At a glance.
- Virtual proctoring raises privacy concerns.
- Ransomware gang releases Nevada school district data.
- UHS falls prey to ransomware attack.
- Premera Blue Cross agrees to settlement in 2015 breach.
Virtual proctoring raises privacy concerns.
With the pandemic making online learning a necessity at many colleges and universities, remote test proctoring companies like ProctorU and Proctorio have stepped up to provide monitoring software to prevent cheating. The software captures student body language and head and eye movements and flags any activity deemed unusual, reports Marketplace. While the software can effectively catch students attempting to cheat, reporter Todd Feathers told Marketplace, the fairness of the proctoring is questionable, as software flaws can lead to students of color or those with learning disabilities being erroneously flagged. Some students at Cal State Fullerton in the US state of California feel the proctoring platforms are also overly intrusive, reports the Daily Titan, as it not only accesses a student’s camera, but can also shut down their browser or disable spellcheck or other software. Complicating matters further, according to a statement from Washington State University, ProctorU suffered a recent data breach that has students concerned about the security of the private information stored within the platform. And, of course, many students see the software as in itself intrusive.
Ransomware gang releases Nevada school district data.
After Clark County school district officials in the US state of Nevada refused to give in to a ransomware group’s demands, the operatives followed through on their threats and released sensitive student and employee data, reports the Wall Street Journal. According to a notice published on September 9, Clark County school district in Las Vegas suffered a ransomware attack late last month, mere days after starting online schooling. Many schools have been attacked since the pandemic forced much schooling online, leaving districts with a difficult dilemma: paying the ransom restores access to their systems and avoids exposure, but it also costs the district valuable funds and emboldens attackers.
Ryuk ransomware at Universal Health Services.
Fortune 500 healthcare provider Universal Health Services (UHS), with over 400 hospitals in the US and the UK, was hit by a ransomware attack early Sunday morning, reports TechCrunch, shutting down the company’s computer and telephone networks across several states. Evidence indicates that the ransomware Ryuk (associated with the Russian cybercrime group sometimes known as Wizard Spider) is at the center of the breach, reports Bleeping Computer, likely stemming from an email phishing attack that introduced the Emotet and Trickbot Trojans. The official statement from UHS’s Director of PR states that “no patient or employee data appears to have been accessed, copied or misused,” which supports a source’s claim that all patient records are handled by an external healthcare technology company. The affected hospitals transferred patients to nearby institutions for treatment.
Many outlets, Threatpost and WIRED among them, are drawing the obvious comparison between the UHS attack and the ransomware incident earlier this month in Düsseldorf that forced an ambulance diversion that cost a patient her life. There are no such lethal consequences of the UHS incident, so far at any rate, and reversion to manual systems appears to have enabled the hospitals to continue their operations, albeit in an impeded fashion. But the disruption is widespread and to say the least inconvenient. The Russian mob behind Ryuk is known for “big-game hunting,” that is, going after large corporations and other institutions with deep pockets. They've also proven themselves indifferent to public safety.
We heard from some security companies on the incident. Piyush Pandey, CEO at Appsian, commented on the incident.
"This unfortunate attack continues to highlight the damage phishing and ransomware have on healthcare organizations. They should be focused on providing quality care to patients, not combating cyber criminals. It is highly recommended that all healthcare organizations identify every application that possesses employee and patient data, so they can adopt a layered security model. Strategies that include stepped-up multifactor authentication for users attempting ‘high privilege’ activity, along with granular monitoring of data access and usage. These attacks will not stop as long as employee and patient data, that’s valuable to cybercriminals, resides in applications that lack the sophistication to offer proper protection.”
Saryu Nayyar, CEO, Gurucul also wrote with comments. She sees this sort of attack as a low-risk, high-payoff caper.
“The suspected ransomware attack against Universal Health Services is just another example of a high-profile cybercrime incident. While few details are available yet, the attack matches a pattern where criminals target high value organizations with little risk of prosecution. Worse, for every high-profile example like this, there are many more that are never reported in the press or, in fact, revealed at all.
“We have tools, such as behavioral analytics, that can identify an attack and mitigate it early in the cycle. But organizations still need to do better at protecting their assets, and governments across the world need to do more to prosecute and deter these cybercriminals.”
Premera Blue Cross agrees to settlement in 2015 breach.
The US Department of Health and Human Services says that health insurer Premera Blue Cross has agreed to pay a $6.85 million to settle "potential violations of Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach affecting over 10.4 million people." Premera disclosed the breach in March of 2015. Health and Human Services says the settlement is the second-largest ever reached in a HIPAA case.