Resources

Resources

Large Hacking Incidents Increasing Since February

Posted by on April 8, 2022 in Blog, Healthcare | 0 comments

The number of major health data breaches and the number of individuals posted to the HHS “Wall of Shame” so far in 2022 has surged in recent weeks as reports of large hacking incidents continue to flow into regulators. As of last week, the HIPAA Breach Reporting Tool website shows that 117 breaches affecting about 5.32 million people have been posted in 2022. That’s an increase of nearly 83% in the number of breaches posted on the HHS site for 2022 and about a 72% surge in the number of individuals affected by those incidents since Feb....

read more

U.S. Sanctions Add Layer Of Risk To Ransomware

Posted by on April 8, 2022 in Banking, Blog | 0 comments

Ransomware has been on a dramatic upswing over the last couple of years. The proliferation of Ransomware As A Service (RAAS), the subsequent lowering of barriers for both criminal groups and state actors, as well as the payment of ransoms have helped drive this dramatic increase. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), most ransomware attacks start through phishing, exploitation of remote desktop protocols, or software vulnerabilities. Therefore, increasing security and training in these areas can help...

read more

Cyber Agencies Warn: Ransomware Attacks Are Worse Than Ever

Posted by on March 4, 2022 in Banking, Blog | 0 comments

Memo to businesses: Ransomware attacks are worse than ever, and unless you prepare, don’t be surprised if you or your business is the next victim, warn government cybersecurity czars. Joint advisory cybersecurity authorities in the United States, Australia, and the United Kingdom observed a marked increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally throughout 2021. They expect the increase to continue in 2022. Though efforts are being made to track, combat, and mitigate...

read more

HHS Warns of Threats to Electronic Health Records

Posted by on March 4, 2022 in Blog, Healthcare | 0 comments

Healthcare entities should implement a more “proactive preparedness” approach for protecting their electronic health record/electronic medical record systems. Federal regulators warn that these are an increasingly attractive target for cyberattacks and other breaches. The DHHS Health Sector Cybersecurity Coordination Center, in a threat brief issued Thursday, reinforced that EHRs/EMRs are profitable to cybercriminals. Largely due to the fact that these  records contain more and more valuable information than any other data source,...

read more

Insider Threats are a Quiet Risk in your System

Posted by on February 11, 2022 in Banking, Blog | 0 comments

The Ripple Effects that Extend Outward from a Breach According to the Verizon 2020 Data Breach report, 22% of all security incidents are perpetuated by insiders. In addition, the costs of insider breaches – caused either by human error or bad actors have – risen by 47% over the past two years. As an organization, a certain amount of trust is required to ensure that business runs smoothly. But, given the inherent risks involved, that trust should be limited to guard against breach risk. The threat of sensitive, critical assets getting...

read more

HHS Warns Healthcare Sector of Pysa Ransomware Threats

Posted by on February 11, 2022 in Blog, Healthcare | 0 comments

Alert Comes as Health Entities Globally Continue Battling Cyberattacks, Fallout The U.S. Department of Health and Human Services has posted a warning to the healthcare sector about increasing threats involving Pysa ransomware and the cybercriminal gang Mespinoza — also known as Gold Burlap and Cyborg Spider — which operates the malware variant. In an alert, the DHHS Health Sector Cybersecurity Coordination Center, or HC3, warns that since 2018, the cybercrime group Mespinoza has had a history of targeting healthcare and continues to develop...

read more

Worrying Trends in Cyber Insurance

Posted by on February 11, 2022 in Banking, Blog, General, Healthcare | 0 comments

There are several trends emerging in the cyber insurance industry that are worrying for mid-size and local entities. These trends are largely a response to the havoc ransomware has caused across industries in the last 18 months. The emerging trends can be summed up as: Prices are increasing, in many cases in the range of 2x-4x Renewal and acceptance rates for policies are going down, in many cases, by 40%-60% compared to previous years Entities seeking cyber insurance are receiving more scrutiny The first two trends on that list are pretty...

read more

Former Company Executive Causes Breach Affecting Nearly 38,000

Posted by on February 11, 2022 in Blog, Healthcare | 0 comments

A recent breach affecting 37,636 individuals has been attributed to a terminated company executive. The information in the file included name, age, sex, race, county and state of residence, and zip code, as well as Medicare beneficiary information, such as Medicare eligibility period, spend information, and hierarchical condition category risk score. This breach highlights some of the top security and privacy challenges covered entities and business associates face with insiders. Texas-based accountable care organization Premier Patient...

read more

Fox Kitten Strikes Again?

Posted by on February 11, 2022 in Banking, Blog, General, Healthcare | 0 comments

Law enforcement and intelligence agencies in the U.S, the U.K. and Australia have issued a joint advisory on unidentified Iran government-backed advanced persistent threat (APT) actors exploiting Fortinet and Microsoft Exchange ProxyShell vulnerabilities to attack organizations in their respective countries. Attributing the attacks to a specific APT group is inherently challenging, but a senior cyber threat intelligence analyst has pointed out that Iran-based Fox Kitten APT group has exploited vulnerabilities like this in the past. The APT...

read more

FBI Warning Issued About Hive Ransomware

Posted by on October 1, 2021 in Banking, Blog, Healthcare | 0 comments

The FBI has issued a warning about Hive ransomware after the crime group took down IT systems at Memorial Health System in Ohio The alert details indicators of compromise and tactics, techniques and procedures—or TTPs—associated with ransomware attacks by the apparent ransomware-as-a-service operation. The full release can be found here:  https://www.ic3.gov/Media/News/2021/210825.pdf In addition to the details of the attack, the FBI has issued a list of mitigations for any victims of a Hive ransomware attack. Per the FBI release: If your...

read more