DDoS Attacks Target Major U.S. Airports

Some major U.S. airports’ websites were inaccessible early on Monday, October 10, 2022, due to a coordinated denial-of-service assault orchestrated by professional hackers. However, officials said flights were unaffected.

The assaults, in which participants bombard sites with garbage data, were planned by a mysterious organization named Killnet. The group posted a target list on its Telegram channel the day before the attacks.

Even though DDoS attacks are highly visible and meant to have the most psychological impact possible, they are mostly a nuisance. This differs from hacking, which involves breaking into networks and can cause severe damage.

John Hultquist, vice president of intelligence analysis at Mandiant, tweeted on Monday that both the state government and airport assaults “are what we make of them,” describing the DDoS impact as superficial, brief, but highly noticeable. However, the post added that he is concerned that we may be entering a new phase of increased targeting in the U.S. that might include more severe incidents.

Hultquist also stated, “These are not the serious impacts that have kept us awake.” Most of the time, these attacks show that webmasters aren’t doing enough to protect their sites, which now includes using a DDoS protection service.

The Los Angeles International Airport has issued a statement saying that flylax.com had some difficulties early this morning. However, the outage was restricted to their website alone, and no internal airport systems were affected. LAX added that it had contacted the Transportation Security Administration and the FBI.

The Atlanta International Airport said that following the DDoS assault, its atl.com website is back operational and that airport operations were never affected.

According to a CISA spokesperson, the agency is aware of reports of DDoS assaults targeting numerous U.S. airport websites and is coordinating with possibly impacted entities and giving help as needed.

One hour before the first airport, Chicago O’Hare, was hit, Killnet announced the assaults on the airports via the Killnet Telegram account at 6:50 a.m. EST.

DDoS attacks are mostly a nuisance but can be disruptive. A group or organization usually carries them out, and target websites are chosen ahead of time. Unfortunately, the U.S. is not the only country to fall victim to these attacks, as they have been happening worldwide. While most of the time, these attacks are not severe, it is essential to be aware of them and take steps to protect websites from being attacked.

 

Cybersecurity Attack Hits U.S. Healthcare System

On October 4th, 2022 a cybersecurity incident has disrupted CommonSpirit Hospitals. With more than 150,000 employees, 20,000 physicians, and serving 21 million patients, CommonSpirit Hospitals is the second-largest nonprofit hospital system in the nation. In 21 states, CommonSpirit operates more than 1,000 care sites and 140 hospitals.

CommonSpirit Hospitals announced it is investigating an “IT security issue.” While the full extent of the attack is unknown, it has already caused significant disruptions for patients and staff at CommonSpirit Hospitals.

Some of MercyOne Des Moines Medical Center’s IT systems, including access to electronic health records, have been shut down. In addition, CHI Health, a subsidiary of CommonSpirit based in Nebraska, reported outages across its Omaha hospitals.

Although it is not entirely clear how the incident occurred or what kind of information was compromised, it does illustrate the vulnerability of the U.S. healthcare system to cyberattacks.

The healthcare system in the United States has been the target of numerous high-profile attacks, including University Medical Center Southern Nevada, Eskenazi Health, and Kaiser Permanente. In 2022, at least 15 U.S. health systems were affected by ransomware, and 12 of those incidents involved compromising personal health information.

Cybersecurity attacks on healthcare facilities can seriously affect patients, staff, and the hospital’s operations. These incidents can lead to the loss of essential data, disruptions in care, and financial damages.

Healthcare organizations can prevent cyberattacks by adopting strong security policies, investing in robust security technologies, and training employees to identify and respond to threats. As a result of these measures, healthcare organizations can reduce the harmful effects of cyberattacks on patients, staff, and facilities.

Updated Malware Attacks Point of Sale Devices

This year, security experts have found three updated versions of Prilex malware that target point-of-sale systems.

In 2014, Prilex was a type of malware that targeted ATMs. It switched to PoS (point of sale) devices in 2016, but it wasn’t until 2020 that the malware reached its peak. After that, it faded away in 2021.

Analysts at Kaspersky say that Prilex is back, and it looks like a more advanced and dangerous version of the malware has resurfaced this time. The latest version of this malware can create EMV (Europay, MasterCard, and Visa) cryptograms, which VISA introduced as a transaction validation system to help find and stop payment fraud.

The Kaspersky report explains that it lets threat actors use EMV cryptograms to do “GHOST transactions” with credit cards protected by CHIP and PIN technology.

The infection starts when a spear phishing email pretending to be from a technician from a PoS vendor says that the company needs to update its PoS software. Next, the fake technician goes to the target’s location and installs a malicious upgrade on the PoS terminals. The attackers could also tell the victim to install the AnyDesk remote access tool on their computer and then use it to replace the PoS firmware with a version that has been tampered with.

After the machine is infected, the operators will check to see if the target does enough financial transactions to be worth their time.

The new version of Prilex has a backdoor for communication. The backdoor can do many different things, like open files, run commands, end processes, change the registry, and record the screen. Once the information is encrypted and saved locally on the infected computer, the malware sends periodic requests to the control server.

Kaspersky concluded that the Prilex group knows a lot about how credit and debit card transactions work and how software used for payment processing works. This knowledge allows attackers to keep updating their tools until they find a way to get around the authorization policies and carry out their attacks.

Microsoft Edge Improves Performance

Engineers at Microsoft recently announced performance improvements for their Edge browser.  A blog post that the company published recently explained how.

A blog post from the company explained how:

“Beginning with Microsoft Edge 102 on Windows, Microsoft Edge automatically compresses disk caches on devices that meet eligibility checks, to ensure the compression will be beneficial without degrading performance.

This ensures compression of these caches largely improves performance and overall user experience.

One way we can maximize cache usage while minimizing disk usage is by leveraging compression to save disk space for the cached content.  Since the contents in these cache(s) are often highly compressible, compression results in increasing the likelihood that the requested resource can be fetched from the disk.”

In our view, this is a great move.  Many people set up their systems with a large disk cache, allowing their web browser to store vast amounts of information for faster recall later.

The problem is that disk space is not unlimited, and if it’s at a premium on your system, compression neatly solves the problem.  The system can still store vast amounts of web data so it can be recalled more quickly later but until that happens, it saves on space by compressing it.

This change comes on the heels of another that the company rolled out some months ago. That change introduced improvements to the way the Edge browser used memory and CPU power.  In that case, the company “put unused browser tabs to sleep” which resulted in an average reduction of CPU usage of 37 percent while simultaneously reducing memory usage by 32 percent.  Those are solid numbers.

Best of all, the company says they’re still not done.  On deck are improvements to the Edge browser’s security, which will include features that should help to minimize the risk of undiscovered zero-day vulnerabilities from being exploited.

Kudos to Microsoft.  These are excellent changes that greatly improve the browser.

Tesla Introduces Optimus Robot Prototype

Tesla introduces the humanoid Optimus robot prototype and claims to be aiming for a price of under $20,000.

After the event started, Tesla’s eagerly anticipated humanoid robot was unveiled. The prototype walked unfettered across the stage. Tesla’s CEO, Elon Musk, stated that the team is working to make the robot accessible as soon as possible for less than a car at under $20,000.

According to Musk, Optimus is being developed to be a strong robot that can be produced in large quantities. During the event, a video showed the robot moving packages throughout a workplace and watering a plant, among other simple chores.

Tesla also displayed a fully built prototype showing the design of a potential final product. This prototype had a slick, cutting-edge design similar to what was showcased at the event last year.

The Optimus’ hands are designed to have a complete range of motion in their fingers. However, the humanoid movements are not restricted to the hands; the entire robot’s operation is fashioned after a human body. According to a Tesla engineer, the robot will have a human form, a broad range of motion, and strength. The Optimus will be programmed to have human brain-like capabilities, including vision processing, decision-making on the fly, and communicating; this is made possible by Tesla employing autopilot software and a battery pack from its vehicles in the robot.

CEO Elon Musk was passionate about the positive impact Optimus could bring to society and the economy. He stated, “It’ll be a fundamental transformation for civilization as we know it.”

When questioned about an exact timeframe, Musk responded that Optimus deliveries will be “probably within three years and not more than five years.”

The public has been hesitant toward technology since the humanoid robot announcement. After all, the scenario does resemble the ending of a sci-fi horror film in which machines might take over. However, Musk said that despite his attempts to get it out as fast as possible, safety is still a top priority in response to these worries.

It’s anyone’s guess whether a Tesla Bot will ever become a reality since Tesla has a history of fanciful ideas that never materialized. But the company is not where it is today because it decided to produce everything it invented.