A good article for a Computer Security discussion.
On March 29, WWMT in Michigan reported:
Hacked and held for ransom by a computer virus, a doctor’s office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out.
Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside ENT and Hearing Center and the hackers demanded $6,500 in exchange for a code to access the files.
With no guarantee the code would unlock the files or the hackers wouldn’t come back to ask for more money later, Scalf and his partner, Dr. John Bizon, did not pay the ransom.
All of office’s files, including appointment schedules, payment and patient information was erased, Scalf said.
Read more on WWMT.
There are things about this incident that I don’t
yet understand, like:
- Did the practice have any backup? If so, what happened to it or why couldn’t they use it? And if they didn’t have one, why not?
- What kind of ransomware was used?
- Did the practice have any cyberinsurance that would have covered the ransom payment or part of it? If you don’t have a backup or usable backup that you can rely upon (if that was the case here, and we don’t know that), maybe you should gamble and pay the ransom? It’s a tough call, but isn’t that something insurance should help with?
- What did the ransom demand look like? Is this likely to be low-level attackers who bought ransomware on a marketplace with some instructions and did a massive phishing campaign to see who would open links and become victims? Or is this part of a more organized group of hackers who target their phishing emails after doing research? $6,500 does not strike me as a huge amount when a medical database is involved, which leads me to think that this was a random hit or attack.
Yes, there’s a lot more I’d like to know, but
first and foremost, I feel sick inside for what the doctors, staff,
and patients are going through.
It’s just not supposed to be this way. What
these attackers have done has not only caused economic harm to the
doctors and employees, but it has caused harm to patients whose
records are no longer available to guide their treatment. And that
is horrifying.
Some of this data is collected whenever certain
services or Apps are used.
Utah has become the first state in this country to
require law enforcement to get a warrant for data held by a third
party
This is huge.
Hunton Andrews Kurth writes:
On March 27, 2019, Utah Governor Gary Herbert signed HB57, the first U.S. law to protect electronic information that individuals have shared with certain third parties. The bill, called the “Electronic Information or Data Privacy Act,” places restrictions on law enforcement’s ability to obtain certain types of “electronic information or data” of a Utah resident, including (1) location information, stored data or transmitted data of an electronic device, and (2) data that is stored with a “remote computing service provider” (i.e., data stored in digital devices or servers). The law provides for situations in which law enforcement may obtain such information without a warrant.
Read more on Privacy
& Information Security Law Blog.
Related: bill
text
This seems to be a hot topic. The Privacy
Foundation at the University of Denver Sturm College of Law holds
their seminar on April 19th. No doubt they will answer
all of these questions and some of my dumb ones.
You’re
Invited to an In-Person Event: CCPAnow: Understanding the Challenge
Ahead and What You Should Be Doing Now
A few key topics that will be addressed are:
- How should you interpret key definitions like “personal information,” “sale,” “third party,” and “business” when operationalizing the CCPA?
- How far does a business have to go to implement a consumer’s opt-out of sales to third parties?
- How will the financial incentives and anti-discrimination provisions actually work when consumers exercise their rights?
- How do the CCPA’s exceptions for certain regulated companies, such as financial services, work?
- What is happening in the California Office of the Attorney General’s rulemaking process and, more broadly, in the state and federal legislative landscape?
Chasing Amazon?
Walmart
teams up with Google to offer voice-activated grocery shopping
Walmart
customers will be able to order groceries with voice commands through
Google’s
smart-home assistant, the retail giant announced on Tuesday in its
latest effort to compete with Amazon.
Starting this month, shoppers will be to add items
directly to their Walmart Grocery cart using Google Assistant by
saying “Hey Google, talk to Walmart.” In a blog
post published early Tuesday, Walmart hinted that voice shopping
might be available with other partners in the future.
Is there a self-driving bike in our future?
(video)
This e-bike
uses artificial intelligence for a smarter, less distracted ride —
Future Blink
Perspective.
Tesla boom
lifts Norway's electric car sales to record market share
Almost 60 percent of all new cars sold in Norway
in March were fully electric, the Norwegian Road Federation (NRF)
said on Monday, a global record as the country seeks to end
fossil-fueled vehicles sales by 2025.
Exempting battery engines from taxes imposed on
diesel and petrol cars has upended Norway’s auto market, elevating
brands like Tesla and Nissan, with its Leaf model, while hurting
sales of Toyota, Daimler and others.
Politics in law enforcement? Say it ain’t so!
New book
looks inside Apple’s legal fight with the FBI
A new biography of
Apple chief executive Tim Cook out this month describes the moment —
and the deliberations — after the FBI issued an unprecedented legal
order demanding Apple undermine the security of its flagship product.
The new book, “Tim Cook: The Genius Who Took
Apple to the Next Level” by Leander Kahney, offers a first-hand
view from former staff about how Apple battled the order, which Cook
said would be “too dangerous” to comply with.
… “There was a sense at the FBI that this
was the perfect storm,” said Sewell, as quoted. “We now have a
tragic situation. We have a phone. We have a dead assailant. This
is the time that we’re going to push it. And that’s when the FBI
decided to file [the order],” he said.
How to write for user attention? More likely, the
Facebook algorithm’s attention.
How a
119-Word Local Crime Brief Became Facebook’s Most-Shared Story of
2019
On an otherwise ordinary Sunday in late January, a
32-year-old web editor for a chain of local radio stations in Central
Texas ran across a news item that he found interesting. Ten minutes
later, he had written and published what would become Facebook’s
most-shared story of 2019 so far.
The story has nothing to do with Donald Trump,
celebrities, teens in MAGA hats, or the Democratic primary
candidates. It’s a 119-word local crime brief about a wanted
suspect, and the man who wrote it never intended for it to reach a
national audience, let alone amass more than 800,000 Facebook shares
in the six weeks following its publication—nearly twice as many as
any other piece of English-language content this year.
Exactly how this news stub went mega-viral is a
mystery no one has quite solved, though there are clues, starting
with its alarming yet geographically ambiguous headline: “Suspected
Human Trafficker, Child Predator May Be in Our Area.”
… “It just took off.” Savage, who
monitors traffic data on his stories via the Facebook-owned analytics
tool CrowdTangle, says the numbers for the story “went through the
roof” overnight, quickly becoming US 105 FM’s most-shared post
ever. Savage didn’t know until I told him in a phone interview
last week that the story was named in a recent study by the analytics
firm NewsWhip as the most-shared
web content of 2019 so far.
It beat out, among other extremely viral stories,
TMZ’s report of Luke
Perry’s death, CNBC’s breaking story about the end
of the U.S. government shutdown, and an aggressively
SEO-optimized Daily Mirror story about the viral “Momo
challenge.” The original news brief that Savage’s post was
based on, by KWTX 10’s weekend anchor Ke’Sha Lopez, was nowhere
on the list.
No comments:
Post a Comment