{"id":20313,"date":"2022-03-04T08:55:19","date_gmt":"2022-03-04T12:55:19","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=474945"},"modified":"2022-03-14T13:01:44","modified_gmt":"2022-03-14T17:01:44","slug":"cyber-security-today-march-4-2022-huge-numbers-of-medical-infusion-pumps-at-risk-help-for-ukrainian-organizations-hit-by-ransomware-and-more","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-march-4-2022-huge-numbers-of-medical-infusion-pumps-at-risk-help-for-ukrainian-organizations-hit-by-ransomware-and-more\/","title":{"rendered":"Cyber Security Today, March 4, 2022 \u2013  Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more"},"content":{"rendered":"<p>Huge numbers of medical infusion pumps are at risk, help for Ukrainian organizations hit by ransomware and more.<\/p>\n<p>Welcome to Cyber Security Today. It\u2019s Friday, March 4th. I\u2019m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.<\/p>\n<p><iframe loading=\"lazy\" style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/22330205\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>Internet-connected devices<\/strong> can be scanned by anyone who has the tools. So as a test, <a href=\"https:\/\/unit42.paloaltonetworks.com\/infusion-pump-vulnerabilities\/\"  rel=\"noopener\">researchers at Palo Alto Networks recently scanned<\/a> for internet-connected infusion pumps used in hospitals and clinics to deliver medications to patients. What they found was 75 per cent of the 200,000 devices they found had known IT security gaps that could be compromised by attackers. That included exposure to one or more of some 40 known cybersecurity vulnerabilities. Just over half of the infusion pumps were susceptible to two known vulnerabilities disclosed in 2019. The healthcare industry has to do better than this. The study is another example of weak security of Internet of Things devices.<\/p>\n<p><strong>CrowdStrike and Avast<\/strong> have released help for organizations in Ukraine struck by the new HermeticRansom strain of ransomware. <a href=\"https:\/\/www.crowdstrike.com\/blog\/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine\/\"  rel=\"noopener\">CrowdStrike put out a script<\/a> experienced IT professionals can use to decrypt scrambled files, while <a href=\"https:\/\/decoded.avast.io\/threatresearch\/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware\/\"  rel=\"noopener\">Avast\u2019s tool<\/a> has an easier-to-use graphic interface. HermeticRansom is believed to be a piece of malware that deflects attention of victim organizations from its partner data wiping malware called HermeticWiper. So far both pieces of malware have only been seen in Ukraine. That may change depending on how the war with Russia goes.<\/p>\n<p><strong>IT security teams should prepare<\/strong> for a new type of distributed denial of service attack. <a href=\"https:\/\/www.akamai.com\/blog\/security\/tcp-middlebox-reflection\"  rel=\"noopener\">Researchers at Akamai say<\/a> someone has weaponized a theoretical attack found last summer by researchers at two American universities. Briefly, the strategy is to abuse what are called middleboxes, which are internet-connected devices like firewalls and content filtering systems for reflection attacks. Akamai estimates there are hundreds of thousands of middleboxes around the world vulnerable to this tactic. What\u2019s worrisome is that it raises the ability of attackers to more easily launch bigger denial of service attacks than we\u2019ve seen so far. That means middleboxes need to be better protected than they have been so far.<\/p>\n<p><strong>Attention software developers<\/strong> using the GitLab platform: You should upgrade to the latest version. Versions 13 and up have a vulnerability that could expose GitLab usernames, names, and email addresses to a remote attacker. The risk, <a href=\"https:\/\/www.rapid7.com\/blog\/post\/2022\/03\/03\/cve-2021-4191-gitlab-graphql-api-user-enumeration-fixed\/\"  rel=\"noopener\">say researchers at Rapid7<\/a>, is this information could be combined with brute force password guessing or\u00a0credential stuffing attacks to gain access to other corporate applications.<\/p>\n<p><strong>A lot of people<\/strong> are still using easy-to-guess passwords. That\u2019s according to the latest annual identity exposure report from a<a href=\"https:\/\/spycloud.com\/resource\/2022-annual-identity-exposure-report\/\"  rel=\"noopener\"> security vendor called SpyCloud<\/a>. Popular passwords last year included \u201c2021,\u201d \u201ccovid\u201d and \u201cmask.\u201d Marvel movie enthusiasts chose \u201cloki.\u201d \u201cfalcon\u201d and \u201cwanda.\u201d Sports team names remained popular. So was \u201cfreebritney.\u201d But the top re-used passwords were the same easily-guessed ones used for years: \u201cpass,\u201d \u201cpassword,\u201d \u201c123456,\u201d \u201cqwerty\u201d, \u201c111111\u201d and &#8230;. I can\u2019t go on, it\u2019s too depressing. Listeners, please make each password different. Make each one out of three words that are meaningful to you that can\u2019t be guessed. And use a password manager to keep track of them all.<\/p>\n<p>Don\u2019t forget later today the Week in Review podcast will be out. In this edition guest commentator David Shipley of Beauceron Security will talk about cyberwar, Russia and Ukraine and how a Canadian healthcare provider was hacked by two ransomware groups.<\/p>\n<p>Links to details about podcast stories are in the text version at ITWorldCanada.com.<\/p>\n<p>You can follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-march-4-2022-huge-numbers-of-medical-infusion-pumps-at-risk-help-for-ukrainian-organizations-hit-by-ransomware-and-more\/474945\">Cyber Security Today, March 4, 2022 \u2013  Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This podcast reports on medical infusion pumps found with security vulnerabilities, help for Ukrainian organizations hit by ransomware, a warning for GitLab users and more poor passwords<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-march-4-2022-huge-numbers-of-medical-infusion-pumps-at-risk-help-for-ukrainian-organizations-hit-by-ransomware-and-more\/474945\">Cyber Security Today, March 4, 2022 \u2013  Huge numbers of medical infusion pumps at risk, help for Ukrainian organizations hit by ransomware and more<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389,388],"class_list":["post-20313","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today","tag-privacy-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/20313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=20313"}],"version-history":[{"count":1,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/20313\/revisions"}],"predecessor-version":[{"id":20314,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/20313\/revisions\/20314"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=20313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=20313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=20313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}