Cyber Security News Update 02/08/2019

The healthcare industry is one that finds itself under constant attack, as the information it works with may be the most sensitive kind that you can get. Healthcare providers have access to an individual’s financial information from processing payments for treatments, the treatments someone has undergone, the medications they take, their ailments, as well as their address, number, email, and potentially their social security number. Therefore, securing healthcare data should be of the utmost importance to any company that handles it and any mistake can cause disaster for those exposed by the breach. In 2019 there are several potential vectors that healthcare providers, and those that handle their data, should watch out for such as Internet of Things (IoT) devices, cloud services, and ransomware. IoT devices are a seemingly eternal weak point for any company that uses them because they are generally difficult to update or otherwise improve the safety of. Because IoT devices are always connected and those connections have lessened security protocols so they can provide the ease of use that comes with IoT devices, seizing one device essentially gives the attacker the entire network. Cloud storage and computing remain an issue for companies, as it is possible to intercept the data while it is en route to the cloud, on its return, or the cloud provider itself may be breached. The lower cost of cloud services makes them attractive, but users should be aware of the risks and investigate the security record of their cloud services provider. Finally, ransomware remains a threat to healthcare data as a single attack has the ability to eradicate all of the data, its backups, and the supporting infrastructure. Employees should be rigorously trained about the dangers of attacks and the common vectors for them.
Source: 5 cybersecurity threats healthcare faces in 2019 and beyond

A legitimate app on the Google Play store, Psiphon, has a hijacked version available off the Play Store that is infected with surveillance software. This hijacking is ironic, considering that Psiphon is an app designed to let users bypass surveillance. However, this may have a rather malicious purpose behind it as the infected app appears in countries with heavy surveillance such as the People’s Republic of China, Iran, and others with oppressive regimes. Psiphon would not normally be available to people in that country, so their governments are relying on their desire for access to information to infect their devices. The hijacked Psiphon functions normally but records the phone calls, text messages, location, email, and even takes photographs and videos of the user. This data is sent to a server for storage and analysis. The malicious version includes adware for increased revenue, and researchers note that it appears to be targeted at specific groups of users. This hijack of a legitimate app may be an attempt by a foreign power to gain access to individuals within a country that could be influenced by the threat of revealing what they do on their phone, or it could be by the governments of those countries seeking to gain leverage on dissidents.
Source: Cybercriminals secretly bundle anti-censorship app with spyware framework