IoT
One more reason not to do IT.
Attackers have popped three prominent US hospitals, using deliberately ancient malware so old that it slips under the radar of modern security controls to compromise Windows XP boxes and gain network beacheads. The attacks were foiled using deceptive honeypot-style frameworks, according to California-based TrapX. Hospitals …
You mean the X-ray machines?
Seriously, would not be surprised if infections rode in on imaging software updates. I have seen some shit. Medical software companies are complacent... ancient proprietary software that barely works on XP, but hospitals keep paying for it... pretty nice racket.
It is only going to get worse until people start being more proactive and realizing all the actual threats that are out there. From a white paper:
"Embedded devices such as industrial computers, POS (point of sale) machines, ATM
(automatic teller machines), physical security alarm systems, building automation
controllers, environmental controllers for heating and air conditioning (HVAC) systems,
and printers are often overlooked when it comes to cyber security. These devices do not
operate on a common mature operating system like Microsoft Windows, and each
manufacturer tends to use their own set of security features within these devices, if any
are applied at all. Most IT and Security departments focus most of their time and
resources in maintaining security levels for the corporate network devices and
computers, and solutions to protect embedded devices such as printers and industrial
HVAC controllers are a low priority, if not a nuisance."
Food for thought!
Karen Bannan for IDG and HP