrast, cyberwar or ‘cyber conflict’ is very different.

Russia’s penetration of the Pentagon’s secret network in 2008 in fact, is very upsetting reading. Sanger recalls how NSA’s Debora Plunkett discovered rogue USB sticks, left scattered across a US military base parking lot in the Middle East provided Moscow’s entry into the Pentagon networks.

WannaCry ransomware

North Korea is the boldest example of this book’s theme: A backwards third world country hacking Sony? Yes. In addition, North Korea launched the devastating WannaCry ransomware attack. On the other hand, their ransomware was unleashed across global hospitals and schools. Can you imagine WannaCry 3.0 locking down hospitals in the mist of stopping coronavirus?

Categories
Education Ransomware Reading Technology

Latest Read: Sandworm

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Wired’s Andy Greenberg is most certainly a facinating story regarding Russia’s cyber attacks upon Ukraine. In fact, the backstory to Sandworm is quite remarkable. Attacks by Russia against Ukraine are just the latest in a long history of Russian aggression.

Greenberg’s work is certainly remarkable. This provides deep storylines linking Russia to NotPetya, a ransomware attack launched against Ukraine in 2016. Elements of this attack were initially launched as reconnaissance in the prior year.

At the same time, Greenberg provides amazing details regarding cyber attacks Moonlight Maze, Operation Aurora on America by Russia and China.

Indeed Sandworm provides a historical view between Russia and Ukraine upon the heels of World War II.

Harvest of Sorrow

In this period, Stalin produced a truely horrific famine across Ukraine. Unquestionably, the exploitation of Ukraine by the Soviet Union and Hitler’s Germany resulted in the torture and death of millions of Ukrainians. Greenberg notes the unbelievable but true horror by author Anne Applebaum in Red Famine: Stalin’s War on Ukraine:

“stories of desperate peasants resorting to eating leather and rodents, grass, and, in states of starvation-induced mania, even their own children. All of this occurred in one of the most fertile grain-production regions in the world.”

Red Famine by Anne Applebaum

In addition, these horrific attacks are echoed in Harvest of Sorrow by Soviet scholar Robert Conquest. Red Famine’s lessons provide a razor sharp backdrop to Russia’s invasion of Ukraine following the 2014 Winter Olympics in Sochi. This is only the latest attack in a long confrontation between Russia and Ukraine.

Categories
Cyberinfrastructure Education Milwaukee Ransomware Technology

2018 Ransomware attacks on Healthcare

The impact of ransomware, botnets and crypto mining will continue to impact hospitals and clinics in 2018.

ransomware, botnets and crypto mining

More precise, targeted attacks including botnets and crypto mining are projected to overtake global attacks hospitals witnessed with WannaCry and NotPetya.

Healthcare Information Security teams must show risk tolerance and carefully monitor new trends in malware, patch management, and change management.

Ransomware via botnets and crypto mining will continue to drive agile healthcare technology solutions, This will impact business shifts in governance and policy across US healthcare facilities as new attacks continue to focus on financial based malware.

Moving into the new year global attacks may give way to targeted attacks, botnets and crypto mining that have been branded as WannaMine.

Categories
Cyberinfrastructure Education Ransomware Technology

Ransomware Vendor Solutions

There are a number of emerging vendor solutions to address ransomware threats as 2018 begins.

ransomware, botnets and crypto miningThe continuing ransomware threats in 2018 may shift from global attacks to botnets and cryptocurrency attacks. The financial attacks like WannaCry and NotPetya will also continue when cybercriminals can exploit known vulnerabilities on a global scale. The lessons learned from 2017 have reached a critical point for healthcare to ensure hospital attacks on IT infrastructure and medical devices are now protected. Vendors are responding with innovative solutions that may stop a ransomware encryption attack. We look forward to partnering with vendors who can provide this new level of cyber defense.

Vendor White Papers:

Cisco
Ransomware Defense Validated Design Guide (PDF)
US Department of Justice
How to Protect Your Networks from Ransomware
ECRI
2018 Top 10 Tech hazards: Ransomware
ComputerWeekly
WannaCry a signal moment, says NCA
Which?
Ransomware: what it is and how to stop it
Categories
Cyberinfrastructure Education Milwaukee Network Ransomware Technology

2017 Ransomware attacks on Healthcare

Ransomware attacks on Hospitals and Clinics have just begun

For the first time the healthcare industry was attacked by a multi-headed ransomware monster. This is only the beginning of a new attack model for hospitals and clinics to confront moving forward.
2017 Ransomware attacks

Since the first ransomware attack in early 2016 I have observed how this became a credible threat to hospitals. In 2017 an seemingly overwhelming series of attacks forced hospitals and clinics around the country to adjust long-held views and policies of information security. Due to the amount of news coverage I have added a timeline to this post to indicate how ransomware became part of the social mainstream.

Overview

A ransomware primer in three parts:
Ransomware is not new
PHI data remains highly valuable on the dark web
The Shadow Brokers, Wikileaks, and the CIA

2016 – Setting the stage
February 5th – Hollywood Presbyterian
July 12: HHS issues new guidance

2017 – The attacks begin
May 12: WannaCry IT infrastructure attacks
May 15: WannaCry medical device attacks
June 13: WannaCry building control attacks
June 15: US Congress: Lessons learned from WannaCry
June 29: NotPetya attacks
July 25: Nuance confirms NotPetya attack
October 24: Bad Rabbit attack
December 13: Nuance shuts down medical transcription service

Read more about it

Did hospitals ignore the March Microsoft Security Bulletin?
Ransomware in popular culture
Top 2017 Healthcare Ransomware Attacks
Healthcare, Cyber Insurance, & Ransomware
US Senate Bill S.2179-Data Security & Breach Notification Act