Tag Archive for: Shuts

Ransomware attack shuts down Central Florida radiology imager sites

/in


A ransomware attack shut down a medical diagnostic imaging firm in South Florida, shutting down several Central Florida locations, as well.

Earlier this month, a hacker accessed personal patient data at the Akumin site headquartered in Broward County, the firm said in a statement.

What is a ransomware attack?

A ransomware attack is a cyberattack designed to encrypt files on a device, rendering the data useless unless the owners of the data give a ransom to the hacker in exchange for a decryption or key, according to the Cybersecurity and Infrastructure Security Agency.

Healthcare facilities tend to be targets for ransomware attackers due to the sensitive information establishments have stored on vulnerable technologies, such as wireless devices that have access to the healthcare facilities, and network, according to CISA. These devices often can be viewed as backdoors into valuable information vaults.

Which Central Florida offices were affected?

The outpatient radiology and oncology service announced Tuesday it was temporarily shutting down services throughout the state including seven Central Florida locations.

• Orlando – 7960 Forest City Road and 1150 S. Semoran Boulevard

• Deltona – 1555 Saxon Boulevard

• Winter Haven – 7524 Cypress Gardens Boulevard

• Kissimmee – 1503 W. Oak Street and 819 E. Oak Street

• Mount Dora – 7524 Cypress Gardens Boulevard

Akumin has 50 locations throughout Florida and is available in several other states.

Can past records be accessed?

Regarding accessing past medical records, Akumin said certain imaging results may be unavailable.

“Our systems are being restored with differing timelines. Please check with the clinic you visited to learn more about the availability of prior studies. We will provide updates on restoration as appropriate,” it said in a statement.

Akumin also said it will alert patients once it can reschedule appointments, however, it has no timeline at this point.

Additionally, Akumin was found to have filed for Chapter 11 bankruptcy weeks after the cyberattack took place, according to a report by First Coast News, an NBC-affiliated station in Jacksonville.

Source…

Questions linger after ‘cyber issue’ shuts down MGM computer systems

/in


MGM Grand

Jae C. Hong / AP

The Las Vegas Monorail passes by MGM Grand, April, 27, 2006, in Las Vegas.

By (contact)

The targets of cybersecurity attacks are typically high-profile companies that face challenges getting back online, said Yoohwan Kim, a UNLV computer scientist who studies data privacy on blockchain and network security.

Think hospitals, utility companies, even casino giants like MGM Resorts International.

MGM, with 28 properties worldwide, including many up and down the Las Vegas Strip, starting late Sunday experienced what resort officials labeled a “cyber issue.”

The nature of the issue was not detailed, but a statement from MGM said efforts to protect data included “shutting down certain systems.” The FBI is taking part in the investigation.

The shutdown prevented credit card transactions and crashed the BetMGM sports betting mobile app and company websites. It also prevented digital access to guest rooms, halted some slot machine play and provided the company plenty of bad publicity.

It was not known how many people were affected by the disruptions.

“One thing is clear: When this happens, there’s a lot of chaos in the company figuring out what it will take to fix it,” said Kim, who spearheaded the effort to develop a cybersecurity major at UNLV.

Kim said answers to many questions — Who did this? What information was compromised? Why MGM? — wouldn’t be immediately known. An attack of this nature takes time to execute and could have been years in the making, he said.

The motivation was more than likely money — pay a ransom to get back up and running, he said. MGM could have been asked to pay “several million dollars,” Kim speculated.

“It comes down to a cost analysis” when deciding whether to pay, he said. “If there’s urgency and people will die (such as could be the case with a hospital), that’s motivation to pay the ransom to resolve as fast as possible.”

This is not the first time MGM has been the target of a cyber issue.

Details about millions of people who stayed at MGM properties were published in 2020 on a hacking forum, including some driver’s license and passport…

Source…

New iOS patch shuts down serious exploit

/in


Apple iPhone 14 Pro Max dynamic island angle

Robert Triggs / Android Authority

TL;DR

  • Apple has released security updates for iOS, iPadOS, macOS, and watchOS.
  • The latest patch fixes two zero-day vulnerabilities commonly known as BLASTPASS.
  • The security flaws allow malicious images or attachments to install malware on your Apple device.

If you have an iPhone, iPad, MacBook, or Apple Watch, you will want to update your device as soon as possible. Even if you typically avoid updates, this patch is one you shouldn’t miss, as it fixes two serious bugs.

Apple has released a new update that addresses the zero-day vulnerabilities CVE-2023-41064 and CVE-2023-41061, according to Ars Technica. Zero-day vulnerabilities are security flaws that have been discovered before security researchers or software developers become aware of them, making them a higher risk than other threats.

The updates include iOS 16.6.1, iPadOS 16.6.1, macOS 13.5.2, and watchOS 9.6.2. Unfortunately, it appears there have been no patches rolled out for older OS versions.

CVE-2023-41064 and CVE-2023-41061, better known as BLASTPASS, allow for images and attachments to install malware on your device. For example, loading a malicious image from WhatsApp, iMessage, or Safari could trigger the installation of malware. This cyberattack technique is known as steganography, or the hiding of a file within another file. It works by inserting malicious code in the hidden data that comes with an image.

The security gaps were first reported by the Citizen Lab at the Munk School of Global Affairs & Public Policy at the University of Toronto. Citizen Lab says that BLASTPASS was “being used to deliver NSO Group’s Pegasus mercenary spyware.”

Since Apple is holding its “Wonderlust” event on September 12, this will probably be the last update before the iPhone 15 launches. Apple will likely announce iOS 17 during this keynote.

Source…

University of Michigan shuts down internet due to security concern

/in


ANN ARBOR, Mich. – Internet service at the University of Michigan was cut off by the university after a cybersecurity threat was detected on Monday, the first day of fall classes for many students.

“We recognize that cutting off online services to our campus community on the eve of a new academic year is stressful and a major inconvenience. We sincerely apologize for the disruption this has caused. Our Information Assurance team, in partnership with leading cybersecurity service providers, detects, deflects, and mitigates a steady stream of malicious actors every hour of every day.

Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet. We took this action to provide our information technology teams the space required to address the issue in the safest possible manner.”

—> System-wide power outage forces 5 schools in Ann Arbor to close

The university said it may be several days before all online services return to normal activity. Here’s some info they offered for students:

  • It appears that the impact is not the same across the university or on all campuses. All clinical applications at Michigan Medicine are functional and no patient care has been disrupted.

  • Classes are meeting on all three campuses. Faculty members will, to the best of their abilities, communicate directly with students directly regarding any needed adjustments. Please check ro.umich.edu/calendars/schedule-of-classes to view public course schedules and locations.

  • Campus leaders recognize that many students rely on U-M systems to access class information and navigate campus, especially on the first day of classes. Consideration will be given to students for impacts to class attendance or assignments that depend on U-M systems while our teams work to restore service.

  • Campus remains open. Residence halls, dining facilities, classroom buildings, and all university offices are operational. Individual units are making local decisions about where (on campus or remotely) employees are best able to fulfill their roles.

  • In recognition of the challenges faced during this outage, students will not incur late registration or…

Source…