Wait, the Healthcare Industry Still Uses CDs?

The healthcare industry is still using CDs

Many people have stopped using CD-ROMS, mostly because it’s a lot easier to either save it on a thumb drive or just save it to the cloud. Many people have become migrating to the cloud and it’s beneficial mostly because work can be done virtually anywhere with an internet connection. A lot of PCs and laptops do not come with CD drives anymore. Overall, it’s beginning to become obsolete. This means that if a place needs to view CDs they must purchase an external disc drive. Downloading and burning CDs is also time-consuming as well.

So why are some people still using CDs? If you work in the healthcare industry then you know that CDs are essential in the workplace. They are vital because radiologists must use these to store medical images. The reason that the healthcare industry must use CDs is that not all doctors use the same software. The only way these images can be viewed anywhere is with a CD-ROM. The downside to a thumb drive is some lack the space capacity for these images. Let’s open our minds and think of the future. In fact, the cloud is the future of the healthcare industry. Technology continues to evolve and so should we.

However, there is now a group dubbed Ditch the Disk*. They are all for heading to the cloud and trying to get rid of the use of CDs. Is it time to say goodbye to CD-ROMs? Let me know what you think below. Thanks for reading!

Follow CoreRecon on Twitter: https://twitter.com/CoreRecon

Facebook: https://www.facebook.com/CoreReconCyberSec

Instagram: http://instagram.com/corerecon

Creds to https://www.cnbc.com/2020/02/14/salesforce-cmo-ashwini-zenooz-urges-healthcare-to-move-on-from-cd-roms.html for bringing the movement to our attention.

*Find out more about Ditch the Disk at https://ditchthedisk.com/

Ransomware Hackers Continue to Evolve

A new hacking tactic has surfaced, and it is infecting PCs at an alarming rate. Ransomware “gangs” have begun using drivers to infect PCs. Currently, they are using GIGABYTE technology to infiltrate networks. GIGABYTE is a leading computer hardware company. They build motherboards, graphics cards, and more. Chances are you have a piece of GIGABYTE hardware in your PC right now. Unfortunately, instead of releasing a patch for the vulnerability within the software, GIGABYTE maintained that its products were unaffected.

The hackers are using GIGABYTE drivers to gain access to PCs and disable security products so their actions can remain hidden. With security products enabled, the hackers would not be able to access PCs as easily. 

A security company has recently released the method of the new tactic.**

  1. Ransomware gang gets a foothold on a victim’s network.
  2. Hackers install legitimate Gigabyte kernel driver GDRV.SYS.
  3. Hackers exploit a vulnerability in this legitimate driver to gain kernel access.
  4. Attackers use the kernel access to disable the Windows OS driver signature enforcement temporarily.
  5. Hackers install a malicious kernel driver named RBNL.SYS.
  6. Attackers use this driver to disable or stop antivirus and other security products running on an infected host.
  7. Hackers execute the RobbinHood* ransomware and encrypt the victim’s files.

Therefore, files are encrypted and inaccessible, this is a result of the hack. 

*RobbinHood is ransomware that currently does not have a public decryption key. Without the public decryption key, there are minimal ways that data restoration can occur unless the affected users pay for the attackers’ private key.

However, that does mean that our security experts are unable to crack it. In these perilous times with technological warfare, it is essential to get a security assessment. Contact CoreRecon to ensure that your network and your company remain safe during this dangerous time. Please don’t wait until it’s too late, call 3612483248 for more information on our cybersecurity services. 

Twitter: @Corerecon

Facebook: https://www.facebook.com/CoreReconCyberSec/

Instagram: https://www.instagram.com/corerecon/

**More information on new hacking tactic:

Cities and Governments Lax Cyber Security

On May 7th, 2019, the City of Baltimore’s IT infrastructure was compromised. Baltimore’s ability to send out water bills and in government employees did not have access to their email,

They are the second U.S. city to fall victim to a ransomware attack. The hackers demanded 13 bitcoin (USD 76,280) from the city to return their data. The city was vulnerable due to their IT practices. 

The tool reportedly used by hackers is called EternalBlue malware. Not all hacking tools will leave a digital footprint, but this one did.

The New York Times reports that ever since the N.S.A. lost control of their tool “it has been picked up by state hackers in North Korea, Russia, and China” (NY Times).

Their budget was not utilized to allocate money to fund cyber-attack insurance. The city’s system was restored May 20th, 2019. However, they are still recovering from the fallout. The estimated loss for Baltimore is USD 18.2 million.

On May 29th, 2019, Riviera Beach, Florida was the target of yet another ransomware attack. All the city’s data remained locked until they paid the ransom fee. The hackers demanded 65 bitcoin (USD 603,000). After deliberation, the city council elected to pay the ransom.

By paying the ransom, this allowed them to retrieve the lost data. Since they hadn’t backed up any of their data, they understood they couldn’t regain access to any of their past data without paying the ransom.

However, not only are local governments getting hacked but so are entire countries. On July 21st, 2019, over 5 million Bulgarian’s data became accessible to anyone on the internet. In 2006 a data breach occurred at the U.S. Department of Veterans Affairs; 26 million veterans had their data exploited.

All these attacks show the significance how important of cybersecurity is and how overlooking it will leave organizations vulnerable. create vulnerabilities. CyberCrime is rising, and if there are no mitigation strategies in place, your company is vulnerable to attack. 

So, the real question is, how does an organization recognize that their data is compromised? When this occurs, there is an alarming ransomware notice. They let you know what has happened and how much they demand to return your data. Overall, it can be extremely disastrous for large corporations, especially for a small business.

The hackers have no specific target when it comes to who they will attack. There have been many cities, universities, and even school districts compromised.

What can be done to stop this from occurring? CoreRecon will work on monitoring the environment and complete assessments. We want to keep organization data safe and make sure that your information remains protected.

Resources:         https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

CoreRecon
711 North Carancahua Street STE 300
Corpus Christi, TX 78401
Email:
info@nkv.747.myftpupload.com
Phone:
361.248.3258
Fax: 800.955.2596