The year has not been a good one for British Airways. After five previous IT shutdowns this year, the company has just now had its most severe IT related shut down of the year. Flights today were cancelled throughout the world, and the airline has said that it will likely take several days to get the systems back up and the backlog cleared. There had been some serious concern that the outage was due to the most recent ransomware attack (nicknamed ‘WannaCry’), but after these suggestions were made, British Airways revealed that there had been no hacking on the system. A BA representative was quoted as saying, “We’ve found no evidence that it’s a cyber-attack.”

Thousands of would be passengers missed flights and were stranded in varying locations throughout the world. The scene at the London airports was chaotic at best. Queues for checking in had become ridiculous, and because of the IT shut down, BA employees had been forced to start using whiteboards with markers to try and communicate with the massive crowds. As the crowds continued to build, the airline was forced to cancel all flights for Saturday. Finally after noon, a spokesman for the beleaguered airline said,  “We have experienced a major IT system failure that is causing very severe disruption to our flight operations worldwide. The terminals at Heathrow and Gatwick have become extremely congested and we have cancelled all flights from Heathrow and Gatwick before 6pm UK time today, so please do not come to the airports.”

Some had suggested that the decision last year by the airline to outsource all the IT to India was to blame. The GMB union said that this was the cause of the outage again. However, British Airways has denied that this is the cause of the problem. Mick Rix, the head of the GMB aviation sector said, “This could have all been avoided. BA in 2016 made hundreds of dedicated and loyal IT staff redundant and outsourced the work to India.” Whether this stands true or not, the IT department will certainly be under some pressure.

This recent failure highlights the realities that companies are facing in the digital age. When systems are fully IT dependent for functionality, shutdowns can destroy an entire system and bring whole businesses to a grinding halt. While it’s true that this failure is a major one, it may also indicate the substantial need for careful attention to IT controls and security in the business world. When you can’t live without IT, you have to find a way to live with it properly.

Keep your IT department up to date with some research whitepapers from some of the top vendors in the IT Security and Infrastructure space – check out our Research Center.

The post British Airways Struggles with IT, Again. first appeared on Tech Insight.

While many patients had their operations cancelled at the last minute, others have been told to stay away if possible except in cases of dire emergency. Some of the doctors in London have also complained about being unable to do basic X-rays, or even the most basic services for their patients. The ransomware attacks have also frozen the essential IT components which store patient data and the hackers have asked for a ransom of $300 in Bitcoin for the release of the patient files. Since patient health records, blood tests, and allergies are all stored in the computers, the blackout has adversely affected medical services across the country.

The worst sufferers have been the patients. Some who were waiting for their surgery operations were informed that they had been cancelled. Many of the patients in the maternity wards were unable to get discharged due to the computer systems crashing, while others were unable to get much-needed transfers as the cyber attack had put everything on hold. Some patients also had their operations cancelled at the last minute as the staff were ordered not to touch their computers. Almost all the doctors resorted to old-school pen-and-paper charting, with no access to the medical history of the patients or their various allergies.

The NHS and the Government have been questioned over why the hospitals were left vulnerable due to the antiquated computer systems. The ransomware attack is already being described as the biggest ransomware attack in the world as it has affected around 100 countries.

The NHS has released a statement saying that they had no evidence of patients’ medical records being accessed but were unsure of whether the hackers, who have threatened to delete patient information unless they receive their payment within a week, had the ability to destroy patient records.

It is believed that a hacking group known as the Shadow Brokers, which has links with Russia, was partly responsible. While Microsoft had sent free security software to protect the computers in March of 2017, it had not been updated in the hospital computer systems. Microsoft has released a statement saying that it would push out automatic Windows updates to defend clients from Ransomware.

Prime Minister Theresa May has described the attack as an international attack that has affected many organizations and countries such as Spain and FedEx. She has also assured that the “National Cyber Security Centre was working closely with NHS Digital to ensure that they support the organizations concerned and that they protect patient safety”. This Ransomware attack follows the cyber attacks of Yahoo in 2013 and Sony in 2014.

The pressure is on at the hospitals and is expected to worsen over the weekend. While the government agencies are hard at work to restore the services for the patients, the doctors have described the situation in the hospitals as primitive. Though the Ransomware was directed at the hospitals, the real captives have been the suffering patients.

Discover more insightful blogs like these check out more of Our content here.

The post Ransomware: NHS Patients Held Captive first appeared on Tech Insight.

OneLogin is a major player in the AMS service field. They provide password management for enterprise level clientele. The service is helpful for this client base because it provides a single sign on (SSO) cloud solution for ease and greater levels of security. Their client list is impressive – AAA, Yelp, and Dell, to name a few. Their open source tool kits are being used by more than three hundred venders and seventy software-as-a-service (SaaS) vendors worldwide.

With all this corporate access information, no wonder OneLogin is a target for high-level hacking. Yesterday the company announced that a major malicious attack had occurred on their US operations. The attacker was able to access the AWS API and create a number of instances within the infrastructure. The hacker had seven hours of uninterrupted access.

The company is still determining the extent of the breach, but in their announcement did indicate that some very major events had happened. It appears that the attacker was able to access information about the company’s users including various types of keys, and, far more concerning, was able to decrypt data that was at rest within the archives. This means that the actor was able to find access to the highest level of security, and that OneLogin had apparently left a gaping hole in their system, allowing for a breach of end to end encryption. This sort of breach indicates a substantial concern within the OneLogin system that will raise attention at the highest levels.

The company has provided a guide for securing data that has been breached, which, no doubt, was the task of a substantial part of the corporate IT world this morning. However, the guide simply provides 11 steps to recreating security for breached data, but this does not mean that the hacker, with seven hours of access, has not already obtained and decrypted whatever data was present. At the enterprise level, this is the equivalent of breaking into the CEO’s office and rifling through his desk and personal files for 7 hours. It’s not good.

This is not the first attack on OneLogin.  A previous hack had compromised a substantial amount of data, but encryption was never broken. This current attack has led some in the security world to question how to best secure high level corporate data, given the increasing level of hacker ability. Companies would be wise to be researching different methodologies (both in house and third party), and identifying deeper levels of security risk than the home page of the company offers. OneLogin is a high level security system, and such a hack should make other IT professionals question where safety is even possible at this point. As the Queen ballad reminds us, no one is safe.

The post OneLogin: Another One Bites the Dust first appeared on Tech Insight.

Apparently, the Athena malware can hijack Windows versions starting from XP to Windows 10, and everything in between. This malware also consists of an additional module called Hera, which affects PCs running Windows 8 to Windows 10.  The capabilities of Athena malware are mind blowing. Once Athena malware is set on the target system, it can decode remote configuration and task handling.  It can load or unload memories of NOD Persistence Specification DLLs. In addition, it can deliver and retrieve information to and from any directory.  These tools would give control of machines to the CIA completely and they definitely highlight the power of what technology can do. However, at the same time it also gives us a reason to pause and think of the impact of its power.  And if you think this level of government control is concerning, here is the most concerning part of all – it lets the operator configure during runtime on the system and thus cannot be detected. The malware can be delivered in a number of different ways including remotely, through a supply chain, through an asset on the ground, or with a program called Windex (which was explained in earlier WikiLeaks releases).

The Siege Technology founder said in an interview in 2014, “I feel more comfortable working on electronic warfare,” he said. “It’s a little different than bombs and nuclear weapons — that’s a morally complex field to be in. Now instead of bombing things and having collateral damage, you can really reduce civilian casualties, which is a win for everybody.” The contractor sees the value of cyber warfare on this sort of scale as a way to control the on-the-ground warfare and limit damage and casualties to civilian populations.

Whether this new malware is used or not, the reality that all the Windows OS machines in the world can be pretty easily turned into CIA hand puppets is a little disconcerting. Whatever your views on net neutrality and net privacy, this new report from Wikileaks will make you pause and think. Further, such powerful tools in the hands of those who are not seeking international security could be a massive danger and risk for the world populace. The CIA justifies this, but is clearly upset by the recent disclosure.

Check out some more Malware related articles here.

The post Athena Malware: The CIA in Your PC first appeared on Tech Insight.