The U.S. utilized cyberattacks on Iran

The U.S. utilized cyberattacks on Iran

If there was any lingering doubt that cyber would be the next battleground between countries, that confirmation was had as the US opted to attack Iran using cyber strikes rather than traditional military ones. The fallout from such an attack will likely spur demand for cyber and other solutions tied to our Safety & Security investing theme.

The U.S. covertly launched offensive cyber operations against an Iranian intelligence group’s computer systems on Thursday, the same day President Trump pulled back on using more traditional methods of military force, according to U.S. officials familiar with the matter.

The cyberstrikes, which were approved by Mr. Trump, targeted computer systems used to control missile and rocket launches that were chosen months ago for potential disruption, the officials said. The strikes were carried out by U.S. Cyber Command and in coordination with U.S. Central Command.

The officials declined to provide specific details about the cyberattacks, but one said they didn’t involve loss of life and were deemed “very” effective. They came during the peak of tensions this week between the U.S. and Iran over a series of incidents across the Middle East, including Tehran’s shooting down of an American reconnaissance drone.

Source: U.S. Launched Cyberattacks on Iran – WSJ

Hospitals push device makers to improve security following cyberattacks 

Hospitals push device makers to improve security following cyberattacks 

As the kinds of cyber attacks companies and other businesses are experiencing expand, we are seeing the actual victims, as well as potential ones of these attacks, step up their efforts to protect themselves. In hospitals, one of the areas of focus is internet connected equipment, but we can see how this will quickly spill over to the burgeoning Internet of Things and larger 5G markets, igniting a new round of demand for companies that fall within the parameters of our Safety & Security investing theme.

Hospitals are pushing medical-device makers to improve cyber defenses of their internet-connected infusion pumps, biopsy imaging tables and other health-care products as reports of attacks rise.

Rattled by recent global cyberattacks, U.S. hospitals are conducting tests to detect weaknesses in specific devices, and asking manufacturers to reveal the proprietary software running the products in order to identify vulnerabilities. In some cases, hospitals have canceled orders and rejected bids for devices that lacked safety features.

Hospitals, after a decade of racing to wire up their medical records and an explosion of internet-connected medical devices, are growing more aggressive with technology suppliers amid pressure to better defend against incursions that could threaten patients and cause costly disruptions. Credit-rating agency Moody’s Investors Service in February ranked hospitals as one of the sectors most vulnerable to cyberattacks.

In stepping up their efforts, hospitals have gone beyond building firewalls and taking other actions to shield their own networks—they have moved into demanding information like the software running devices that manufacturers have long considered proprietary. The requests have generated tensions between the sides.

Source: Rattled by Cyberattacks, Hospitals Push Device Makers to Improve Security – WSJ

The Orbitz hack is more confirmation for our Safety & Security investing theme

I just received an email notification from American Express (AXP) detailing the following:

“We are writing to let you know that American Express recently learned that our third-party vendor, Orbitz, was the victim of a cyber attack. “

Of course, this is the latest announced high profile cyber attack, which in my view serves as a reminder of the risks to be had as we migrate more of our lives into the digital world. Add in the renewed concerns over privacy following the latest happenings with Facebook (FB) and we here at Tematica see pain-point related demand continuing to rise for our Safety & Security investing theme. As a reminder, this theme stretches beyond national and homeland security to include cybersecurity as well as personal security. And for those wondering, Orbitz is own by Expedia (EXPE).

 

Another day, another breach. Today, online travel agency Orbitz disclosed that hackers managed to get both credit card data and personal information (though no Social Security numbers and passwords) from users who made their travel purchases on the site between January 1, 2016 and December 22, 2017.

In total, the company says, that’s about 880,000 payment cards that were accessed from what the company calls a “legacy Orbitz platform.”The hackers also likely accessed other data, like names, physical or mailing addresses, birth dates, email addresses, phone numbers and the customer’s gender while they were in the systems between October and December 2017.

While this breach isn’t at the level of the giant Equifax and Yahoo hacks, here is yet another company that couldn’t keep your data safe. Indeed, at this point, you can pretty much assume that all of your personal data and likely your passwords and credit cards, too, are up for sale in one of the darker parts of the internet.

Source: Hackers gain access to 880K credit cards from Orbitz customers | TechCrunch