Connect with us

Blockchain

Security Risks in Medical IoT Devices – MEDJACK Malware Review

Devices on the Internet of Things are a weak point in many networks. Too often, they have outdated operating systems and poor security protection. IT administrators can’t get at their internals. Deploying insecure devices in healthcare systems can produce especially damaging consequences. Security Risks in Medical IoT Devices Health-related data is a prime target, and…

The post Security Risks in Medical IoT Devices – MEDJACK Malware Review appeared first on Blockchain Healthcare Review.

Published

on

Devices on the Internet of Things are a weak point in many networks. Too often, they have outdated operating systems and poor security protection. IT administrators can’t get at their internals. Deploying insecure devices in healthcare systems can produce especially damaging consequences.

Health-related data is a prime target, and the legal penalties for failing to protect personal health information are severe. An infected device may not function properly, putting patients’ health and even lives at risk.

Current risks of medical IoT devices:

    • With the number of IoT devices growing from millions to 100s of millions centralized processes cannot scale​
    • Current processes are vulnerable to variety of threats.

Attacks on devices through MEDJACK

The MEDJACK attack provides a case in point. It’s a set of malware tools that target medical devices. MEDJACK takes advantage of weaknesses in older operating systems which are embedded in devices. They include Windows XP, 2000, and Server 2003, as well as some Linux distributions. It has gone through several revisions, each time devising new ways to bypass defenses.

It follows the “command and control” model, where it installs malware in a device which then sends data to a server that belongs to the attacker. The aim is to exfiltrate confidential data on the patient or the provider. Such data has high resale value. The devices serve as a pivot point from which the malware can reach other systems on the network.

The difficulties in defending against MEDJACK

Several factors make it difficult to detect and defend against these attacks. The devices are usually black boxes to the IT department. There often is no way to connect a console to them. Installing anti-malware software is difficult. Even if there is a way to do it, it may be inadvisable, since it would modify the behavior of an FDA-certified device. If a desktop computer stops running properly because of security software, it’s a nuisance that can be fixed. If a lifesaving device has the same problem, the consequences could be much worse.

As a result, the IT department is dependent on the manufacturer to issue security patches. Some manufacturers are slow at this. Some are reluctant to update certified devices, even though the FDA has issued guidelines stating that security patches don’t require re-certification of the device.

TrapX report – a case of malicious penetration

TrapX’s report, “Anatomy of an Attack,” describes three breaches that resulted from MEDJACK. They are similar in many ways, and a detailed look at the first will be informative.

A hospital, not named in the study, experienced several security alerts. The point of penetration was three blood gas analyzers, which had been breached in separate attacks. They had set up backdoors in the local network and were sending hospital data to a server in Europe. The amount of data stolen is uncertain, but there clearly was a breach.

After gaining a foothold in the devices, the attack used malware such as Zeus and Citadel to find passwords to other systems. The devices stored their data without encryption, simplifying the acquisition of confidential information.

Blood gas analyzers are used for critical treatment. They can’t simply be pulled out of service. Remedying the malware problem, even when it is known, is a difficult task.

The hospital had respectable network security. It had a firewall, heuristic intrusion detection, endpoint security, and antivirus software. These were insufficient to prevent intrusion because the devices had antiquated operating systems and because it was impossible to install security software on them.

TrapX concluded that the attackers could have not only stolen data but modified internal data. While the report doesn’t indicate that malicious modifications occurred, a similar attack could make devices produce false data on patients. That could lead to deadly errors in treatment.

Benefits of blockchain integration

Manufacturers using enabled blockchains can construct authorization/authentication databases. The QBRICS enterprise platform presents a unique example of an integrated blockchain solution. QBRICS proposes that authorization/authentication databases be propagated to read-only permission blockchain databases downstream using proprietary transmission protocols​. A plugin provided by the blockchain platform on IoT devices would then authenticate using the most proximate database. Fully deployed, relevant data from inventory, operational analytics (usage), marketing perspective would be readily accessible for consumption by business intelligence tools.The complete solution would provide:

    • No rogue devices (stolen devices, unauthorized vendors etc)​
    • Near-universal availability of device information (including software and hardware)​
    • Device movement and location information​
    • Device usage information ​
    • Device software upgrades easier (as targets easily identified, maintenance becomes easier)​

Conclusion

As this case shows, IoT-based attacks are difficult to prevent and detect. Several actions, however, can reduce the risk:

  • Take security features into account when selecting devices, when information on them is available.
  • Keep IoT devices on a separate subnetwork which doesn’t have access to critical information.
  • Use firewalls to strictly limit inbound and outbound access to IoT devices.
  • Run frequent security scans for any signs of infection.
  • Doing without the devices is rarely an option. The only alternative is to give extra attention to their security.

Subscribe to stay up to date with the latest blockchain innovation in healthcare .

subscribe

Subscribe to receive blockchain analysis of cyber security threats in healthcare. e

Source: https://blockchainhealthcarereview.com/security-risks-in-medical-iot-devices-medjack-malware-review/?utm_source=rss&utm_medium=rss&utm_campaign=security-risks-in-medical-iot-devices-medjack-malware-review

Blockchain

Robinhood Testing New Cryptocurrency Wallet as Demand Rises

Published

on

The millennial-focused trading portal is edging closer to launching a long-awaited app that will enable its growing user-base to send and receive cryptocurrencies.

A beta version of Robinhood’s iPhone app showed the company’s latest upgrades on the new digital asset features, according to Bloomberg.

There is a hidden image showing a waiting list for users eager to get their hands on the app and code referring to crypto transfers, it added.

Delving Deeper into Crypto

Robinhood users can already buy and sell cryptocurrencies on the platform but they need to convert them to and from USD. With a native app, users will be able to send crypto assets to each other directly and set up two-factor authentication for additional security.

Robinhood Chief Executive Officer Vlad Tenev stated that adding crypto wallets is a priority for the company’s developers and they are actively working on such.


ADVERTISEMENT

“The ability to deposit and withdraw cryptocurrencies is tricky to do with scale, and we want to make sure it’s done correctly and properly.”

He did not specify a launch date, but the beta app leak suggests it is not too far away. Users of the new functions will need to activate crypto sending and receiving and the registration page will require an identity check, the report added.

On Sept. 11, CryptoPotato reported that Robinhood had launched incentives to promote longer-term cryptocurrency investing. The zero-fee recurring purchase feature enables users to schedule digital asset purchases for regular intervals with buys as low as a dollar.

This will encourage customers to build their cryptocurrency portfolios over time and “become a whole coiner,” stated Robinhood.

Robinhood Users Hungry For Crypto

Cryptocurrency trading has been one of the biggest drivers of revenue for Robinhood this year. Dogecoin has been the crown jewel, according to the company. It reported that 62% of its $233 million in second-quarter crypto income came from DOGE trading.

It added that more than half of all transaction-based revenue on the platform came from digital asset trading. The firm did warn that Q3 would not be as prosperous due to “seasonal headwinds and lower trading activity across the industry.”

Robinhood share prices have already fallen 43% since their all-time high of a little over $70 in early August. They are currently trading down 1.68% since Monday’s open at $40.70 according to Yahoo! Finance.

SPECIAL OFFER (Sponsored)

Binance Futures 50 USDT FREE Voucher: Use this link to register & get 10% off fees and 50 USDT when trading 500 USDT (limited offer).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to get 50% free bonus on any deposit up to 1 BTC.

You Might Also Like:


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.

Click here to access.

Source: https://cryptopotato.com/robinhood-testing-new-cryptocurrency-wallet-as-demand-rises/

Continue Reading

Blockchain

Snoop Dogg Reveals His Connection With Twitter Account on NFTs

Snoop Dogg Twitter

Rate this post American rapper Snoop Dogg tweeted on Monday that he’s the owner of a Twitter account that talks about nonfungible tokens (NFTs). The account, named @CozomoMedici, shares “insights and tales from the wild world of NFTs” and has 27.7K followers at the moment. Snoop Dog Claims to Be Popular NFT Advocate on Twitter Snoop Dogg left the crypto community stunned this week after he revealed himself as the owner of a Twitter account dedicated to NFTs.  The account Cozomo de’ Medici, named after an Italian banker, is only a month old. However, it has already garnered attention from industry watchers and even a mention from crypto-focused news outlet The Block.   According to The Verge, the person behind the Medici account had been creating hype around their real identity for “at least a few days” and even conducted a poll for their followers to take a guess. The poll featured Democratic congresswoman Alexandria Ocasio-Cortez and Matt Bellamy, the lead singer of the rock band Muse. Snoop, however, was not mentioned in the poll. On September 20, @CozomoMedici tweeted that they were about to reveal their identity from their account. Shortly after, Snoop Dogg tweeted “I am @CozomoMedici.”   Interestingly, after making this revelation, the Medici account bought two weed-themed collectibles from an artist named NyanDogg, The Verge reported. Additionally, Snoop’s alleged OpenSea account has been sent  “a cloud of blunt and Snoop-themed NFTs” following the reveal. Is Medici Account an Elaborate Prank? The Medici account could likely turn out to be an elaborate prank, one that Snoop might have engineered himself or just participated in. Many reactions to Medici’s reveal have also expressed skepticism about Snoop’s involvement. “I have a hard time accepting that this account is Snoop Dogg. Like seriously Snoop Dogg muted his live stream for a week (?) by accident. And he is that deep into NFTs out here owning crypto punks… Owning Eth using OpenSea. Would love that to be true but I can’t believe it,” Twitter user @Brandolf485 wrote in the comments. Nonetheless, the crypto community will have to continue looking for concrete proof till Snoop’s involvement with the account is confirmed. 

The post Snoop Dogg Reveals His Connection With Twitter Account on NFTs appeared first on Cryptoknowmics-Crypto News and Media Platform.

Published

on

American rapper Snoop Dogg tweeted on Monday that he’s the owner of a Twitter account that talks about nonfungible tokens (NFTs). The account, named @CozomoMedici, shares “insights and tales from the wild world of NFTs” and has 27.7K followers at the moment.

Snoop Dog Claims to Be Popular NFT Advocate on Twitter

Snoop Dogg left the crypto community stunned this week after he revealed himself as the owner of a Twitter account dedicated to NFTs. 

The account Cozomo de’ Medici, named after an Italian banker, is only a month old. However, it has already garnered attention from industry watchers and even a mention from crypto-focused news outlet The Block.  

According to The Verge, the person behind the Medici account had been creating hype around their real identity for “at least a few days” and even conducted a poll for their followers to take a guess. The poll featured Democratic congresswoman Alexandria Ocasio-Cortez and Matt Bellamy, the lead singer of the rock band Muse. Snoop, however, was not mentioned in the poll.

On September 20, @CozomoMedici tweeted that they were about to reveal their identity from their account. Shortly after, Snoop Dogg tweeted “I am @CozomoMedici.”

Interestingly, after making this revelation, the Medici account bought two weed-themed collectibles from an artist named NyanDogg, The Verge reported. Additionally, Snoop’s alleged OpenSea account has been sent  “a cloud of blunt and Snoop-themed NFTs” following the reveal.

Is Medici Account an Elaborate Prank?

The Medici account could likely turn out to be an elaborate prank, one that Snoop might have engineered himself or just participated in. Many reactions to Medici’s reveal have also expressed skepticism about Snoop’s involvement.

“I have a hard time accepting that this account is Snoop Dogg. Like seriously Snoop Dogg muted his live stream for a week (?) by accident. And he is that deep into NFTs out here owning crypto punks… Owning Eth using OpenSea. Would love that to be true but I can’t believe it,” Twitter user @Brandolf485 wrote in the comments.

Nonetheless, the crypto community will have to continue looking for concrete proof till Snoop’s involvement with the account is confirmed. 

PlatoAi. Web3 Reimagined. Data Inteligence Amplifed.
Click here for Free Trial.

Source: https://www.cryptoknowmics.com/news/snoop-dogg-reveals-his-connection-with-twitter-account-on-nfts/

Continue Reading

Blockchain

TA: Ethereum Breaking This Confluence Resistance Could Spark a Recovery

Published

on

Ethereum started a major decline below the $3,200 support zone against the US Dollar. ETH price traded as low as $2,807 and it is now attempting a recovery wave.

  • Ethereum started a fresh decline below the $3,300 and $3,200 support levels.
  • The price is now trading below $3,200 and the 100 hourly simple moving average.
  • There is a key bearish trend line forming with resistance near $3,020 on the hourly chart of ETH/USD (data feed via Kraken).
  • The pair could a steady recovery wave if there is a close above $3,050 in the near term.

Ethereum Price Corrects Losses

Ethereum started a major decline from the $3,500 resistance zone. ETH traded below many important support zones near $3,300 and the 100 hourly simple moving average, similar to bitcoin.

The bears gained strength below the $3,200 support zone. Finally, ether spiked below $3,000 and extended its decline. A low is formed near $2,807 and the price is now correcting losses. There was a break above the $2,920 and $2,950 resistance levels.

The price recovered above the 23.6% Fib retracement level of the recent decline from the $3,455 swing high to $2,807 low. An immediate resistance on the upside is near the $3,020 level. There is also a key bearish trend line forming with resistance near $3,020 on the hourly chart of ETH/USD.

Ethereum Price

Source: ETHUSD on TradingView.com

A close above the $3,020 and $3,050 levels could start a decent recovery. The next major resistance might be near the $3,130 level. It is near the 50% Fib retracement level of the recent decline from the $3,455 swing high to $2,807 low. A clear break and close above the $3,130 level could start a steady increase. The next major resistance sits near $3,300.

More Losses in ETH?

If ethereum fails to correct higher above the $3,020 and $3,050 resistance levels, it could start another decline. An initial support on the downside is near the $2,960 level.

The next major support seems to be forming near the $2,900 level. A downside break below the $2,900 support zone could lead the price towards the $2,800 zone. The next major support is near the $2,750 level, below which ether price might decline towards the $2,640 support zone.

Technical Indicators

Hourly MACDThe MACD for ETH/USD is slowly losing pace in the bearish zone.

Hourly RSIThe RSI for ETH/USD is still well below the 50 level.

Major Support Level – $2,960

Major Resistance Level – $3,050

PlatoAi. Web3 Reimagined. Data Intelligence Amplified.

Click here to access.

Source: https://www.newsbtc.com/analysis/eth/ethereum-confluence-resistance-3050/

Continue Reading
Uncategorized5 days ago

Swissquote Confirms European Expansion Plan, Focusing on Crypto

Uncategorized5 days ago

Bingbon Launches its Carbon Free and Afforestation Project

Blockchain5 days ago

Massive NFT and Token Giveaway from Polker as Staking is Announced!

Uncategorized5 days ago

Nickelodeon All-Star Brawl will include DLC fighters post-launch

News4 days ago

Gods Unchained and Guild of Guardians Layer 2 Solution Immutable Raises $60 Million

Blockchain3 days ago

Over 40 days after Ethereum’s EIP-1559, here’s where it stands

Blockchain5 days ago

Opensea NFT marketplace Accuses Senior Employee of Insider Trading

Blockchain5 days ago

Grab a spot in Tomi’s presale by bagging an NFT – 260+ ETH raised!

Blockchain5 days ago

Kanga Exchange Partners with Tenset for an Exclusive Public Sale of KNG Token

Blockchain3 days ago

Cardano Sees an Influx in Smart Contracts ! But There’s a Twist

Blockchain5 days ago

If Shiba Inu is a ‘shitcoin,’ why are exchanges still listing it

Blockchain5 days ago

Over $1B Worth of ETH Burned in the Aftermath of Ethereum’s London Upgrade

Blockchain5 days ago

Ethereum, NEO, Dogecoin Price Analysis: 16 September

Uncategorized2 days ago

NBA 2K22 Limitless Spot-Up and Chef Badges Explained

News5 days ago

MicroStrategy Issues a Response to FASB’s 2021 ‘Invitation to Comment’

Uncategorized4 days ago

Laos Green-Lights Cryptocurrency Trials

Blockchain5 days ago

Bitcoin Cash: A 40% hike may be incoming from this setup

Uncategorized4 days ago

DeFi comes to Cardano (ADA) as EMURGO announces ‘Astarter’

Uncategorized5 days ago

Tether Claims to Hold no Commercial Paper From Struggling Evergrande

Blockchain4 days ago

Bitdefender Releases Tool To Decrypt Files Affected by REvil/Sodinokibi Ransomware

Trending