What You Need to Know, What You Need to Do

The war in Ukraine is heating up again in recent days with multiple missile and drone strikes. The action comes on the heels of Western allies' promises of tank assistance to help push back Russian forces. The battle against cybercriminals is hitting closer to home, especially for U.S. healthcare organizations and hospitals. The pro-Russia group Killnet launched a series of distributed denial-of-service attacks in the past few days against some of the top clinics and medical centers in the United States, and many experts posit that similar attacks could expand in breadth across other countries that are supporting Ukraine. Killnet is not new, but the nature of their attacks on government institutions, private companies - and now, healthcare organizations - is evolving. Killnet is the same pro-Russian hacker collective that recently took down the European Parliament website with a DDoS attack after EP leaders "Proclaimed Russia as a state sponsor of terrorism," noted Parliament president Roberta Metsola. Lithuania, Czech Republic, and Romania have all also had their government websites attacked. In the United States, the landscape is a bit more broad. Killnet's targets included the government websites of at least three states last year. U.S. airport websites also fell victim to Killnet in October 2022, and the group took credit for stealing employee data from defense contractor Lockheed Martin in an August 2022 cyberattack. All these organizations can be considered critical infrastructure, but attacking healthcare systems takes that a step further, with the potential to affect millions of patients in one fell swoop. Killnet employs two-stage attacks by first hitting websites with an HTTP flood and then hitting the sites with a DNS amplification attack. These techniques aren't unique - but Killnet's recent focus on the healthcare industry is. Given the Biden administration's high-profile focus late last year on healthcare as a key area in which to enhance cybersecurity guidance and requirements, it's not a complete surprise that a pro-Russia organization would capitalize on vulnerabilities. Whether these are assumed or ascertained weaknesses is besides the point. Killnet attackers do extensive research on their targets, and recent events have shown that healthcare is likely to continue as a prime target. As the healthcare industry rapidly becomes more digitized, the conversation around posture, infrastructure, and mitigation is evolving. Akamai is no stranger to that conversation, and we are driving a proactive dialogue by examining data and reviewing attacker reconnaissance techniques. In healthcare, this is especially important since the industry had the most DDoS attacks on the Akamai platform in 2022. What we have observed is that groups like Killnet appear to be well aware of who is currently protected, and who is not. DDoS attacks tend to focus on less well-protected entities. Through careful and precise reconnaissance, the attackers determine who will be attacked next. A simple HTTP request or BGP peering lookup can validate the request path from the attacker machine back to the target web server, or work out whether the target infrastructure is protected by BGP/routing-based DDoS defenses. As an industry that's recently grappled with COVID-19, lower profit margins, and worker shortages, it's likely that readiness conversations in the healthcare space have been geared more toward clinical or financial outcomes. Today, protecting patients is about more than wearing a mask or providing vaccinations. It's about protecting patients' personal data and holistically safeguarding the systems that require continuous uptime to provide healthcare 24/7/365. Assessing threat readiness is an essential part of the conversation - one that Akamai is well-versed to lead. Learn more. Want to learn more about the evolution and growing threat of DDoS attacks? This 30-minute security architecture review with Akamai experts will help you identify if you're at risk.

This Cyber News was published on www.akamai.com. Publication date: Wed, 01 Feb 2023 18:17:02 +0000


Cyber News related to What You Need to Know, What You Need to Do

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
1 year ago Hackread.com
Should I get CISSP Certified? - CISSP's reputation as a certification is for being 'a mile wide and an inch deep'. That's a limitation too - CISSP means you understand something, but not that you know how to do it. But the exam is a six-hour marathon consisting of a vast array of ...
9 months ago Securityboulevard.com
How to Set Up a VLAN in 12 Steps: Creation & Configuration - Each VLAN configuration process will look a little different, depending on the specifications you bring to the table, and some of these steps - particularly steps five through eight - may be completed simultaneously, in a slightly different order, or ...
11 months ago Esecurityplanet.com
VMware vCenter RCE Vulnerability: What You Need to Know - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
4 months ago Securityboulevard.com
5 Types of Crypto You Didn't Know Existed - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
8 months ago Hackread.com
Less is more: Conquer your digital clutter before it conquers you - In case you missed it, last week was Data Privacy Week, an awareness campaign to remind everybody that any of our online activities creates a trail of data and that we need to better manage our personal information online. Increasingly, we live our ...
1 year ago Welivesecurity.com
Honeytokens for Peace Of Mind - If you have been tackling the realities of secrets sprawl, getting a handle on all the hardcoded credentials in your organization, then we understand the stress and the restless nights that can bring. Even a small team can add hundreds of secrets a ...
10 months ago Feeds.dzone.com
Scattered Spider: Evolving & Resilient Group Proves Need for Constant Defender Vigilance - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
4 months ago Securityboulevard.com
Top 10 Cybersecurity Interview Questions and Answers - Interviewing for a job in information security can be daunting. According to security experts, memorizing hundreds of terms isn't the ticket to a successful interview for a cybersecurity job. The best candidates have a sense of what they want to ...
4 months ago Techtarget.com
Cyber Security Managed Services 101 - Benefits of an MSP. Maximizing efficiency. Cyber threats and cyberattacks like ransomware targeting SMBs continue to increase in part because malicious actors realize these organizations don't have the means or manpower for security teams. Even ...
1 year ago Trendmicro.com
Halting Hackers on the Holidays 2023 - As we saw with major holidays including Black Friday and Cyber Monday and now right around the corner and a massive increase in shopping online for the Christmas season, we count the breaches and total personally identifiable information records lost ...
11 months ago Cyberdefensemagazine.com
Meet the Ransomware Negotiators - We really thought it'd be really interesting for our listeners to know more about how it works in ransomware response process, how a company decides to pay the ransom, how that process works through a negotiator. I don't believe anybody really starts ...
4 months ago Darkreading.com
Lee County student Chromebooks hacked in 'Cyber Monday prank' - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Nbc-2.com
Google to Delete Inactive Gmail Accounts From Today - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Particle Network's Intent-Centric Approach Aims to Simplify and Secure Web3 - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
11 months ago Hackread.com
Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard APT - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Int'l Dog Breeding Org WALA Exposes 25GB of Pet Owners Data - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
11 months ago Hackread.com
Q3 2023 Cyber Attacks Statistics - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackmageddon.com
Fake Lockdown Mode Exposes iOS Users to Malware Attacks - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Cryptocurrency losses reach $1.75 Billion in 2023; CeFi and Hacks Blamed - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com
Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System - Cookies, device or similar online identifiers together with other information can be stored or read on your device to recognise it each time it connects to an app or to a website, for one or several of the purposes presented here. Advertising ...
11 months ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)