Ransomware payments are down.

Posted by on May 27, 2022 in Banking, Blog, General, Healthcare | 0 comments

Why that might not be a good thing for Nebraska. Based on a study of thousands of cases that it has worked, incident response firm Coveware has found that the number of firms paying a ransom has dropped from 85% in Q1 2019 to 46% in Q1 2022. When victims do pay a ransom, in Q1 2022, they paid an average of $211,529, down 34% from the previous quarter, Coveware found. It attributes this to fewer victims paying, attackers overall infecting smaller organizations – given the law enforcement fallout they often face after hitting very large...

read more

HHS HC3: Beware of Lapsus$, Email Marketing-Related Threats

Posted by on May 27, 2022 in Blog, Healthcare | 0 comments

Authorities Warn Healthcare, Public Health Sectors of Latest Concerns Federal authorities are warning the healthcare sector of potential threats involving Lapsus$, including those related to the extortion group’s recent hack of identity management vendor Okta. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center, or HC3, in an advisory issued on April 7, warns of attack threats to the sector by Lapsus$. Lapsus$ Threats HC3 warns that hacking group Lapsus$ relies on “bribery and...

read more

Premium Hikes and Vetting Decrease US Cyber Insurance Losses

Posted by on May 27, 2022 in Banking, Blog | 0 comments

Declining Loss Ratios May Allow Insurance Premium Increases to Moderate in Late 2022 An improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might, at last, subside later this year. The loss ratio, simply insurer payouts versus premiums earned, declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing yet again in 2021. The improvement was due to steep premium hikes and a significant increase in vetting. The hope is that these factors...

read more

Large Hacking Incidents Increasing Since February

Posted by on April 8, 2022 in Blog, Healthcare | 0 comments

The number of major health data breaches and the number of individuals posted to the HHS “Wall of Shame” so far in 2022 has surged in recent weeks as reports of large hacking incidents continue to flow into regulators. As of last week, the HIPAA Breach Reporting Tool website shows that 117 breaches affecting about 5.32 million people have been posted in 2022. That’s an increase of nearly 83% in the number of breaches posted on the HHS site for 2022 and about a 72% surge in the number of individuals affected by those incidents since Feb....

read more

U.S. Sanctions Add Layer Of Risk To Ransomware

Posted by on April 8, 2022 in Banking, Blog | 0 comments

Ransomware has been on a dramatic upswing over the last couple of years. The proliferation of Ransomware As A Service (RAAS), the subsequent lowering of barriers for both criminal groups and state actors, as well as the payment of ransoms have helped drive this dramatic increase. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), most ransomware attacks start through phishing, exploitation of remote desktop protocols, or software vulnerabilities. Therefore, increasing security and training in these areas can help...

read more

Cyber Agencies Warn: Ransomware Attacks Are Worse Than Ever

Posted by on March 4, 2022 in Banking, Blog | 0 comments

Memo to businesses: Ransomware attacks are worse than ever, and unless you prepare, don’t be surprised if you or your business is the next victim, warn government cybersecurity czars. Joint advisory cybersecurity authorities in the United States, Australia, and the United Kingdom observed a marked increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally throughout 2021. They expect the increase to continue in 2022. Though efforts are being made to track, combat, and mitigate...

read more

HHS Warns of Threats to Electronic Health Records

Posted by on March 4, 2022 in Blog, Healthcare | 0 comments

Healthcare entities should implement a more “proactive preparedness” approach for protecting their electronic health record/electronic medical record systems. Federal regulators warn that these are an increasingly attractive target for cyberattacks and other breaches. The DHHS Health Sector Cybersecurity Coordination Center, in a threat brief issued Thursday, reinforced that EHRs/EMRs are profitable to cybercriminals. Largely due to the fact that these  records contain more and more valuable information than any other data source,...

read more

Insider Threats are a Quiet Risk in your System

Posted by on February 11, 2022 in Banking, Blog | 0 comments

The Ripple Effects that Extend Outward from a Breach According to the Verizon 2020 Data Breach report, 22% of all security incidents are perpetuated by insiders. In addition, the costs of insider breaches – caused either by human error or bad actors have – risen by 47% over the past two years. As an organization, a certain amount of trust is required to ensure that business runs smoothly. But, given the inherent risks involved, that trust should be limited to guard against breach risk. The threat of sensitive, critical assets getting...

read more

HHS Warns Healthcare Sector of Pysa Ransomware Threats

Posted by on February 11, 2022 in Blog, Healthcare | 0 comments

Alert Comes as Health Entities Globally Continue Battling Cyberattacks, Fallout The U.S. Department of Health and Human Services has posted a warning to the healthcare sector about increasing threats involving Pysa ransomware and the cybercriminal gang Mespinoza — also known as Gold Burlap and Cyborg Spider — which operates the malware variant. In an alert, the DHHS Health Sector Cybersecurity Coordination Center, or HC3, warns that since 2018, the cybercrime group Mespinoza has had a history of targeting healthcare and continues to develop...

read more

Worrying Trends in Cyber Insurance

Posted by on February 11, 2022 in Banking, Blog, General, Healthcare | 0 comments

There are several trends emerging in the cyber insurance industry that are worrying for mid-size and local entities. These trends are largely a response to the havoc ransomware has caused across industries in the last 18 months. The emerging trends can be summed up as: Prices are increasing, in many cases in the range of 2x-4x Renewal and acceptance rates for policies are going down, in many cases, by 40%-60% compared to previous years Entities seeking cyber insurance are receiving more scrutiny The first two trends on that list are pretty...

read more