The Impact of Cyber-Attacks, and how Healthcare Organizations can protect themselves

| January 16, 2017

article image
Cyber-attacks have become an increasing problem for healthcare organizations, and according to the 2016 HIMSS Cybersecurity Survey, more than 85% of respondents reported that information security has increased as a business priority. When a healthcare organization falls victim to a cyber-attack, the effects are wide-ranging and impact: 1. The hospital’s finances 2. The hospital’s reputation 3. Patient safety 4. Availability of IT programs, which can hinder patient care 5. The privacy and security of patient and employee information. I recently had the opportunity to work with a small group of cybersecurity experts to help develop the HIMSS Cybersecurity Position Statement, which aims to fortify the healthcare community against cyber-attacks.

Spotlight

WACHTER, Inc

Wachter is on the cutting-edge of technology and infrastructure installation and has been since 1930. Wachter is a Cisco Gold Certified Partner. We’re committed to the exceptional service and forward thinking that lets us provide the leading technologies to meet diverse client needs. Our workmanship is measured by the customers we serve, from Local Businesses to Fortune 100 companies. NATIONWIDE DEPLOYMENT: With more than 1,400 W2 technicians and electricians licensed to work in all 50 states, Wachter is a single source for Nationwide Technology Implementation and Service.

OTHER ARTICLES

A 4 Step Guide to Stronger OT Cybersecurity

Article | April 14, 2020

Security and risk management leaders at organizations around the world are increasingly concerned about cybersecurity threats to their operational technology (OT) networks. A key driver behind this is that cyberthreats, like disruptionware, are increasing in quantity and sophistication all the time. Industrial control system (ICS) networks are categorized as high risk because they are inherently insecure, increasingly so because of expanding integration with the corporate IT network, as well as the rise of remote access for employees and third parties. An example of an IT network within a control system is a PC that’s running HMI or SCADA applications. Because this particular PC wasn’t set up with the initial intention of connecting to IT systems, it typically isn’t managed so can’t access the latest operating system, patches, or antivirus updates. This makes that PC extremely vulnerable to malware attacks. Besides the increased cyberthreat risk, the complexity resulting from IT–OT integration also increases the likelihood of networking and operational issues.

Read More

5 Benefits of Investing in Cyber Security & IT solutions in 2021

Article | June 2, 2021

Cyber Security has quickly evolved from being just an IT problem to a business problem. Recent attacks like those on Travelex and the SolarWinds hack have proved that cyber-attacks can affect the most solid of businesses and create PR nightmares for brands built painstakingly over the years. Investing in cyber security training, cyber security advisory services and the right kind of IT support products, has therefore, become imperative in 2021. Investing in cyber security infrastructure, cyber security certification for employees and IT solutions safeguards businesses from a whole spectrum of security risks, ransomware, spyware, and adware. Ransomware refers to malicious software that bars users from accessing their computer system, whereas adware is a computer virus that is one of the most common methods of infecting a computer system with a virus. Spyware spies on you and your business activities while extracting useful information. Add social engineering, security breaches and compromises to your network security into the mix, and you have a lethal cocktail.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | February 12, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

COVID-19 and Amygdala Hijacking in Cyber Security Scams

Article | April 9, 2020

What races through your mind when you see “Coronavirus” or “COVID-19”? Fear, anxiety, curiosity… these internal reactions can prompt actions that we may not normally take. Recent attacks have been sending out mandatory meeting invites that ask you to log in to accounts. Others have been receiving emails to put themselves on a waiting list for a vaccine or treatment. The heightened emotions we experience when we see emails, or messages like this, may prompt us to give personal information out more willingly than we usually would. Security awareness takes a back seat as emotion takes over. It’s known as amygdala hijacking. Why does this happen to us? The amygdala is a small part of the brain that is largely responsible for generating emotional responses. An amygdala hijack is when something generates an overwhelming and immediate emotional response.Many common cyber security scams use amygdala hijacking to their benefit. We see this used often in phishing, vishing, SMShing, and impersonation attacks. Chris Hadnagy of Social-Engineer, LLC did a case study on amygdala hijacking in social engineering.

Read More

Spotlight

WACHTER, Inc

Wachter is on the cutting-edge of technology and infrastructure installation and has been since 1930. Wachter is a Cisco Gold Certified Partner. We’re committed to the exceptional service and forward thinking that lets us provide the leading technologies to meet diverse client needs. Our workmanship is measured by the customers we serve, from Local Businesses to Fortune 100 companies. NATIONWIDE DEPLOYMENT: With more than 1,400 W2 technicians and electricians licensed to work in all 50 states, Wachter is a single source for Nationwide Technology Implementation and Service.

Events