NordVPN Confirms Hacking

NordVPN a virtual private network provider was hacked. VPN providers are increasingly popular as they ostensibly provide privacy from your internet provider and visiting sites about your internet browsing traffic. That’s why journalists and activists often use these services, particularly when they’re working in hostile states. These providers channel all of your internet traffic through one encrypted pipe, making it more difficult for anyone on the internet to see which sites you are visiting or which apps you are using.
More Information

Experts expect hospital ransomware attacks to continue

 Image result for healthcare ransomware

One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.

One week after being hit by ransomware, several hospitals in Alabama are recovering, though experts believe similar attacks will continue.

Hospital ransomware attacks hit three facilities that are part of the DCH Health System in Alabama on Oct. 1 and despite paying the ransom, the "methodical process of system restoration" of the thousands of affected systems continued on Monday.

 "We have been using our own DCH backup files to rebuild certain system components, and we have obtained a decryption key from the attacker to restore access to locked systems," DCH wrote in an update on Saturday. "We have successfully completed a test decryption of multiple servers, and we are now executing a sequential plan to decrypt, test and bring systems online one-by-one.  This will be a deliberate progression that will prioritize primary operating systems and essential functions for emergency care."

DCH spokesperson Brad Fisher told media outlets Saturday morning that the ransom was paid, but did not disclose the amount or when it was paid. DCH also did not put a timetable on how long restoration would take. As of another update on Monday, the hospital ransomware attacks were still causing the affected facilities to turn away non-critical patients.

Experts said hospitals will continue to be the focus of ransomware because they tend to be more likely to pay ransoms in order to restore operations as quickly as possible.

Shawn Kanady, director of digital forensics and incident response at Trustwave SpiderLabs, said he believes "hospitals will remain a top target for ransomware for the foreseeable future."

"Not everyone is paying, so attackers want to hit institutions or companies that are going to hurt the most because they'll be put in a position where they'll have to pay, like hospitals or city municipalities," Kanady told SearchSecurity. "Locking down vital systems in a hospital could literally mean life or death. Imagine a hospital not being able to perform emergency operations because patient records and the databases housing them are fully encrypted."

Felix Rosbach, product manager with data security company Comforte AG, based in Weisbaden, Germany, added that even if hospitals have a backup strategy in place, "the resources needed to do a complete rollback after threat actors have performed a successful ransomware attack can be higher than paying a ransom."

"While it's never a good idea to pay a ransom, hospitals depend on their infrastructure and sometimes need access to some of their systems urgently. This results in hospitals being sought-after targets for ransomware attacks -- even if those attacks are one of the most reprehensible ones," Rosbach told SearchSecurity. "Keeping that in mind, healthcare organizations are required to implement strong cybersecurity and data protection. Not only are healthcare records and PII data very sensitive, business continuity becomes a significant factor when it comes to medical treatment."

Gerrit Lansing, field CTO with Stealthbits Technologies, noted that beyond the risks to patients, hospital ransomware attacks may continue because hospitals don't have the resources to protect themselves.

"Economically-motivated crime will continue to increase, and hospitals and healthcare organizations remain prime targets," Lansing told SearchSecurity. "Many hospitals and healthcare organizations lack the resources -- namely the funding and staff -- to address these vulnerabilities with the same force as the major enterprises, which is precisely why they remain favored targets."

Backup Data Even When Using Cloud Services

Backup Still Necessary Even When Using Cloud Services

Do you keep all of your data on the cloud? If so, you're certainly not alone. The past few years have seen a massive migration away from storing critical files locally to placing them on the cloud, where they're more secure and accessible from anywhere you can get internet. In fact, many people are so comforted by the amorphous nature of the cloud that they use mass file storage there as a substitute for making regular backups.

If you're one of the millions of people doing exactly that, you may want to rethink. Recently, author and programmer Andy Hunt tweeted about an Amazon outage that cost him the files he had stored on the cloud when the company experienced an outage. His tweet reads as follows:

"Amazon AWS had a power failure, their backup generators failed, which killed their EBS servers, which took all of our data with it. Then it took them four days to figure this out and tell us about it. Reminder: The cloud is just a computer in Reston with a bad power supply."

Cloud based companies often tout their virtually bullet proof up-time and the low failure rates as big selling points for their services. While those things are undeniably true and accurate, what Andy said is also true. At the end of the day, what we blithely call 'The Cloud' is just a series of computers located somewhere else. Unfortunately, those computers like the one on your desk are prone to catastrophic hardware failures.

That's why it's important that even if you're using the cloud extensively for your most important files, you also take the time to make backups on a regular basis. Cloud storage isn't the best solution, and it certainly shouldn't be seen as a substitute for robust backups.

Watch Out For Old Hacking Technique Offering Free Downloads

An old hacking technique is getting new attention from hackers around the world, and it underscores the fact that people must exercise extreme caution when it comes to deciding who to trust and where to download files from.

Hackers have long been in the business of spoofing legitimate sites; making exact replicas of popular websites offering a variety of free downloads.

Of course, instead of getting genuinely useful code, you find yourself on the poisoned domain. Rather than the legitimate site, what you download will be malware of one type or another.

The most recently discovered instance of this involves the Smart Game Booster site.  It's a legitimate piece of code that helps to improve the performance of the games you play, and it has become popular enough that it's caught the attention of at least one hacking group. That group cloned the site and pretends to offer the same product.

In this case though, the malware the hackers deploy is one of the more insidious we've seen.  Unlike many malware attacks which latch onto a system with a persistent presence, this one runs only once and then deletes itself. Even more alarming is that it leaves no trace that it was ever there.

When it runs, it scans the infected device for passwords, your browser history, any cryptocurrency wallets you may have, and a wide range of other critical files.  It collects these and sends all the data to its command and control server, and then self-destructs.

With no outward sign, many users will be completely unaware that there's a problem until they start seeing suspicious charges on credit cards, noticing funds being removed from bank accounts and the like.  By then of course, it's far too late.

The bottom line here is simple:  Be mindful about where you download files from.  Check your URLs, and unless you can avoid it, never stray far from the big, well-respected sites like the Apple Store, Microsoft Store, or Google Play Store.  It's just not worth the risk.

YouTube Will Soon Stop Displaying Ads Targeted At Kids

Earlier this year, Google, the parent company of YouTube, found itself in hot water for YouTube's violation of the Children's Online Privacy Protection Act (COPA). They got in trouble for their data collection practices and the fact that the company allowed third-party ads to run rampant on videos that were more likely to be viewed by children under the age of thirteen.

As a result of the violation, the FTC and Google reached a settlement for an undisclosed amount of money, described by sources close to the matter as a "multimillion-dollar fine."  Since then, YouTube has been in the process of revising their advertising policies and procedures.

Recently, the company has reported that they're finalizing changes to how ads are displayed on their site. Even better, they're outright banning advertising on videos that are more likely to be viewed by children. This is the latest in a series of moves YouTube has been making since they were found to be in violation of COPA.  They began by closing comments on video clips starring children, and then proceeded to limit recommendations "on videos that it deems as putting children at risk."


Full Article: