This blog is totally independent, unpaid and has only three major objectives.
The first is to inform readers of news and happenings in the e-Health domain, both here in Australia and world-wide.
The second is to provide commentary on e-Health in Australia and to foster improvement where I can.
The third is to encourage discussion of the matters raised in the blog so hopefully readers can get a balanced view of what is really happening and what successes are being achieved.
Quote Of The Year
Quote Of The Year - Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"
Friday, January 12, 2018
It’s Worth Keeping These Threats At The Front Of Mind! They Seem To Be Ever Present.
Hackers are constantly finding new targets and refining the tools they use to break through cyberdefenses. The following are some significant threats to look out for this year.
More huge data breaches
The cyberattack on the Equifax credit reporting agency in 2017, which led to the theft of Social Security numbers, birth dates, and other data on almost half the U.S. population, was a stark reminder that hackers are thinking big when it comes to targets. Other companies that hold lots of sensitive information will be in their sights in 2018. Marc Goodman, a security expert and the author of Future Crimes, thinks data brokers who hold information about things such as people’s personal Web browsing habits will be especially popular targets. “These companies are unregulated, and when one leaks, all hell will break loose,” he says.
Ransomware in the cloud
The past 12 months have seen a plague of ransomware attacks, with targets including Britain’s National Health Service, San Francisco’s light-rail network, and big companies such as FedEx. Ransomware is a relatively simple form of malware that breaches defenses and locks down computer files using strong encryption. Hackers then demand money in exchange for digital keys to unlock the data. Victims will often pay, especially if the material encrypted hasn’t been backed up.
Some politicians want to make it legal for individuals and companies in America to pursue digital assailants.
That’s made ransomware popular with criminal hackers, who often demand payment in hard-to-trace cryptocurrencies. Some particularly vicious strains, such as WannaCry, have compromised hundreds of thousands of computers (see “The WannaCry Ransomware Attack Could’ve Been a Lot Worse”). One big target in 2018 will be cloud computing businesses, which house mountains of data for companies. Some also run consumer services such as e-mail and photo libraries. The biggest cloud operators, like Google, Amazon, and IBM, have hired some of the brightest minds in digital security, so they won’t be easy to crack. But smaller companies are likely to be more vulnerable, and even a modest breach could lead to a big payday for the hackers involved.
The weaponization of AI
This year will see the emergence of an AI-driven arms race. Security firms and researchers have been using machine-learning models, neural networks, and other AI technologies for a while to better anticipate attacks, and to spot ones already under way. It’s highly likely that hackers are adopting the same technology to strike back. “AI unfortunately gives attackers the tools to get a much greater return on their investment,” explains Steve Grobman, chief technology officer at McAfee.
An example is spear phishing, which uses carefully targeted digital messages to trick people into installing malware or sharing sensitive data. Machine-learning models can now match humans at the art of crafting convincing fake messages, and they can churn out far more of them without tiring. Hackers will take advantage of this to drive more phishing attacks. They’re also likely to use AI to help design malware that’s even better at fooling “sandboxes,” or security programs that try to spot rogue code before it is deployed in companies' systems.
More here including the other three major threats: