Join our subscribers
Brazil’s Health Ministry’s Website Data Leak Exposed 243 Million Medical Records for More Than 6 Months
Saturday, December 12, 2020
Given the predictable pattern of Brazilian health systems’ data leaks, it seems that the affected systems were developed by a single developer with little cybersecurity knowledge. Besides, any armature software developer knows that website’s code could be viewed from the browser and that Base64 encoding does not hide data from attackers.
Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, notes that such easily-preventable data leaks originate from the practice of hiring cheap system developers.
“While many organizations tend to outsource software development to the cheapest providers, eventually getting the corresponding quality and security of the code,” Kolochenko says. “Cybercriminals are perfectly aware of these amazing opportunities and effortlessly harvest the long-hanging fruits.”
He adds that the “consequential attacks are hard, if not impossible, to detect in a timely manner.” He advises organizations to invest in developers’ continuous cybersecurity training, consistently monitor the internet for leaked source code, and remember that “when external software development company provides a price that is too good to be true – it’s likely so.” Read Full Article
ComputerWeekly: The week in ransomware: Foxconn and Randstad are high-profile victims
Silicon UK: US Security Firm FireEye Hacked By ‘Nation-State’ Attacker
