Feds Warn Healthcare Over Cobalt Strike Infections

Red-Teaming Tool Poses Ongoing Risks When Used by Hackers, HHS Warns The Department of Health and Human Services’ Office of Information Security’s HC3 unit says attackers are weaponizing legitimate security tools. Russian hackers deployed Cobalt Strike’s command-and-control function during their attack against SolarWinds’ network management software. Hackers who earlier this year got into Cisco corporate IT...

Read More

Hackers Adopt APT-Like Capabilities

Cyberweapon-Grade Hacking Tools Pose Danger for Financial Sector Cyberthieves traditionally on the lower rung of hacking abilities now have access to nation-state-class malicious software, warn close observers of the criminal dark web. The appearance on criminal forums of tools capable of infecting a computer’s boot firmware or malware that evades antivirus detection is a consequence of years of state-sponsored development of cyber...

Read More

FBI Warns Healthcare Sector of Payment Scam Surge

Use of Social Engineering, Phishing to Divert Payments Cybercriminals are stealing multimillion-dollar payouts from healthcare payment processors by compromising user login credentials, the FBI warns the healthcare industry. In a recent alert, federal agents say they’ve received multiple reports of cybercriminals redirecting healthcare payments into their pockets. According to the FBI, cybercriminals used employees’ publicly...

Read More

Morgan Stanley’s Hard Drive Destruction Investment Failure

$155 Million in fines and settlements. While physical data breaches have declined substantially in the last 10 years, they still can happen without proper diligence. That lack of diligence and vendor oversight has led to a $35M fine for Morgan Stanley from the SEC and a class-action settlement of $60M over the same breach. This is in addition to a $60M fine from the Comptroller of the Currency in 2020. All for improperly decommissioning server...

Read More

Latest US Health Data Breaches Continue Ransomware Trend

Some 60 breaches affecting about 2.5 million individuals were added in July to the federal tally of major health data breaches. Those incidents continued a trend playing out in 2022: Large hacking incidents predominately involving ransomware attacks against providers, vendors, or both are responsible for an overwhelming amount of data theft. About 80% of the major breaches reported were related to hacking/IT incidents, and these breaches...

Read More

Scammers Piggyback on AWS to Phish Victims

AWS Domains Used to Send Phishing Emails and Steal Credentials Cybercriminals are using Amazon Web Services to create phishing pages that bypass security scanners and scam victims into handing over credentials. The scammers send targets what appears to be a standard password expiration email or other emails meant to create a sense of urgency. The emails come from legitimate AWS domains, but a closer look shows the inclusion of false nicknames,...

Read More

NIST Adds Cybersecurity Guidance to HIPAA Security Rule

New draft of federal cybersecurity guidance could help healthcare organizations avoid regulatory fines in the wake of breaches. Federal regulators are looking for the adoption of “recognized security practices,” when investigating the aftermath of a breach involving protected health information. In 2021, Congress told the Department of Health and Human Services to consider whether a medical center or business associate can show that it...

Read More

Four Legacy Security Vulnerabilities Still Posing Threats

Cybersecurity, or the lack of it, is something that we all need to be concerned about. In no industry is that more readily apparent than the financial sector. As the threats continue to evolve, it’s important that we don’t forget about older threats that continue to pose serious risks to financial institutions. Ideally, all organizations would rapidly expunge known vulnerabilities from their networks, starting with the most severe bugs that...

Read More

Is Facebook a Business Associate?

Depending on where you put its tracking pixel, it might be. Lawsuit: Facebook Is Collecting Patient Data of ‘Millions’ Class Action Alleges Meta Pixel Code Tracks Websites, Patient Portal Interactions A class action is alleging Facebook unlawfully collects patient data from the online portals of hundreds of medical providers without knowledge or consent. The lawsuit, filed Friday (June 17, 2022) by an anonymous “John...

Read More

One Malicious Insider Leads to $155M Settlement

Canada’s Desjardins Settles Data Breach Lawsuit for $155M Highlights the risks posed by insider threats and lack of information segmentation. The cost of the settlement adds on to the costs the bank has already carried resolving the breach they discovered in 2019. The breach, which was publicly disclosed in June 2019, involved a “malicious” insider stealing and selling personal details for 4.2 million active customers of the...

Read More

Ransomware payments are down.

Why that might not be a good thing for Nebraska. Based on a study of thousands of cases that it has worked, incident response firm Coveware has found that the number of firms paying a ransom has dropped from 85% in Q1 2019 to 46% in Q1 2022. When victims do pay a ransom, in Q1 2022, they paid an average of $211,529, down 34% from the previous quarter, Coveware found. It attributes this to fewer victims paying, attackers overall infecting...

Read More

HHS HC3: Beware of Lapsus$, Email Marketing-Related Threats

Authorities Warn Healthcare, Public Health Sectors of Latest Concerns Federal authorities are warning the healthcare sector of potential threats involving Lapsus$, including those related to the extortion group’s recent hack of identity management vendor Okta. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center, or HC3, in an advisory issued on April 7, warns of attack threats to the sector...

Read More

Premium Hikes and Vetting Decrease US Cyber Insurance Losses

Declining Loss Ratios May Allow Insurance Premium Increases to Moderate in Late 2022 An improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might, at last, subside later this year. The loss ratio, simply insurer payouts versus premiums earned, declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing yet again in 2021. The improvement was...

Read More

Large Hacking Incidents Increasing Since February

The number of major health data breaches and the number of individuals posted to the HHS “Wall of Shame” so far in 2022 has surged in recent weeks as reports of large hacking incidents continue to flow into regulators. As of last week, the HIPAA Breach Reporting Tool website shows that 117 breaches affecting about 5.32 million people have been posted in 2022. That’s an increase of nearly 83% in the number of breaches posted on the HHS...

Read More

U.S. Sanctions Add Layer Of Risk To Ransomware

Ransomware has been on a dramatic upswing over the last couple of years. The proliferation of Ransomware As A Service (RAAS), the subsequent lowering of barriers for both criminal groups and state actors, as well as the payment of ransoms have helped drive this dramatic increase. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), most ransomware attacks start through phishing, exploitation of remote desktop...

Read More

Cyber Agencies Warn: Ransomware Attacks Are Worse Than Ever

Memo to businesses: Ransomware attacks are worse than ever, and unless you prepare, don’t be surprised if you or your business is the next victim, warn government cybersecurity czars. Joint advisory cybersecurity authorities in the United States, Australia, and the United Kingdom observed a marked increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally throughout 2021. They expect...

Read More

HHS Warns of Threats to Electronic Health Records

Healthcare entities should implement a more “proactive preparedness” approach for protecting their electronic health record/electronic medical record systems. Federal regulators warn that these are an increasingly attractive target for cyberattacks and other breaches. The DHHS Health Sector Cybersecurity Coordination Center, in a threat brief issued Thursday, reinforced that EHRs/EMRs are profitable to cybercriminals. Largely due to...

Read More

Insider Threats are a Quiet Risk in your System

The Ripple Effects that Extend Outward from a Breach According to the Verizon 2020 Data Breach report, 22% of all security incidents are perpetuated by insiders. In addition, the costs of insider breaches – caused either by human error or bad actors have – risen by 47% over the past two years. As an organization, a certain amount of trust is required to ensure that business runs smoothly. But, given the inherent risks involved, that trust...

Read More

HHS Warns Healthcare Sector of Pysa Ransomware Threats

Alert Comes as Health Entities Globally Continue Battling Cyberattacks, Fallout The U.S. Department of Health and Human Services has posted a warning to the healthcare sector about increasing threats involving Pysa ransomware and the cybercriminal gang Mespinoza — also known as Gold Burlap and Cyborg Spider — which operates the malware variant. In an alert, the DHHS Health Sector Cybersecurity Coordination Center, or HC3, warns that since 2018,...

Read More

Worrying Trends in Cyber Insurance

There are several trends emerging in the cyber insurance industry that are worrying for mid-size and local entities. These trends are largely a response to the havoc ransomware has caused across industries in the last 18 months. The emerging trends can be summed up as: Prices are increasing, in many cases in the range of 2x-4x Renewal and acceptance rates for policies are going down, in many cases, by 40%-60% compared to previous years Entities...

Read More