As medical facilities strain amid the pandemic, they’re especially vulnerable to cyberattacks. A global coalition of volunteer experts has stepped into the breach.
t was early February when Ohad Zaidenberg first started noticing malicious emails and files disguised as information about Covid. He’s a cyber intelligence researcher based in Israel, and they were the sort of schemes he encountered all the time—benign-looking messages that trick people into giving someone network access. But more and more of them seemed to be using fear of the new virus as leverage to get people to click a link or download a file. “This little measure can save you,” read one email he flagged, before prompting the reader to open a PDF called “Safety Measures.” Zaidenberg didn’t think too much of it at the time. Coronavirus cases were still mostly confined to China, and it wasn’t yet clear the virus would become a global pandemic.
Just over a month later, Zaidenberg went out to dinner. It was his last night out before Israel shut down. Infections were starting to climb, and as he drove back to his home in Tel Aviv, he was thinking about how dangerous everything suddenly seemed. A former intelligence officer with dark hair and a closely cropped beard, Zaidenberg had left the Israeli army with a deep belief in working for peace. Coronavirus is a war, he thought. Then he remembered the malicious documents he’d been seeing. For the most part, they’d seemed benign enough—someone trying to get into a system to spy, for instance. But now something new jolted his mind: What if the malware was instead used to compromise hospital security? <snip>
Cleveland-area hospital goes offline after apparent cyberattack
Hospitals have become particularly sensitive to ransomware attacks, which can cause interruptions or delays to potentially lifesaving care.
“As a result of this incident, we have postponed all elective procedures through Wednesday, Sept. 30,” Habowski said. “Our emergency department remains open to life-threatening emergencies and walk-in patients, and our outpatient departments and physician offices are continuing to provide care for patients.”
Kylie Jenner’s Makeup Company Warns of Data Breach
Kylie Cosmetics warns customers their information was impacted by Shopify data theft.
Clients of Kylie Cosmetics have now been notified that their personal data may be among the information swiped by the two employees, whom Shopify has branded as “rogue.”
Information impacted by the security incident included basic contact details such as email, name, and address, as well as order details, like products and services purchased. An email sent by the 23-year-old billionaire’s beauty business to its customers stated: “Your trust is so important to us and we wanted to let you know we’re working diligently with Shopify to get additional information about this incident and their investigation and response to this matter.”