Prepare for the attack that will come
For Sure. Your [virtual study] [patient-centric study] [digital therapeutic] [connected medical device] [wearable] will be attacked.
Your [virtual study] [patient-centric study] [digital therapeutic] [connected medical device] [wearable] will be attacked.
No product, tech company or startup is too big or too small. Too rich or too poor to be attacked. The medical Internet of things is now a jungle.
Learn from Kaiji and Garmin. Remember hackers don’t care about ISO or FDA cyber.
The story of Kaiji — exploiting sloppiness.
A Chinese hacker has developed malware that was specifically built to infect Linux-based servers and smart Internet of Things (IoT) devices, and then abuse these systems to launch DDoS attacks. What makes it interesting is that the tooling was developed from scratch.
Named Kaiji, this new malware was spotted in May. It’s botnet is expanding quite nicely world-wide:
Kaiji executes brute-force attacks against IoT devices and Linux servers that have left their SSH port exposed on the Internet. It also requires root access.
So — here is are 2 simple security countermeasures to mitigate Kaiji
Port 5631 Any non-standard Port for ssh services that is not 22 will do
PermitRootLogin without-password — this will require a user to use public/private key
The story of Garmin — how not to handle an attack
Garmin’s long-running outage is a case study in how not to handle an IT meltdown and cybersecurity attack and may indicate a longer recovery than expected.
Garmin dealt with a ransomware attack that brought down numerous systems including Garmin Connect, the software that holds data on your runs, workouts, and activities as well as production systems and call centers. On Sunday morning, July 26, Garmin Fenix smartwatches couldn’t offer distance and GPS tracking on runs.
Garmin has a 19BN market cap but as they are supposed to report earnings tomorrow (Wednesday July 29) — it should be interesting to see how Wall Street responds. Previous experience with TJ Maxx and other big time data loss events showed that there is a short-term dip in the stock but it rebounds quickly. The reason for rebounds after cyber events is clear — there are so many of them. Garmin is a big and successful company and its customers are loyal.
Having said that — there is no excuse for a company Garmin’s size not to execute incident response properly.