Phishing with Ransomware – Don’t take the bait!

Phishing is a hacking technique that uses phony emails to trick users into revealing sensitive account information (e.g., account password) and/or installing malicious software (“malware”). With ransomware hogging the headlines, non-technical staff may have gotten the impression that the phishing threat is over. News flash – 97% of phishing messages now act as carriers for ransomware!  (Barkly Stats & Trends) Aaghh! So now, it’s more important than ever that staff be trained to anticipa ...

Closing the Cybersecurity Gap

As we hear more and more about breaches and ransomware in businesses and especially healthcare, it is becoming an even greater concern for healthcare business owners. It is no longer if you will be attacked, but when and how often. The first step in closing the cybersecurity gap is to realize that you can't do it on your own. Cybersecurity is not finding your basic "IT guy" that "can fix it". It is about obtaining the right resource whether that is a full time hire or a managed service. The next thin ...

What to do if you are a Ransomware victim – latest guidance from HHS

In an earlier post, Clint Eschberger explained that the Best Defense Against Ransomware is a Good Backup. So hopefully your backups are in order - multiple, off-site, and tested. In addition to your internal processes for getting your organization back online, the HHS just issued the following guidance for reporting ransomware incidents and obtaining guidance. If  your organization is the victim of a ransomware attack, HHS recommends the following steps: Please contact your FBI Field Office ...

The greatest threat comes from within

Sometimes it is easy to forget that the greatest threat is from within. In today’s focus on cyber-security world, we tend to focus on keeping people out of our network as a primary method to keep our sensitive data, such as ePHI, safe. While that is incredibly important, we should make sure not to overlook the threat posed by those we do grant access. How much of a threat is it? Well, roughly half of all attacks originate from inside the company - and not all are with malicious intent. Part of the prob ...

Cybersecurity: Make It Your Top Priority for 2017

Cesar Cerrudo wrote a great article, Why Cybersecurity Should Be The Biggest Concern Of 2017, that everyone who owns any connected device should read.  As our Chief Compliance Officer, Ed Jones, keeps stating, it is the "Internet of Threats".  Steve Sarnecki wrote a good article, The Internet of Things or the Internet of  Threats?, discussing the value of the IoThings and the threats of IoThreats. Everyone needs to take a few minutes to read about the IoT and Cybersecurity, then invest the time to m ...

Why Physicians should never use public Wi-Fi

We all enjoy the convenience of being somewhere, like a coffee shop, airport, hotel room, or lobby of a building waiting, and hopping on the free Wi-Fi to catch up on some work. Unfortunately, all healthcare workers should avoid free Wi-Fi at all costs.  It is very important to realize that if you can access the free Wi-Fi, so can anyone else. They can even leave devices behind that stay on the Wi-Fi, breach other systems and transmit the data back to their "home" base.  If you share a local Wi-Fi net ...

Experian predicts more pain and suffering for healthcare industry

Experian released their fourth annual 2017 DATA BREACH INDUSTRY FORECAST. It covers several industry specific predictions, including Healthcare.  If you haven't heard, healthcare is under attack and it's going to be full on war in 2017.  The cyber attackers are expected to re-invest funds to create more sophisticated software and better targeting of data to steal. A few points made in the report: Protected Healthcare Information (PHI) or patient records are one of the most valuable sources of data ...

Drug Lords versus Cyber Criminals

While sipping my morning coffee and watching the news, CBS reported that the cyber crime industry annual revenues now exceed that of the illicit drug industry.  The estimate provided was ONE TRILLION dollars! Wow! I don’t get to use the “trillion” number very often in my work.  In fact, I don’t ever remember using it before, but we are a small business.  The drug lords (even their nick name means rich) seem to have an endless supply of money.  These guys can afford to fabricate a fleet of ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

1 2 3