November 14, 2016
from the delayed-lobotomy dept
We've talked a lot about how while the lack of security in Internet of Things devices was kind of funny at first, it quickly became less funny as the dramatic scope of the problem began to reveal itself. Whether it's cars being taken over from an IP address up to ten miles away, to the rise in massive new DDoS attacks fueled by your not-so-smart home appliances, folks like security expert Bruce Schneier have made it abundantly clear the check is coming due.
That's particularly true in the healthcare field, where hackable pacemakers and ransomware-infected hospital equipment is becoming the norm. In fact, hospitals in England recently had to cancel hundreds of surgeries in order to "isolate and destroy" a virus that was running amok across the hospital's IT systems:
"We have taken the decision, following expert advice, to shut down the majority of our systems so we can isolate and destroy it," the NHS wrote on its website. "All planned operations, outpatient appointments and diagnostic procedures have been canceled for Wednesday, Nov. 2 with a small number of exceptions."
In the kind of transparency that often is the hallmark of these kinds of attacks, the hospital in question (the National Health Service's Northern Lincolnshire and Goole Foundation Trust in the UK) couldn't be bothered to explain the precise nature of the attack. But security expert Brian Krebs notes it's likely part of the growing trend of ransomware attacks on hospitals that cripple administrative and surgical systems until the hospital is willing to pay a bitcoin ransom:
"Earlier this year, experts began noticing that cybercriminals were using ransomware to target hospitals — organizations that are heavily reliant on instant access to patient records. In March 2016, Henderson, Ky.-based Methodist Hospital shut down its computer systems after an infection from the Locky strain of ransomware. Just weeks before that attack, a California hospital that was similarly besieged with ransomware paid a $17,000 ransom to get its files back.
According to a recent report by Intel Security, the healthcare sector is experiencing over 20 data loss incidents per day related to ransomware attacks. The company said it identified almost $100,000 in payments from hospital ransomware victims to specific bitcoin accounts so far in 2016.
Twenty data loss incidents...per day, many of which aren't disclosed and have an exponential impact on human lives and privacy. Ultimately, as other researchers have noted, it's inevitable that as not-particularly-smart devices gain market share around the world, we'll begin to see more and more attacks on vital infrastructure. Another reason why before we get busy offensively waging the cyber, we need to make damn sure existing infrastructure is protected.