Full Body Exposure: More Than 45 Million Medical Images Openly Accessible Online with David Sygula, Senior Cybersecurity Analyst at CybelAngel: Audio automatically transcribed by Sonix
Full Body Exposure: More Than 45 Million Medical Images Openly Accessible Online with David Sygula, Senior Cybersecurity Analyst at CybelAngel: this mp3 audio file was automatically transcribed by Sonix with the best speech-to-text algorithms. This transcript may contain errors.
Saul Marquez:
Hey everybody! Saul Marquez here and welcome back to the Outcomes Rocket. Today, I have the privilege of hosting David Sygula. He is the Senior Cybersecurity Analyst at CybelAngel. They’re doing fantastic work around preventing data leaks and limiting damage to your organization. They’re the world-leading digital risk protection platform that detects and resolves external threats before these threats wreak havoc on your business. Because more data is being shared, processed, or stored outside the firewall on cloud services, open databases and connected devices have a lot of digital risks, and the enterprise has never been at greater risk. So what we’re going to talk about today is how organizations worldwide rely on CybelAngel to discover, monitor and resolve external threats across all layers of the Internet. And how you can keep your critical assets, brand, and reputation secure. It can be a great discussion today. And with that, David, so glad that you jumped on to share these really important pearls around cybersecurity with all of us. Thanks for joining us.
David Sygula:
Hello Saul. Thanks for inviting me.
Saul Marquez:
Absolutely! David before we start learning a little bit more about CybelAngel, tell us about what inspires your work in cybersecurity.
David Sygula:
Yes, well, I’ve been working on cybersecurity for a pretty long time now, more than 10 years, and I’m always curious about discovering new things so I guess this is why I chose this specific career. At CybelAngel we discover data leaks. Every day we discover billions of files that are just available if you know where to look. So, yes, I guess I’m a very curious person and I like to see things and I like the world to be a bit more secure so I like to report what I see so people get more digitally secured.
Saul Marquez:
Well, David, I think it’s great that you’re doing what you do. We were talking before this. I told you, right? Two of my PayPal accounts got hacked. Yes. And I’m just like, how and why? And both of them had different passwords. And the bottom line is, I’m not alone in this. A lot of folks that are listening to this, it’s happened to them, too, in varying degrees. There are threats, there’s ransomware. There are all sorts of things happening out there to people. So hone in on what you do for us, Peter. What is it that you do for health care customers? How are you adding value to them?
David Sygula:
Well, we do have a lot of health care customers and basically, we are looking for any data that would be exposed over the Internet, be it unprotected, on the file server, so we are looking at no marketing communications for the upcoming years or recipe’s if that’s even a word for vaccines. A lot of things can be found so unprotected on servers. But also we monitor dark web places when people like to talk about what they are going to hack and how they would like to monetize the data they have also if they are looking for specific kinds of data. So we see this often someone saying, I would like I don’t know, I would like friends or US health data from patients and then that just gets what they want. So we are here to work or clients that these people are exchanging things like that. So in some ways, we can scan the Internet, gets the files that are left unprotected, and tell our clients before the files are stolen from cyber-criminals. And in other cases, we monitor all these places where everything is exchanged and then we tell them, Ok, so this is going to be prepared. It’s pretty serious and it is happening a lot. You know, cyber-criminals are also getting into medical devices and monitors. So talk to us about what makes what you do different or better than what’s out there.
David Sygula:
Well, we like to try lots of things, actually, and to always improve, to always keep our knowledge up to date. And things kind of evolve very quickly. So we always have to move forward and to be one step ahead of cyber-criminals. You were talking about the devices, and that’s very interesting because it’s easier from anywhere in the world to target a device that is connected on the Internet, either because it lacks security or because there is no security at all. So, again, we are here to tell the clients, OK, you have this, it’s not secure. You should do something about it because one day it’s going to be hacked because it is most of the time.
Saul Marquez:
Yeah. And so you guys have been doing a lot of work around the medical data leaks. Tell us a little bit about your latest research on the analysis of medical data leaks.
David Sygula:
Yes, there’s a project we worked on in 2020. We focused on a very specific kind of data which are medical images and go by the name of daikon files, actually realized that there were so many daikon images left unprotected on servers and we ended up counting no less than forty-five million unique of these images worldwide. So again, unprotected on servers. So basically anyone can go and retrieve this data, which is really amazing. But we didn’t only stop here because we were thinking, ok, so we know that once a photo is taken, it may be left unprotected on a server, but what if we could directly interact with the device itself? So we pushed the research a little bit more, only to find that in a lot of cases, the devices themselves, so that’s what we were talking about earlier, could be reachable by anyone. And once you are able to interact remotely with the device, you may do a lot of things. You can take pictures, you can remove things, you can interact with the whole system. We can even retrieve more information that is stored on the device itself. So there are basically no limits as to attack medical centers, hospitals, and the little door are unprotected servers and devices that talk over the Internet. Why they shouldn’t what they should control, who they accept inside.
Saul Marquez:
Absolutely. And so you guys did this amazing research and kudos for the focus. I mean, you guys have decided, hey, this is where we have to focus our time, our energy. So what do you expect to get? I mean, you’re sharing all these findings. How can you make the system healthier and better by doing this?
David Sygula:
Well, we guess that most of the time when we talk about unprotected servers, most of the time they are left unprotected because it’s negligence. People don’t even realize that this data is available. And what we wish to do is that by communicating about our results. We wish that people think, OK, maybe I’m concerned. So I should do something about it. Maybe I should review my whole I.T. system. Maybe I should see whether people try to connect on my networks. So that’s where we are trying to do. Usually, when we communicate about cybersecurity, people are interested in the findings and are really thinking maybe I should act differently. Even when we received an email. You think twice before clicking on a link or opening attachments, and that’s education. We are trained to do with this kind of breakthrough studies about so many images in the wild and all the things that we discover.
Saul Marquez:
Yeah, so you have an image and tied to that image is personal information. A lot of times when you go into the health care system, you give them your Social Security number, you give them your data. Are you finding that a lot of this stuff is linked to these files?
David Sygula:
Yes, exactly. Actually, these files are not just photos of people’s body parts. They also include the full record of a patient. Indeed, you cited the Social Security number, but you also have comments made by the doctor. The doctor itself worked with the patients. You have more than two hundred lines of metadata that is attached to the photographs. So you don’t just have one photo, you have the full records of the patient. All of this data is actually very valuable. You may wonder how the photo of the leg of someone’s living can be valuable on the dark web or anywhere. I can tell you that it’s highly valuable. The way we think, usually, we are not threat actors. So we are thinking, yes, that’s just a photo of my body parts so what the hell. But actually, a lot of people find their interest in all this data. And not only the photos themselves, as we say, it’s also the metadata that is attached to the photograph. But also sometimes we wouldn’t think about how to monetize this data. But people find ays and this kind of data is actually sold at a very high price, in the dark places, more than regular credit cards that may be stolen. So that’s what it shows the interest.
Saul Marquez:
Who buys it, David?
David Sygula:
That’s a very good question. And the answer is we don’t really know, because, on the dark web forums, everyone goes by nicknames. And you can’t just profile a nickname because people usually use the same between forums because it’s their only way to be recognized and they may benefit from a certain reputation from one forum to another. But still, it’s different to say, OK, this guy is probably this or that. But more than that sometimes you just have new members on forums, you can’t profile them because all the data is new and they seem to be interested, very interested in specific data, and this, in my opinion, is just to blur the path. You can’t profile these people. So you may think, Ok, maybe that’s just one regular old guy who just registered or maybe that’s some interesting case. Yes. I wouldn’t be able to cite any case, but I guess there is a lot of trades within these forums that a lot of people and not only, as we could think, cybercriminals, but of course, other interests as well.
Saul Marquez:
That is fascinating. And so what exactly are you guys doing to add value to the health care ecosystem?
David Sygula:
Well, we do arrive before all this data actually becomes the data because we are talking on the unprotected servers’ perimeter. The data is here and is available for anyone who knows where to look. But they have not become breaches. They have not become leaks, it’s just exposed. So in this case, we are here to protect the client and say, OK, your data is here. It shouldn’t, because it’s sensitive. So you should secure the server. You should unplug it from the internet. And on the other hand, on dark web forums, we try to give the clients the most details possible on the scenario. We try to identify what, why, why this data is online. How can it be? I mean, was there anything hacked there, any attack? And sometimes the actors give a lot of information. So we are able to build a scenario and then we send it to clients to take measures to counteract and be able to fix any of the durability in its system.
Saul Marquez:
I think that’s great. And it’s all about knowing what exactly these people are up to know so we don’t become victims of these attacks. You guys do a lot of research. So how do the research you do and the solutions that CybelAngel offers make the health care industry different or better?
David Sygula:
Well, I would say that by exposing all this research, we bring education to people who can really see what’s going on. I mean, not everyone knows that photographs, images, medical images can interest anyone on the dark web. So by simply telling that publicly, people realize that they may have some sensitive data. So we try to protect clients. And on the larger side, the medical sector by making people realize all the sensitive data to deal with every day. And when we find any sensitive thing that is outside the perimeter of this corporation, this company, this organization, we bring them back to their owner and say, OK, you should really secure this thing.
Saul Marquez:
So in all of the research that you’ve done, David, what would you say is one of the most interesting things you’ve learned? And what are you most excited about today?
David Sygula:
That’s a good question. Actually, I’m a never-ending curious person. So very hard to be. I would say the most fascinating thing to me is that I realized that when you focused on the sector, any sector and I’m not talking only about the healthcare data, healthcare perimeter, you’re going to discover flaws, a lot of flaws. There are a lot of entry points into the systems. Sometimes you can even use simple search engines to discover very sensitive data. And this is very interesting because we talk about the health care sector right now, but it applies to a lot of industries worldwide. And sometimes that’s just the way things are. And it’s not simply a matter of cybersecurity. It’s so political. It’s also a question of money because it would cost too much to do this or that. And maybe it can be as simple as yes, but I need the data right now so it’s not protected because I need it quickly. This is very fascinating because one could simply think I don’t understand, it should be secured. So put a fast forward and we are done. But no, it’s sometimes more complicated than that.
Saul Marquez:
Yeah. And there’s so much that we could do to prevent some of these things. How many of you listening to this have the same password for a lot of accounts. That is a problem. And do you have two-factor authentication on your accounts? That could be an issue. Some of the basics. So, David, what would you tell us is some advice that we could do? You listen to this podcast, walk away with a couple of things that you could do to protect yourself. What would those one or two things be?
David Sygula:
Well, unfortunately, when you want more security, you need to put on various usability. So everything I’m going to say it’s not very convenient, but as you just said, you should verify your passwords. Use one password for one account, very different passwords. And I know it’s a pain, but it’s essential. A lot of accounts, even professional accounts get hacked because people reuse passwords or have routines, for example, they just add one number at the end of the password, and then a month later, instead of writing one, they write two, and then three and so on. But all these things cybercriminals know about it. It’s actually very easy to crack into accounts because most of the times people have the same ideas. So I would say use one password for each account and don’t rely only on passwords, but use passphrases. It’s much easier to remember. Be it a name of a song you like, a movie? I don’t know. Or even my name is David. That makes a pretty good password. It’s unbreakable. So there are ways to not make things difficult, even though once again, one account should equal one password.
Saul Marquez:
David, that’s really interesting. So do you think that a phrase like my name is David versus like some of these password manager apps they’ll give you like a scrambled password suggestion that is really nonsensical, it’s got a bunch of stuff in it? Which one do you think is better?
David Sygula:
I’m in favor of human memory because I think it’s also very good training. I must have something like 30 different passwords that I know by heart, and I believe it improves your memory rather than relying on a password manager, which is pretty good, I must admit, and the best ones they propose are good. But if you need like in an emergency, one of them and you don’t have your device to remind you of your passwords, then you’re stuck. So this is why I’m more in favor of human memory. And of course, My name is David. I’m talking my name is David with the capital letter and spaces, which are special characters. So that makes an unbreakable password most of the time. Then it depends on the website itself if it stores the passwords in plain text or if it’s encrypted, but then depending on human memory or password manager, it doesn’t change much.
Saul Marquez:
Yeah, that’s really interesting. That’s really interesting. Thank you for that. And so so the research you’re doing is fascinating. What would you say upcoming research-wise? Is there anything you’re doing that could affect or benefit the health care industry?
David Sygula:
Well, we are currently still actually in the health care industry sector because it’s never-ending as well. We started in 2019 and every month, there are so many things to discover that we keep researching on this topic. Right now, we are really focusing on all the data that is exchanged on the dark Web, as we said. And we discovered some pretty interesting stuff regarding France a few weeks ago that I guess in the coming months we will still be looking for this very specific sector.
Saul Marquez:
Well, I think it’s awesome! Where can the listeners tune in or find you in the work that you guys are up to? Where can they go?
David Sygula:
Well, I have a LinkedIn account, so that’s my name and my surname. I also have an email address that is available on my LinkedIn accounts. Or you can shoot me an email. That’s david.sygula@cybelangel.com. Please feel free to reach me if you want to know more.
Saul Marquez:
Outstanding David. Well, we really appreciate you giving us insights into some of these risks that we all face. And the answers are out there. So folks, be sure to visit David, make sure you find ways to protect yourself from these cybercriminals. There’s an opportunity for all of us to do better in this. Why wait until it’s too late to do it now? David, thank you so much for sharing these insights with us.
David Sygula:
Thank you, Saul. Thank you very much.
Sonix has many features that you’d love including automated transcription, automated subtitles, world-class support, powerful integrations and APIs, and easily transcribe your Zoom meetings. Try Sonix for free today.
