research
Kaspersky NEXT event wrapped up recently, but with it came some interesting developments, including hospital hackers, where human augmentation will take humanity and the return of Cerberus.
Augmentation is both a threat and an opportunity
Despite the headline, a round-table discussion between four of the industry’s most informed analysts could not yield a definitive consensus as to whether human augmentation is more of a threat or an opportunity.
The discussion opened with David Jacoby and Marco Preuss from Kaspersky looking at threats and fears of the technology, especially around hacking and implants and identity as well as the fears around an ‘access gap’ between the rich and poor. However, American transhumanist, Zoltan Istvan and Australian philosopher, Julian Savulescu tended to veer towards a brighter outlook, with both saying that it will be better for humanity in the long-run if we get on-board with augmentation – both also pointed out that, historically, holding back or crippling technology over fear has always ended badly, so we have to look forwards.
However, whilst there was difference of opinion on what the future could look like, and whether augmentation is a threat, all the guests unanimously agreed that augmentation for people with disabilities is a game-changer and can only be a good thing.
We can’t let augmentation be another IoT
One major concern for all speakers was that of security – and that we should look to learn from the ‘Internet Of Things’, where security was an after-thought. Both David and Marco agreed that, if we’re thoughtful enough and move in the right way, security can be baked into the technology from an early stage, therefore eliminating the mess made in the Internet Of Things.
It’s also worth adding that IoT and augmentation are two different beasts: the Internet of things are physical devices, cameras, cars, etc., whilst augmentation requires devices placed inside humans, so most likely security regulation will be inevitable.
Cerberus is very much alive
Moving away from human augmentation, the event took a look at Cerberus malware, with Kaspersky researchers seeing a spike in mobile application infections attempting to steal money from consumers in Russia and Europe. What’s striking is that the Android malware was thought dead last year.
Dmitry Galov from Kaspersky was on hand during this session to dissect its reincarnation, while alerting mobile banking users to protective actions. The malware’s two-factor authentication grabbing feature and remote access tool (RAT) functionality enables the now-free malware to steal and send SMS codes, open tailored overlays for online banking applications, and to even access customer credit card and contact details, amid a host of evolved capabilities.
Hospitals aren’t immune to cyberattacks
What 2020 and COVID-19 have demonstrated is that some sectors and some enterprises are more vulnerable to cyberattacks than others. In March alone, towards the beginning of the pandemic, Kaspersky witnessed a 30,000% increase in phishing, malicious websites and malware, as evidence that cybercriminals saw lockdown as a prime opportunity. But surely not healthcare?
Wrong. Echoing the 2017 NHS Wannacry attack, attempts to breach Brno University Hospital in the Czech Republic and even the World Health Organisation soon after, put the sector on high alert.
However, as explained by Cyber Volunteers 19 co-founder, Lisa Forte, the threat of attacks has shone light on a concerning trend within the healthcare industry. With some hospitals comprising only two-strong IT teams, and some doctors even sharing – and losing – patient data from home, a lack of funding, manpower and education have all been brought to the fore.
Good overcomes evil: the information security community unites
Ending on a truly inspirational note, Lisa Forte talked about the Cyber Volunteers 19 initiative, which showed the positive side of information security expertise. Rallying thousands of volunteers to the cause of protecting and advising Europe’s medical institutions, Lisa explained to Kaspersky’s Yury Namestnikov both why and how CV19 intervened.
A multilingual, pan-European report has already been distributed across Europe; an awareness campaign is currently being promoted by nations’ independent Computer Emergency Response Teams (CERTs); and sister movements in Australia, Dubai, Brazil and the US have also mobilised. Compounded by the upcoming film, hacker:HUNTER H(ack)cine, which previewed at NEXT, the healthcare sector is coming to terms with its cybersecurity shortcomings, and is in good hands as it looks to safeguard more appropriately in the future.
Tips