Closing the Cybersecurity Gap

As we hear more and more about breaches and ransomware in businesses and especially healthcare, it is becoming an even greater concern for healthcare business owners. It is no longer if you will be attacked, but when and how often. The first step in closing the cybersecurity gap is to realize that you can't do it on your own. Cybersecurity is not finding your basic "IT guy" that "can fix it". It is about obtaining the right resource whether that is a full time hire or a managed service. The next thin ...

Security Alert: Google Email Attack

Google is investigating a large-scale phishing attack involving malware that is currently spreading among users of its Gmail service. You will see a message similar to the one below! The message sent to Gmail users includes an invitation to view a shared Google Docs document. However the link leads to a self-propagating internet worm. DO NOT CLICK IT! Users are asked to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authenticatio ...

Protect your patients, protect your practice, protect yourself.

The healthcare industry is beginning to realize that HIPAA is here to stay and they are probably going to be audited sooner or later.  What physicians and all healthcare providers need to understand is that if you don't protect your patients' PHI/ePHI the following can happen to your patients as a result of their identity being stolen and used. NOT Protecting Your Patients' (PHI/ePHI): You can cause them financial difficulties or even financial ruin. You can cause them undue stress, even a str ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign. The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

Healthcare entity leaves its patients exposed after breach

  Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Focus on Security: Top Ten Tips for Cyber-Security for Small Businesses

I know it's getting old and boring, but cyber-criminals are focused on PHI, which means we, in healthcare, need to take action to protect it. The SBA has a helpful list of cyber-security tips posted on their web site.  It's a great starting point to harden your defenses and defend against the highly likely cyber-breach.  Here's a summary of what's covered. Protect against viruses, spyware, and other malicious code Secure your networks Establish security practices and policies to protect ...

HHS Releases New Guidance on Ransomware

One of the top newsmakers of 2016 has been ransomware.  During the first half of this year, ransomware grew 300% to 4,000 daily attacks! But several high profile attacks of hospitals really put it in the spotlight.  Although it has been around for several decades, in the past 4 years, Russian groups have further developed its capabilities and propagated its use worldwide. The dark web or darknet also significantly contributed to the increase in ransomware attacks due to its black market for such products. ...

Focus on Security: It’s going to take more resources

No one wants to spend money for something they don't want or need.  Many companies, including the healthcare industry, try to squeeze IT when it comes to the budget.  But what most CFO's and executives that control the IT budget need to understand is, they have become a digital business, at least in the back office. Everything is now done on the computer.  Therefore, there must be an increase in resources to keep the computers up-to-date, secure and operating at acceptable levels. With cyber criminals ...

Your iPhone Is a Target for Criminals

Check Point Software released their April 2016 Threat Index revealing what we all know; cyber-threats are rising at alarming rates.  The report shows Apple's iOS devices are under heavier attack than reported in previous reports. Over 2,000 unique malware families were identified by Check Point during April, which they state is a 50 percent increase over March, and you thought rabbits multiplied rapidly!  The iOS issue comes from the fact they found XcodGhost had moved into the top three most common mobi ...

Primary Cyber Security Threats

We're often asked "How likely is it that we will be audited by the government (OCR) for HIPAA compliance?"  Our response is "It's highly unlikely to be selected to be audited by the OCR".  We immediately follow up with, "However, it's highly likely you will have a breach of PHI or ePHI, which will then trigger an audit by the OCR, and 15,000 audits were started because of someone reporting a practice to the OCR, either a patient, employee, or business associate."  Therefore, take steps to Protect you ...

1 2