Hacks that hurt

We’re used to vulnerabilities in data systems leading to massive personal data breaches (cool visualization of those here.) But there’s an even darker side to hacking that can put peoples’ lives directly at risk. We’re talking medical device hacks. Two “white-hat” (good) hackers identified vulnerabilities in pacemakers and insulin pumps which “black-hat” (bad) hackers could use to injure patients. One scenario put forth is a pacemaker being manipulated to deliver too many or too few electric shocks, which obviously could lead to negative patient outcomes. The researchers shared their findings with the device manufacturer and relevant regulatory bodies, but they say these authorities are playing down the risks. They apparently considered bringing in a pig they could kill with an app to make their point, so we should probably take them seriously.

Please say you’re joking…please

Apologies to Luke Bryan (or maybe Luke Bryan should apologize to us?), but after you read this you’ll be less likely to think that “Most People Are Good.” Accenture recently released survey results from 912 employees of provider and payer organizations in the US and Canada. They found 18% of respondents would be willing to sell confidential data to unauthorized parties for as little as $500 to $1,000. What the…? Remember, these are employees of provider and payer organizations. 21% said they keep their user name and password written down next to their computer. C’mon Man. It gets worse when we move from hypothetical to reality where “24% of respondents said they know of someone in their organization who has sold their credentials or access to an unauthorized outsider.” To the 18% – “you’re just a bad person, all the way through to your core.”

NHS may wanna cry about this one

A huge cyberattack hit dozens of countries over the past week. British National Health Services were hit particularly hard, leaving healthcare workers without patient data, which forced hospitals to cancel procedures. The attack used “ransomware” to get into computers, encrypt data, and then forced people to pay up in untraceable currency before giving the files back. Basically, imagine someone breaking into your office, putting a lock on your file cabinet, and refusing to give you the key until you leave money next to the stump in that seedy park you never see any kids at during the day. The attack is still ongoing, but if you’ve updated your Windows system past XP (which NHS hadn’t,) you’re probably fine.