Week in Review: Amazon passkeys usage, healthcare ransomware stats, major cybercrime takedowns
Oct 18, 2024
auto_awesome
In this discussion, Steve Person, CISO at Cambia Health, shares his expertise on cybersecurity in the healthcare sector. He delves into the rising threats from ransomware and the need for resilience against cybercrime. The conversation highlights the innovative use of PassKeys among Amazon customers to reduce risks like phishing. Steve also addresses the alarming deepfake scams in Hong Kong and emphasizes the importance of education and community engagement in enhancing cybersecurity practices.
The arrest of a hacker involved in major cyber attacks highlights the need for international cooperation in combating cybercrime.
The increasing frequency of ransomware attacks on healthcare organizations emphasizes the critical need for improved cybersecurity resilience and recovery strategies.
Deep dives
Cyber Justice: The Arrest of USDOD Hacker
Brazilian authorities have arrested a hacker believed to be responsible for significant cyber attacks, including intrusions on the FBI's InfraGard platform and the Airbus data breach. This incident highlights the complexities of international cybercrime, as most attacks typically originate from jurisdictions that do not prioritize law enforcement against cybercriminals. Experts stress the importance of both improving security measures to reduce the economic incentives for cybercrime and supporting international law enforcement in their efforts to bring cybercriminals to justice. The discussion emphasizes the need for organizations to eliminate weaknesses in their systems, such as insufficient multi-factor authentication and critical vulnerability patching.
Anonymous Sudan's Record DDoS Attacks
A federal grand jury has indicted two Sudanese brothers linked to the cybercriminal group Anonymous Sudan, known for carrying out a staggering 35,000 DDoS attacks in just one year, including those targeting Microsoft services. This case underscores the vulnerability of high-profile organizations and the evolving methods employed by attackers, which include sophisticated techniques for bypassing existing security measures. The strengths of Anonymous Sudan were attributed to their custom-built attack infrastructure, which allowed them to exploit weaknesses effectively and gain unauthorized access to services. Security experts remind organizations of the importance of maintaining a multifaceted defense strategy and avoiding complacency regarding established controls.
Ransomware Attacks on U.S. Healthcare Institutions
A recent Microsoft report reveals that nearly 400 U.S. healthcare organizations have fallen victim to ransomware attacks over the past year, leading to severe disruptions in crucial medical services. Cybercriminals from Russia, North Korea, and Iran are increasingly driven by financial motives rather than outright destruction, prompting healthcare institutions to enhance their cybersecurity measures. Despite some positive trends—such as a decrease in attacks reaching the encryption stage—the frequency of attacks poses significant challenges, especially in environments where patient safety is paramount. The discussion emphasizes the importance of investing in resilience and recovery processes, ensuring that healthcare organizations can quickly respond to incidents without jeopardizing service delivery.
This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Person, CISO, Cambia Health
Thanks to our show sponsor, Conveyor
It’s spooky season, and nothing’s scarier than all of your account execs asking if you’re done with their customer security questionnaires. Don’t worry—Conveyor is here to help. Conveyor’s market leading AI automates the most time-consuming parts of customer security reviews: answering security questionnaires and sharing security docs like your SOC 2 with customers. Get instant AI answers to questionnaires and host an enterprise-grade trust center where customers can download documents and self-serve answers to their own questions. End the horror show. Try it for free at www.conveyor.com.
All links and the video of this episode can be found on CISO Series.com
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
