Cybersecurity Breaches & Solutions | April 13th, 2022
Medical robots threatened and state-backed DDoS attacks
Finnish government faces slew of DDoS attacks
In today’s geopolitical environment, it’s not uncommon for a government to face severe cyber attacks. Many attempts to inflict mutual damage are made in cyber warfare between sovereign states, and DDoS attacks are becoming an effective instrument for accomplishing this goal.
This is what happened last week, when several of the Finnish government’s websites were under a vicious DDoS attack, apropos the ongoing conflict and cyber warfare between Ukraine and Russia. While the attackers’ identities are assumed to be from one of the conflict’s sides, there is a security lesson for all sides to take from this.
Governments are especially susceptible to state-sponsored cyber attacks. Distributed denial-of-service (DDoS) is an easy tool to use to hurt the availability of government systems, and it becomes a method to deter governments from executing actions against foreign entities.
HUB Security developed a unique DDoS testing platform — D.Storm — designed to check and refine customers’ DDoS protection controls. The unique aspect of the HUB DDoS solution is the ability to run custom DDoS attacks that are unique and tailored for each customer.
Tools such as this that help to bolster up the defenses of organizations and states are becoming crucial nowadays, and in the foreseeable future, we’re probably to see more of these services coming into play.
Attackers can remotely manipulate medical robots with this critical vulnerability
The advantages of deploying robots in healthcare institutions are well-known and well-understood throughout the world. The ability to use them can aid in obtaining high levels of efficiency when it comes to providing healthcare services.
However, if these robots become a security risk, it might become an issue. Researchers recently found a security weakness in Tug robots, which are used in healthcare facilities all around the world. These robots have access to user passwords, medical records, facility entrances and elevators, surveillance systems, and so on.
If exploited by malicious actors, these vulnerabilities would allow remote control of a vast number of medical machines. The potential damage is enormous, demonstrating how hazardous internet connectivity can be when done in an insecure manner.
This incident teaches us a very important point. It proves that the concept of perimeter security is not good enough to protect critical systems, since the attacker will always attack the least secure systems (in this case, the elevator applications). Then, they could use the vulnerable application to attack the more sensitive systems, bypassing the perimeter security controls.
Zero-trust architecture recommends creating secure implicit trust zones, which will protect each zone separately. HUB’s cybersecurity solutions treat each server as an implicit trust zone and provide a holistic variety of security controls that isolate it from hackers. The unique technology of a secure execution environment is protected by a separate isolated secure execution environment, implementing the concept of cyber digital twins.
