The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls

Digital Guardian's Blog

Friday Five 10/30

by Colin Mullins on Friday October 30, 2020

Contact Us
Free Demo

Credible ransomware threats against hospitals, data breaches at a Finnish psychotherapy center, and Forrester predictions - catch up on all the week's infosec news with the Friday Five!

1. FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals by Brian Krebs

The FBI, DHS, and HHS have warned of an “imminent cybercrime threat to U.S hospitals and healthcare providers.” The suspected threat comes from Ryuk, a Russian ransomware gang that has a track record of attacking healthcare facilities. The FBI wasn’t able to share any indicators of compromise, and even if they did share IoCs, the malware infrastructure used by the Ryuk gang is often unique to each victim, so it’s unlikely they would help. There is also concern that any large attack could go beyond the scope of one hospital group and may implicate some kind of electronic health record provider that integrates with healthcare facilities. Cyberattacks on hospitals are especially worrying as any disruption of service can lead to medical complications or even death for patients who are forced to change hospitals for urgent surgery.

Read more

2. Data breach at Finnish psychotherapy center takes a darker turn with extortion attempts by Joe Warminsky

The situation with Vastaamo, a prominent Finnish psychotherapy center that was hacked, escalated this week when the perpetrators posted individual patient information on the dark web. The cybercriminals claimed that individuals who had their data exposed could pay a ransom to protect their data. This follows reports that the company refused to pay the initial ransom on the entire trove of stolen data. The attack is the latest escalation as cybercriminals look for higher value targets. As of Wednesday, the CEO has been fired for holding back information on the hack for close to 18 months.

Read more

3. Study shows which messengers leak your data, drain your battery, and more by Dan Goodin

This article covers new research that explores the problems with link previews in chat and messenger apps. The research found that link previews can leak sensitive data, consume bandwidth, drain batteries, and in one case, expose information despite end-to-end encryption. The vulnerability arises when during the link preview, the app, or a proxy created by the app, visits the link and opens itself up to attacks, such as malware. As well, the app or proxy can download files from the link that are so large that they affect the battery or force the messenger app to crash. The messaging apps most vulnerable to these problems are Facebook, Instagram, LinkedIn, and Line. However, other messenger apps, such as Signal, Threema, TikTok, and WeChat give users the option of no link preview, which is recommended by the research.

Read more

4. Overstating the foreign threat to elections poses its own risks, U.S. officials and experts say by Ellen Nakashima

Despite reports of Iranian hackers sending threatening emails to intimidate voters, cybersecurity experts warn that overstating the threat of election interference by foreign spies and hackers can also undermine the government’s ability to fashion an effective response to real threats. While it’s important to acknowledge the threats of interference, so far there has been no significant breach or successful attack that would affect the legitimacy of the election. Keeping the threat in proportion may be difficult, as even in the U.S. the topic of misinformation has become political. Malicious foreign actors will also attempt to amplify misinformation that's produced domestically. It’s important for Americans to not share misinformation regardless of its origin and realize that though the threats to interfere with the election are real, they have so far been ineffective.

Read more

5. Forrester: Insider threats, online sellers and non-U.S. cyber investment likely to rise by Derek B. Johnson

The article covers Forrester’s cybersecurity predictions for 2021. First, the analyst firms expects one-third of all breaches in 2021 to have an insider component. They attribute the increase in insider threats to companies and law enforcement’s increased willingness to acknowledge the role of insiders in breaches despite the potential embarrassment. As well, the shift to work from home has led to employees taking sensitive data home or using leaky VPNs, which make it more difficult for companies to monitor their sensitive data. Further, the report predicts there will be new risks with the increase in business conducted online with many stores, especially retail, forced to give up their traditional brick and mortar stores. Finally, the researchers expect investment in cyber outside the U.S. to increase in countries where data is less likely to become a political football for superpowers.

Read more


Tags: Ransomware, Data Breach, Cybersecurity

Recommended Resources

  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives
  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business

Colin Mullins

Colin Mullins is a Social Media Marketing intern at Digital Guardian