Dry the tears: WannaCry stymied, North Korea hackers suspect. Is this a poke for a worse attack?

Breaking News This morning’s (Tuesday 16 May) news is about reputable security organizations–Kaspersky Lab and Symantec–connecting the dots that lead for now to a North Korea-linked hacking organization, the Lazarus Group. This group has been identified in previous hack attacks and is based upon WannaCry code appearing in Lazarus programs. US Homeland Security has admitted seeing the same similarities, but all are working to gain more information.

Lazarus has been previously identified as the source of the 2014 Sony attack and the theft of $81 million from the Bangladesh central bank, again linked to fundraising for North Korea for its missiles, army, EMP and nuclear arming while its terrorized people starve. However, this attack was a flop; according to US Homeland Security, about $70,000 was raised in ransom. The Homeland Security spokesman also distanced the NSA from the original information which targeted weaknesses in Microsoft’s systems.

According to reports, WannaCry disproportionately affected Russia, Taiwan, Ukraine and India, according to Czech security firm Avast. No US Federal government systems were affected. China on Monday reported that it attacked traffic police and school systems.

The Telegraph has posted a speculative list of 34 NHS organizations which suffered IT failure during the WannaCry attack. The article includes a map produced by MalwareTech that geographically spots the infection locations; the Boston to Washington corridor is a sea of blue dots. And…Marcus Hutchins has been identified as the young UK tech working for Kryptos Logic who redirected the attacks by buying a domain embedded in the WannaCry code. How it worked, according to PC World, is that if the malware can’t connect to the unregistered domain, it infects the system. By registering the domain and creating a page for the malware to connect to, he stopped the malware spread. (Video in Telegraph article)  Also FoxNews

But is this a prelude to more and worse? Is this testing our preparedness? If so, we’ve been found wanting on an enterprise level with vulnerable systems and administrators not updating their software and OS. George Avetisov, the CEO of HYPR, a biometric authentication company, in The Hill, summarized it neatly today: “We’ve also learned the hard way that, simply through a coordinated phishing attack on unsuspecting users, hackers can disrupt the day-to-day activities of enterprises that provide communications, travel, freight and healthcare administration simply by remotely deploying malware.” He then goes on to praise President Trump’s executive order (EO), “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” which he signed on Thursday–right before all this began. As if in confirmation…ShadowBrokers, the group that hacked the NSA files, today announced the availability of a subscription to a ‘members only data dump’ like a Wine of the Month Club. Watch out, banks and healthcare, it’s open season! NHS, better pay attention to another kind of hygiene–cyberhygiene. Without it, plans for patient apps and data sharing will go sideways–and deserved fodder for Dame Fiona [TTA 10 May]. The Hill  Earlier coverage here

Fast takes for Friday

Changes at Center for Connected Health, DecaWave’s chip, Happy Hackers  Healthcare.gov

Center for Connected Health executives to head Portuguese ‘body dynamics’ company in US. Associate Director Joseph Ternullo, who over the years was one of the key organizers of the Connected Health Symposium, is leaving Partners HealthCare/CCH after 17 years to lead the US subsidiary of Kinematix (formerly Tomorrow Options) located in Boston. This was announced by email to CCH contacts today. Kinematix in October raised $2.6 million in Series B funding from Portugal Ventures. Heading the US board is another Partners HealthCare alumnus, Jay Pieper, formerly CEO of Partners International Medical Services. Kinematix’s two products focus on sensor-based monitoring for foot health assessment and to prevent pressure sores and falls.  Release. Boston Business Journal….ScenSor senses you to 10 centimeters. A 6 x 6 mm chip (more…)

Pondering the squandering of taxpayer money on IT projects (US)

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2013/02/gimlet-eye.jpg” thumb_width=”150″ /]The Gimlet Eye has been in Observation Mode this week. But this handful of Dust-In-Eye necessitates a Benny Goodman-style Ray on another US governmental ‘fail’. When it comes to IT, the government admits…

Agencies Have Spent Billions on Failed and Poorly Performing Investments

Exhibit #1: FierceHealthIT summarizes five big ones out of a 51-page Government Accountability Office (GAO) report focusing on the inefficiency of agency IT initiatives–just in healthcare.

  1. Veterans Affairs (VA) VistA EHR system transitioning to a new architecture: terminated October 2010 at a cost of $1.9 billion
  2. VA-Department of Defense (DOD) iEHR integration: as previously written about, it collapsed under its own weight for another $1 billion [TTA 8 March]
  3. DoD-VA’s Federal Health Care Center (FHCC). Opened in 2010 as a joint facility under a single authority line, but somehow none of the IT capabilities were up and running when the doors opened. ‘Jake, it’s ChiTown.’ Only $122 million.

  4. DoD’s own EHR, AHLTA (no VistA–that’s VA’s) still doesn’t work right; speed, usability and availability all problematic. A mere $2 billion over 13 years.
  5. VA’s outpatient system is 25 years old. Modernization failed after $127 million over 9 years before the plug was pulled in September 2009

You’ll need Iron Eyes to slog through the detail, but it is a remarkable and damning document. PDF (link)

but…there’s more. Excruciating, hair-hurting, and would be amusing if not so painfully, and expensively, inept. Malware Removal Gone Wild at Commerce(more…)