27,482 Cyber Security Incidents Reported in H1 2017
Over 27,000 cyber security incidents were reported in the first six months of this year to Indian Computer Emergency Response Team (CERT-In), Parliament was informed today. These incidents include phishing, website intrusions and defacements as well as ransomware attacks. The government has also formulated Crisis Management Plan for countering cyberattacks and cyber-terrorism for implementation by all ministries/departments of Central government, state government and their organisations and critical sectors.
Besides, cyber security mock drills are being conducted regularly to enable assessment of cyber security posture and preparedness of organisations in the government and critical sectors, including corporate sector. The minister said 15 such drills have so far been conducted by CERT-In, where 148 organisations from different states and sectors such as finance, defence, power, telecom, transport, energy, space, IT/ITeS etc participated. (Read More)
“Scary” number of Healthcare IT Execs put Faith in Inadequate IoT Security
More than 70 percent of healthcare IT decision makers (ITDMs) believe that traditional security products can secure IoT-Connected medical devices. That’s according to a survey of 200 healthcare ITDMs by IT security company Zingbox, fielded earlier this month.
The survey found that more than 90 percent of healthcare IT networks have IoT devices – such as infusion pumps or glucometers – connected to them.
The large majority of the IT decision makers surveyed believe that the same products used to secure laptops and servers are sufficient to secure IoT-connected medical devices. They also believe that the same technologies can detect irregularities in network traffic. In addition, 76 percent of healthcare ITDMs said they were confident or very confident that all devices connected to their network are protected. (Read More)
Bad Code Library Triggers Devil’s Ivy Vulnerability in Millions of IoT Devices
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attackers to remotely gain control over devices or crash them.
The vulnerability, dubbed Devil’s Ivy, was identified by researchers at Scenario, who singled out high-end security cameras manufactured by Axis Communications. Scenario said 249 models of 251 Axis cameras are vulnerable to unauthenticated remote attackers who can intercept a video feed, reboot cameras, or pause a video feed while conducting a crime.Researchers said Axis Communications isn’t alone, reporting 34 companies use the same underlying flawed software; including Microsoft, IBM, Xerox and Adobe. Those companies are part of the ONVIF Forum, an unofficial international consortium of hardware vendors. (Read More)