Transcript
Jim Love (0:00)
This week our programs are brought to you by the book A Tale of Quantum Kisses. Pre release of my new book will be available on Amazon and Kindle early this week with full release starting on Friday, December 13th. Yeah, if you're interested, I'll post more info through the week and if you place a pre release order and want an early review copy, contact me at editorialechnewsday,ca or LisaBook. And now back to our regularly scheduled programming a UK hospital group goes manual after a cybersecurity incident AI chatbot startup WhatNot exposes 300,000 records online attackers use corrupted Word documents in a phishing attack what's reported as the largest piracy network was dismantled in a major European operation. This is Cybersecurity Today. I'm your host Jim Love. Wirral University teaching hospital in northwest England has declared a major incident due to cybersecurity reasons, leading to the cancellation of all outpatient appointments and a call for the public to only use its emergency department for genuine emergencies. The trust, which oversees multiple hospitals including Aeropark, Clatterbridge and Wirral Women and Children's Hospital, announced the disruption on November 25. In a statement, a spokesperson confirmed business continuity processes are in place and our priority remains ensuring patient safety. While the exact nature of the cybersecurity issue hasn't been disclosed, the Trust confirmed on November 27 that it had detected suspicious activity on its network and isolated its systems to prevent further impact. Staff are now operating manually using paper based processes, with hospital staff describing the situation as really difficult due to the reliance on digital systems for records and results. Patients have been advised to attend scheduled appointments unless contacted otherwise, but longer waiting times are expected in emergency and assessment areas. The incident follows several high profile cyberattacks on NNHS hospitals in 2024. Earlier in the year, a ransomware attack on pathology provider Synovus disrupted services in London, while Scottish NHS trust Dumfries and Galloway saw patient data accessed and published after a similar attack in March. Healthcare systems are increasingly targeted by cybercriminals for the sensitive data they hold and their critical role in patient care. We've seen this play out numerous times in the US and Canada. The Trust says they are collaborating with national cybersecurity experts to restore services and while no timeline has been provided, the trust reassured patients that it is working to return normal operations as soon as possible. We checked their site Sunday evening as we recorded this and there were no changes to their situation posted on the website. This is just another in a growing crisis in cybersecurity and healthcare where disruptions can have life threatening consequences. AI AI Chatbot startup Whatnot is facing scrutiny after misconfigured Google Cloud storage buckets exposed over 300,000 sensitive files online. Researchers discovered the unprotected data, which included passports, medical records, CVs and other personally identifiable information. The unprotected storage bucket contained 346,000 files and was accessible to anyone without authorization. Despite initial disclosure notifications sent to Whatnot, the data remained exposed for over two months before being secured. And this is not some isolated little Startup whatnot provides AI powered chatbots to 3,000 businesses across industries such as insurance, finance and healthcare. High profile clients include the University of California, Chenening and Amneal Pharmaceuticals. These chatbots are designed to collect identifying information from users, making such data leaks particularly damaging. This incident underscores the risks of outsourcing critical services, especially in AI, to third party vendors. AI systems, which often process interconnected and sensitive data, require robust vetting and cybersecurity assessments. Without these measures, businesses risk exposing customer information through vulnerabilities in their supply chain. The Whatnot leak serves as a stark reminder that just because a supplier is cutting edge in AI, they may not also have equal leadership in cybersecurity. And as an aside, I was asked to evaluate courses for a university program and one of my major comments was have security woven into each and every course. You cannot paste on cybersecurity after AI software is developed, A newly discovered phishing campaign is leveraging corrupted Microsoft Word documents to bypass security software and trick users into revealing their credentials. The campaign uncovered by cybersecurity firm Any Run, targets employees with emails mimicking payroll and HR communications, attaching intentionally corrupted word files. The corrupted files evade detection by email security systems because they lack malicious code and appear as damaged documents. Upon opening word prompts the user to recover the unreadable content. Once recovered, the document displays a message instructing users to scan a QR code to retrieve additional information. The QR code directs victims to a phishing website impersonating a Microsoft login page designed to steal user credentials. Some of these documents have been branded with logos of targeted organizations, adding an extra layer of deception. This technique exploits a gap in traditional antivirus and email security systems. When tested on VirusTotal, most files in this campaign were flagged as clean or item not found as they did not contain executable malware. The absence of malicious code allows these documents to evade detection, making the attack more effective. This novel tactic demonstrates the evolving creativity of cyber criminals in bypassing security measures. Keeps us all on our toes Law enforcement agencies across 10 countries have dismantled what is believed to be the world's largest piracy network in a sweeping operation known as Operation taken down. The two year investigation culminated in over 100 raids, the seizure of 1.65 million euros in cryptocurrency and the arrest of 11 individuals. The network allegedly provided pirated movies, TV shows and live sports streams to over 22 million users across Europe, generating illegal revenue of more than 250 million euros per month. Police conducted raids in the UK, Bulgaria, Croatia, France, Germany, Italy, the Netherlands, Sweden, Switzerland and Romania. The operation, supported by the Audiovisual Anti Piracy alliance, resulted in the seizure of 29 servers, hundreds of streaming devices and the takedown of around 100 websites and domains hosting illegal streams. A further 102 individuals are under investigation. Mark Mulready, co president of AAPA, praised the collaboration with law enforcement, stating, the scale of these multi jurisdictional law enforcement actions highlights the considerable challenge our industry faces when dealing with such sophisticated international piracy networks. And I'm sure that everyone is committed to protection of intellectual property, but if you're that rare person who might be saying, eh, we should remind everyone that pirated materials are a huge distributor of malware and other cyber threats. And as Europol's investigation revealed, this piracy operation extended beyond copyright infringement to include money laundering and yes, cybercrime. The successful operation demonstrates a united effort to combat piracy and protect legitimate digital media platforms, while also warning consumers about the dangers of using illegal streaming services. Sometimes the good guys win. And that's our show for today. You can find links to reports and other details in our show notes@technewsday.com we welcome your comments, tips and the occasional bit of construction constructive criticism at editorialechnewsday ca I'm your host Jim Love. Thanks for listening.