Cyber Connections News Roundup: March 10

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

March 10, 2020

UMGC Faculty Weigh in on the Challenge of Protecting Health Data Privacy

In a recent article on www.medicaltechnologyschools.com, faculty experts from University of Maryland Global Campus (UMGC) offered their insights into the relationship between health data and privacy, namely that with further IoT integration, the problem may be exacerbated. According to Dr. Mohammad Bajwa, program chair of the health informatics administration program at UMGC, “The security question is baked into the tech itself, as each individual device in the IoT becomes a potential point of vulnerability.” James Robertson, program director of Cyber DevOps at UMGC added, “With the right design and implementation, IoT can mitigate data interoperability and data privacy issues.” Read more.

FDA Warns of Potential Cybersecurity Risk in Certain Medical Devices

According to a March 3 news release from the Food and Drug Administration, a new set of cybersecurity vulnerabilities, referred to as “SweynTooth,” may pose a risk to certain medical devices using the wireless communication technology known as Bluetooth Low Energy (BLE). BLE allows two devices to “pair” and exchange information to perform their intended functions while preserving battery life and can be found in medical devices as well as other devices, such as consumer wearables and Internet of Things (IoT) devices. These cybersecurity vulnerabilities may allow an unauthorized user to wirelessly crash the device, stop it from working, or access device functions normally only available to the authorized user. Read more.

Experts Sound the Alarm On 5G Security

A recent article on www.techtarget.com argues that regulation and strong proactive measures are necessary to protect 5G networks from cyber attacks, and that the responsibility falls on businesses and governments. As manufacturers such as Nokia, Samsung, and Cisco continue to develop, or plan to develop, 5G enterprise solutions, devices in the workplace already operating on a 5G network, and using IoT devices without a private 5G network or adequate technical knowledge could put organizations’ and their employees’ privacy at risk. Read more.

Rollout of Online Census Questionnaire Raises Fear of Cyber Threats

Beginning on March 12, households will participate in the once-a-decade national census by visiting www.my2020census.gov to complete the online questionnaire. According to a recent report on www.npr.com, the Census Bureau is expecting about six out of 10 households to fill out the form online. But the planned public debut for the online census form comes amidst heightened concerns about cybersecurity risks. Lawmakers fear that a problem with the upcoming digital rollout could undermine public trust in data that carry at least a decade’s worth of implications across the U.S. Read more.

First Open Source Messaging Framework for Security Tools Launched

According to an article on www.zdnet.com, on Feb. 24, the Open Cybersecurity Alliance (OCA), a consortium of cybersecurity vendors including IBM, Crowdstrike, and McAfee announced OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common messaging framework. OpenDXL Ontology aims to create a common language between cybersecurity tools and systems by removing the need for custom integrations between products that can be most effective when communicating with each other, such as endpoint systems, firewalls, and behavior monitors, but suffer from fragmentation and vendor-specific architecture. Read more.