MOUNTAIN VIEW, CA June 21, 2017 In the wake of the devastating WannaCry ransomware attack, ZingBox, a leading Internet of Things (IoT) security solution provider, is offering recommendations to the healthcare industry on how to best protect itself from the newest potential threat originating from ‘Hidden Cobra’.
HHS’s Office for Civil Rights (OCR) recently issued a cyber notice to the healthcare industry about a potential threat to critical infrastructure sectors, such as healthcare, by a malicious cyber group called Hidden Cobra, also known as Lazarus Group suspected to be behind the WannaCry attack. The threat relates to the same type of vulnerability that allowed WannaCry to spread. Importantly, simply installing Microsoft patches will not necessarily protect from Hidden Cobra since they use a wide range of vulnerabilities. And despite Microsoft releasing several patches, the vulnerabilities exploited do not only apply to Microsoft OS. Software such as Silverlight, Adobe Flash and Hangul Word Processor are also exploited by this threat actor.
“Although many of the affected vulnerabilities are more commonly found on devices with browsers, infection of just one such device can cause a new wave of attacks against connected medical devices,” said Xu Zou, CEO and Co-founder of ZingBox. “ZingBox recommends healthcare organizations ensure no browsers are used on connected medical devices move PCs to non-IoT device networks.”
To assist the many organizations struggling with the successful navigation and management of their security vulnerabilities, ZingBox is offering their SaaS-based IoT Security solution at no cost to healthcare organizations for a limited time use. “We have been contacted by many healthcare organizations since the WannaCry outbreak. We are making a commitment to assist these organization gain the much-needed visibility and security of their IoT environment with no strings attached,” said Xu Zou.
IoT Guardian, ZingBox’s SaaS-based security solution, leverages machine learning to discover, assess risk, baseline normal behavior, detect anomalous activities and provide real-time remediation across an organization’s entire IoT footprint. The patent-pending solution has a deep grasp of each IoT device’s personality, analyzing communication to and from every device, watching constantly for deviations in behavior and providing alerts for suspicious behavior.