GlobalSign Blog

The GlobalSign Cybersecurity News Round-Up: Week of March 23, 2020

The GlobalSign Cybersecurity News Round-Up: Week of March 23, 2020

Welcome to the latest GlobalSign wrap-up of the week in cybersecurity news. 

Despite COVID-19’s rapid spread and deepening hold on the world, many hackers are sadly continuing to take advantage of it. Unfortunately, this includes continued attacks on the medical and healthcare sectors. As you’ll read on in this post, there have been at least three healthcare-focused attacks in the last week related to the worldwide pandemic. 

Beyond the coronavirus, major business names have revealed other types of attacks in the last week. This includes GE – which revealed a data breach in late February – and London-based Finastra, a large financial services software provider, which was recently hit by a ransomware attack. 

At least there are rays of hope. Increasing numbers of cybersecurity professionals are teaming up to fight hackers. For example, last week Cyberscoop wrote about a group of cybersecurity volunteers working to combat hackers. Now, a new story in Verdict (which you can find a link to below) discusses how even more cybersecurity community members are banding together to stop the bad guys. In such a challenging time, it is very good to see the increasing numbers of people working together to beat the virus in the real, and virtual world. 

Read on for all the stories. Wishing you all good health! 

Top Global Security Stories

Tech Crunch (March 26, 2020) Medical and military contractor Kimchuk hit by data-stealing ransomware

"Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware, TechCrunch has learned.

The Danbury, Conn.-based manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security clearance.

Its systems were infected and knocked offline earlier this month by DoppelPaymer, a newer strain of ransomware that exfiltrates data out of an infected network before encrypting user files. If a victim doesn’t pay the ransom to decrypt their files, the DoppelPaymer group will begin publishing the contents of their victim’s network." 


HealthITSecurity (March 25, 2020) 140K Patients Impacted in Tandem Diabetes Care Phishing Attack

"About 140,000 patients of Tandem Diabetes Care are being notified their data was potentially compromised after several employee email accounts were compromised during a phishing attack. Tandem is a medical device manufacturer based in San Diego, California.

On January 17, Tandem first discovered a hacker gained access to an employee email account through a phishing campaign. Upon discovery, the account was secured and investigation was launched to determine the scope of the incident.
The investigation determined several employee email accounts were compromised for three days between January 17 and January 20. The affected accounts contained a range of patient data including details related to customers’ use of Tandem products or services, clinical data about diabetes therapy, and Social Security numbers, for a limited number of patients.

Patients whose Social Security numbers were impacted will receive a year of free credit monitoring and identity protection services. Tandem notified impacted healthcare providers, along with a general public notification."


TechRadar (March 24, 2020) General Electric suffers data breach after service provider hack

"General Electric (GE) has revealed that one of its service providers has fallen victim to a data breach which resulted in the personally identifiable information of current and former employees as well as beneficiaries being exposed online.

In a notice of data breach filed with the Office of the California Attorney General, the multinational company explained that Canon Business Process Services (Canon), a GE service provider, had one of its employee email accounts breached by an unauthorized party last month, saying:

'We were notified on February 28, 2020 that Canon had determined that, between approximately February 3 - 14, 2020, an unauthorized party gained access to an email account that contained documents of certain GE employees, former employees and beneficiaries entitled to benefits that were maintained on Canon’s systems.'"


IT Pro Portal (March 24, 2020) Paris hospitals targeted in major cyberattack

"Hackers have targeted hospitals in Paris with a major cyberattack, new reports have claimed. 

According to a Bloomberg news report, the goal of the attack against the Paris Hospital Authority (AP-HP) was to overwhelm hospital computers and thus disable the service. 

The organisation’s spokesperson told the media that it managed to successfully handle the attack, walking away unbruised. 

AP-HP is the largest hospital network in Europe, and offers a lot more than just healthcare – its services also include research, prevention and education. "


Forbes (March 23, 2020) COVID-19 Vaccine Test Center Hit By Cyber Attack, Stolen Data Posted Online

"A medical facility on standby to help test any coronavirus vaccine has been hit by a ransomware group that promised not to target medical organizations.

The criminals behind the Maze ransomware attacks have struck again, stealing data from a victim and then publishing it online to get them to pay the ransom demanded.

That, in and of itself, would not be particularly newsworthy, sadly. However, the Maze threat actors were amongst the leading cybercrime gangs which, just days ago, pledged not to attack healthcare and medical targets. The Maze threat actors didn't go as far as those behind the DoppelPaymer threat by offering free decryptor codes to those hit by accident. Nor, it would appear, did they mean what they said. The latest victim is Hammersmith Medicines Research, a British company that previously tested the Ebola vaccine and is on standby to perform the medical trials on any COVID-19 vaccine."


Bank Infosecurity (March 23, 2020) Fintech Firm Finastra Recovering From Ransomware Attack

"Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.

Finastra, founded in 2017, is one of the world's largest fintech firms, reporting revenue of $1.9 billion in 2019. Its software is used by some of the world's largest banks, according to the company's website. It has offices in 42 countries with 10,000 employees, and it serves over 9,000 customers.

Finastra sells cloud-based and on-premises financial software, including mobile banking tools, to financial institutions, investment firms and retail outlets."


Other Industry Headlines 

Coronavirus hackers face the wrath of the cybersecurity community

How COVID-19 is Highlighting the Need for Canada to Embrace Digital Signatures 

Working from home? Switch off Amazon's Alexa (say lawyers)

FireEye warns about the proliferation of ready-made ICS hacking tools

Secure the Refrigerator: Broad New California and Oregon IoT Security Laws Come Into Effect

Ameren Missouri Equipment Supplier Targeted In Ransomware Attack

Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.

Share this Post

Recent Blogs