Worrying Trends in Cyber Insurance
There are several trends emerging in the cyber insurance industry that are worrying for mid-size and local entities. These trends are largely a response to the havoc ransomware has caused across industries in the last 18 months. The emerging trends can be summed up as: Prices are increasing, in many cases in the range of 2x-4x Renewal and acceptance rates for policies are going down, in many cases, by 40%-60% compared to previous years Entities seeking cyber insurance are receiving more scrutiny The first two trends on that list are pretty...
read moreFormer Company Executive Causes Breach Affecting Nearly 38,000
A recent breach affecting 37,636 individuals has been attributed to a terminated company executive. The information in the file included name, age, sex, race, county and state of residence, and zip code, as well as Medicare beneficiary information, such as Medicare eligibility period, spend information, and hierarchical condition category risk score. This breach highlights some of the top security and privacy challenges covered entities and business associates face with insiders. Texas-based accountable care organization Premier Patient...
read moreFox Kitten Strikes Again?
Law enforcement and intelligence agencies in the U.S, the U.K. and Australia have issued a joint advisory on unidentified Iran government-backed advanced persistent threat (APT) actors exploiting Fortinet and Microsoft Exchange ProxyShell vulnerabilities to attack organizations in their respective countries. Attributing the attacks to a specific APT group is inherently challenging, but a senior cyber threat intelligence analyst has pointed out that Iran-based Fox Kitten APT group has exploited vulnerabilities like this in the past. The APT...
read moreFBI Warning Issued About Hive Ransomware
The FBI has issued a warning about Hive ransomware after the crime group took down IT systems at Memorial Health System in Ohio The alert details indicators of compromise and tactics, techniques and procedures—or TTPs—associated with ransomware attacks by the apparent ransomware-as-a-service operation. The full release can be found here: https://www.ic3.gov/Media/News/2021/210825.pdf In addition to the details of the attack, the FBI has issued a list of mitigations for any victims of a Hive ransomware attack. Per the FBI release: If your...
read moreAlleged HVAC Hack Shines Spotlight on OT Risks to Healthcare
ENE Systems hack said to affect 3 Boston Hospitals A hacking incident that reportedly targeted a Massachusetts-based ENE Systems that provides HVAC systems to several Boston-area hospitals and others shines a spotlight on the growing cybersecurity risks involving IoT devices and OT equipment. Call to Action Perhaps the most high-profile incident involving an HVAC hack was the 2013 Target breach. It resulted in 41 million customers’ payment card details being compromised and contact information for more than 60 million...
read moreHealth Data Breach Trends
Ransomware Attacks, Vendor Incidents Continue to Dominate So far in 2021, some 383 health data breaches affecting more than 27 million individuals have been added to the HHS wall of shame. That includes 131 breaches affecting nearly 10 million since the end of May. Of the 2021 breaches, the vast majority — 283 breaches affecting 26.1 million individuals — were reported as involving hacking/IT incidents. Largest Breaches of 2021 Florida Healthy Kids Corp. — 3.5 million 20/20 Eye Care Network — 3.3 million Forefront Dermatology, S.C. — 2.4...
read moreKaseya Breach Points to Risks in VSA/MSP Systems
Over the last week, more than a thousand companies, many of them small businesses, were dealing with the fallout from the Kaseya mass ransomware incident. In the wake of the devastating compromise of Kaseya’s popular IT management tool, researchers and security professionals are warning that the debacle isn’t a one-off event but part of a larger trend. Hackers are increasingly targeting the entire class of tools that administrators use to remotely manage IT systems because they give them the ability to access everything in a...
read moreNebraska Medicine Data Breach Lawsuit Has Proposed Settlement
Complaint Alleged Multiple Security ‘Failures’ Leading to 2020 Cyberattack A federal court has approved a proposed settlement in a class-action lawsuit filed in February against Nebraska Medicine. This is in the wake of a 2020 malware attack and exfiltration of sensitive personal data and medical records of tens of thousands of individuals. The costs of the proposed settlement could exceed $37 million in patient reimbursements. Out of the nearly 216,500 individuals affected by the breach, roughly 126,000 are eligible for...
read moreHow ‘SEO Poisoning’ Is Used to Deploy Malware
Criminals targeting business people with malware-laden documents SolarMarker backdoor malware operators are using “SEO poisoning” techniques to deploy the remote access Trojan to steal sensitive information, Microsoft reports. SEO poisoning attacks use PDFs stuffed with links to malware that is used to steal data and credentials from browsers. Attack Analysis In April, cybersecurity firm eSentire found that hackers had flooded the web with 100,000 malicious pages that promised professionals free business forms but were actually...
read moreRansomware Continues to Cause Disruptions
Oil pipelines and Apple among most recent targets Seemingly every week, there’s a new disruption caused by ransomware. Some of them are more noteworthy than others, with the recent pipeline disruption getting the most coverage followed by a $50M ransom demanded from Apple a few weeks ago. It’s all part of a trend of escalating criminal activity centered around ransomware. Trends While the high-profile demands and disruptions are generating headlines, the fact is ransomware attacks have been proliferating with increasingly large demands....
read more