Windows TCO Stories
-
Silicon Angle ☛ Major cyberattack causes chaos at London's NHS hospitals
At some hospitals, procedures had to be canceled or were redirected to other NHS providers as the hospitals attempted to understand what kind of work could still be carried out safely. A 70-year-old patient whose operation was canceled told the BBC that “many patients were being told to go home and wait for a new date.” Emergency care wasn’t interrupted, although in another case, a baby’s kidney transplant was canceled.
“This has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services,” Synnovis said in a statement. “This is a harsh reminder that this sort of attack can happen to anyone at any time and that, dispiritingly, the individuals behind it have no scruples about who their actions might affect.”
-
Security Week ☛ Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics
Mandiant has published new threat research based on an analysis of the Tactics, Techniques, and Procedures (TTPs) used by ransomware actors and observed by the security firm throughout 2023.
-
Security Week ☛ London Hospitals Cancel Operations and Appointments After Being Hit in Ransomware Attack
Several London hospitals said Tuesday that they had to cancel operations and send patients away because of a cyberattack on a company that supplies pathology laboratory services.
The firm, Synnovis, said it had been hit with a ransomware attack. Chief Executive Mark Dollar said the attack “has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services.”
-
Security Week ☛ Ransomware Gang Leaks Data From Australian Mining Company
Australian rare-earth metals producer Northern Minerals on Tuesday announced that it fell victim to a data breach after a ransomware group published information allegedly stolen from the mining company.
-
Scoop News Group ☛ AI fuels rise in attacks from ‘unsophisticated threat actors,’ federal cyber leaders say
Treasury’s in a similarly collaborative mode at the moment, fresh off its launch last month of Project Fortress, a public-private partnership aimed at protecting the financial sector from cyber threats. Nur said the agency has been active in onboarding companies and organizations to the group, ensuring that participating financial institutions have access to top tools and are practicing good cyber hygiene before truly “aggressive AI attacks” become the norm.
-
The Local DK ☛ Denmark raises cyber threat warning level
Defence Minister Troels Lund Poulsen and the head of the Centre for Cyber Security (CFCS), Thomas Flarup, told media at a briefing that the threat level was raised from “low” to “medium”.
-
Deutsche Welle ☛ Mannheim knife attack: Authorities suspect Islamist motive
German authorities say they believe there was an Islamist motive behind a knife attack at an anti-Islam rally in the southwestern German city of Mannheim on Friday during which a police officer was killed.
The federal prosecutor, Germany's highest prosecuting authority with responsibility for terrorism, espionage and international criminal law, is taking on the case due to its "particular importance," a spokeswoman said.
-
The Register UK ☛ Pentagon 'doubling down' on Microsoft despite security woes
The Pentagon is "doubling down" on its investment in Microsoft products despite the serious failings at the IT giant that put America's national security at risk, say two US senators.
In a May 29 letter to Department of Defense CIO John Sherman, US Senators Ron Wyden (D-OR) and Eric Schmitt (R-MO) noted their "serious concern."
-
The Register UK ☛ [Letter to US Department of Defense] [PDF]
The risks associated with the government’s dependence on Microsoft were evident when a hacking group associated with the Chinese government known as Storm-0558 successfully compromised 22 enterprise organizations and over 500 individuals globally due to what the Cyber Safety Review Board (CSRB) described as “a cascade of failures” by Microsoft. According to press reports, in May 2023, Storm-0558 successfully exploited vulnerabilities across email systems used by the U.S. State Department, U.S. Department of Commerce, and the U.S. House of Representatives. Those same press reports reveal that hackers accessed thousands of sensitive emails by high-level officials, including the Secretary of Commerce and high-ranking officials at the Department of State among others.
Moreover, DoD’s further push towards software monoculture exposes our national security apparatus to avoidable risks. DoD should embrace an alternate approach, expanding its use of open source software and software from other vendors, that reduces risk-concentration to limit the blast area when our adversaries discover an exploitable security flaw in Microsoft’s, or another company’s software. The CSRB report released in April 2024 only reinforces this point.