To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Why a stolen healthcare record is harder to track than you might think, Security pros name their must have tools & blame as a service, the new Cybersecurity hot product.

Plus great questions, a huge Round Up & much, much more!

Thanks to:













Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

— Show Notes: —

“When your credit card gets stolen because a merchant you did business with got hacked, it’s often quite easy for investigators to figure out which company was victimized. The process of divining the provenance of stolen healthcare records, however, is far trickier because these records typically are processed or handled by a gauntlet of third party firms, most of which have no direct relationship with the patient or customer ultimately harmed by the breach.”

“I was reminded of this last month, after receiving a tip from a source at a cyber intelligence firm based in California who asked to remain anonymous. My source had discovered a seller on the darknet marketplace AlphaBay who was posting stolen healthcare data into a subsection of the market called “Random DB ripoffs,”

“Eventually, this same fraudster leaked a large text file titled, “Tenet Health Hilton Medical Center,” which contained the name, address, Social Security number and other sensitive information on dozens of physicians across the country.”

“Contacted by KrebsOnSecurity, Tenet Health officials said the data was not stolen from its databases, but rather from a company called InCompass Healthcare. Turns out, InCompass disclosed a breach in August 2014, which reportedly occurred after a subcontractor of one of the company’s service providers failed to secure a computer server containing account information. The affected company was 24 ON Physicians, an affiliate of InCompass Healthcare.”

“The breach affected approximately 10,000 patients treated at 29 facilities throughout the U.S. and approximately 40 employed physicians,” wrote Rebecca Kirkham, a spokeswoman for InCompass.

So who was the subcontractor that leaked the data? According to PHIprivacy.net (and now confirmed by InCompass), the subcontractor responsible was PST Services, a McKesson subsidiary providing medical billing services, which left more than 10,000 patients’ information exposed via Google search for over four months.

Think about that for a minute. The information must have just been laying around on their website for it to be able to be found by Google search

“Still, not all breaches involving health information are difficult to backtrack to the source. In September 2014, I discovered a fraudster on the now-defunct Evolution Market dark web community who was selling life insurance records for less than $7 apiece. That breach was fairly easily tied back to Torchmark Corp., an insurance holding company based in Texas; the name of the company’s subsidiary was plastered all over stolen records listing applicants’ medical histories.”

“Health records are huge targets for fraudsters because they typically contain all of the information thieves would need to conduct mischief in the victim’s name — from fraudulently opening new lines of credit to filing phony tax refund requests with the Internal Revenue Service. Last year, a great many physicians in multiple states came forward to say they’d been apparently targeted by tax refund fraudsters, but could not figure out the source of the leaked data. Chances are, the scammers stole it from hacked medical providers like PST Services and others.”

As we have previously discussed, a stolen credit card may be worth a few dollars, even high end corporate cards rarely fetch more than $10 or $15 each. Health care records are worth upwards of $100 each.

“Sensitive stolen data posted to cybercrime forums can rapidly spread to miscreants and ne’er-do-wells around the globe. In an experiment conducted earlier this month, security firm Bitglass synthesized 1,568 fake names, Social Security numbers, credit card numbers, addresses and phone numbers that were saved in an Excel spreadsheet. The spreadsheet was then transmitted through the company’s proxy, which automatically watermarked the file. The researchers set it up so that each time the file was opened, the persistent watermark (which Bitglass says survives copy, paste and other file manipulations), “called home” to record view information such as IP address, geographic location and device type.”

“The company posted the spreadsheet of manufactured identities anonymously to cyber-crime marketplaces on the Dark Web. The result was that in less than two weeks, the file had traveled to 22 countries on five continents, was accessed more than 1,100 times. “Additionally, time, location, and IP address analysis uncovered a high rate of activity amongst two groups of similar viewers, indicating the possibility of two cyber crime syndicates, one operating within Nigeria and the other in Russia,” the report concluded.“

Network World asked some “security pros” from around the industry to name their must have tools

Lawyers Without Borders uses Intralinks VIA to securely share files

Yell.com (a yellow pages site) uses Distil Networks’ bot detection and mitigation service to prevent content theft and avoid excess load from web scraper bots

SureScripts.com (online perscription service) uses Invincea FreeSpace Enterprise for endpoint security. “stops advanced end user attacks (spear phishing, drive-by downloads, etc.) via containment, and stops our machines from getting infected

a biotechnology company uses EMC Syncplicity to secure and distribute content to mobile devices. “It is an amazing mobile app that offers a great user experience and also offers the security and control we need as a therapeutics company with lots of sensitive information”

A private health insurance software application provider uses Forum Sentry API gateway to protect its API from malactors. “Forum Sentry enabled us to securely expose our APIs to our private health insurance funds, third parties and internal clients and has provided a policy-based platform that is easy to maintain and extend – all while reducing development time and resources”

Firehouse Subs, a large restaurant chain uses Netsurion’s Managed PCI to manage their Payment Card Industry Data Security Standard compliance. “Netsurion simplifies PCI for myself, and our franchisees, allowing us to maintain focus on other portions of our business” A software vendor that makes heavy uses of Software as a Service (SaaS) relies on Adallom for SaaS to monitor, provides visibility into, and protection of SaaS applications. Iowa Vocational Rehabilitation Services, raved about the configurability and reliability of NCP’s enterprise VPN solution

I am sorry, when I started writing this news item for TechSNAP, I thought the list was going to be useful

These were not the kinds of tools I was expecting

Instead it just shows a random reporter who knows nothing about Cyber Security, asking a bunch of random businesses who know nothing about Cyber Security and just buy magic software and services what they think

If your approach to cyber security is: buy some magic software, then you’re in trouble

Cyber Security is a mindset, and requires defense in depth. It is about doing as much as can be done, and more importantly, planning for when that turns out to not be enough.

What you really need is a cyber security disaster kit, like the one you have in your house in the event of a nature disaster. All of the things you need to survive until the mess is cleaned up.

What companies really need, is to do cyber security fire drills, and have better fire alarms

Software can’t solve everything, but it can help automate the task of getting the attention of a human at the right time

Intel has announced its new E7-8800 and E7-4800 line of processors, featuring:

20% more cores/threads

20% more Last-Level Cache

Benchmarks show actual 15-20% gains over the E7-4890 v2

Support for DDR3 or DDR4 memory (not at the same time). “Support for the two differing memory types comes by way of Intel’s C112 and C114 scalable memory buffers.”

1.5 TB of ram per socket, quad channel, 102 GB/s memory bandwidth

This means a 4 socket motherboard can have 6TB of ram, and an 8 socket board can have 12TB of ram

32 PCI-E 3.0 lanes per socket

The highest end versions also feature QPI links at 9.6 GT/s (the previous maximum was 8.0 GT/s)

E7-4xxx models are designed for 4 socket motherboards, while the E7-8xxx models are for 8 socket motherboards

Models include: E7-4809 v3 – 8x 2.00 GHz + HT, 20MB LLC E7-4820 v3 – 10x 1.90 GHz + HT, 25MB LLC E7-4830 v3 – 12x 2.10 GHz (Turbo: 2.70 GHz) + HT, 30MB LLC E7-4850 v3 – 14x 2.20 GHz (Turbo: 2.80 GHz) + HT, 35MB LLC E7-8860 v3 – 16x 2.20 GHz (Turbo: 3.20 GHz) + HT, 40MB LLC E7-8880 v3 – 18x 2.30 GHz (Turbo: 3.10 GHz) + HT, 45MB LLC E7-8890 v3 – 18x 2.50 GHz (Turbo: 3.30 GHz) + HT, 45MB LLC E7-8891 v3 – 10x 2.80 GHz (Turbo: 3.50 GHz) + HT, 45MB LLC E7-8893 v3 – 4x 3.20 GHz (Turbo: 3.50 GHz) + HT, 45MB LLC

“Want!”

Feedback:

Round Up: