Security Alert: Google Email Attack

Google is investigating a large-scale phishing attack involving malware that is currently spreading among users of its Gmail service. You will see a message similar to the one below!The message sent to Gmail users includes an invitation to view a shared Google Docs document.However the link leads to a self-propagating internet worm. DO NOT CLICK IT!Users are asked to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authenticatio ...

Cybersecurity: Make It Your Top Priority for 2017

Cesar Cerrudo wrote a great article, Why Cybersecurity Should Be The Biggest Concern Of 2017, that everyone who owns any connected device should read.  As our Chief Compliance Officer, Ed Jones, keeps stating, it is the "Internet of Threats".  Steve Sarnecki wrote a good article, The Internet of Things or the Internet of  Threats?, discussing the value of the IoThings and the threats of IoThreats.Everyone needs to take a few minutes to read about the IoT and Cybersecurity, then invest the time to m ...

Focus on Technology: Change Your Router Passwords!

One of the most common services in healthcare is the connection to the internet. With all the focus on security and cyber breaches, one of the most vulnerable pieces on your connection to the internet is what is called the router / gateway. The router / gateway connects your computers and devices to the public internet and in many cases provides the initial security or barrier through the use of a built-in firewall.The problem is, that while this is the door, the gateway to the internet, it is a two way ...

Why Physicians should never use public Wi-Fi

We all enjoy the convenience of being somewhere, like a coffee shop, airport, hotel room, or lobby of a building waiting, and hopping on the free Wi-Fi to catch up on some work. Unfortunately, all healthcare workers should avoid free Wi-Fi at all costs.  It is very important to realize that if you can access the free Wi-Fi, so can anyone else. They can even leave devices behind that stay on the Wi-Fi, breach other systems and transmit the data back to their "home" base.  If you share a local Wi-Fi net ...

Experian predicts more pain and suffering for healthcare industry

Experian released their fourth annual 2017 DATA BREACH INDUSTRY FORECAST. It covers several industry specific predictions, including Healthcare.  If you haven't heard, healthcare is under attack and it's going to be full on war in 2017.  The cyber attackers are expected to re-invest funds to create more sophisticated software and better targeting of data to steal. A few points made in the report:Protected Healthcare Information (PHI) or patient records are one of the most valuable sources of data ...

Healthcare under attack by new strain of ransomware

FireEye Labs has identified massive email campaigns by cyber-criminals during Aug, 2016 containing the Locky ransomware embedded in DOCM attachments.  DOCM is Open XML Macro-Enabled Document file used in Microsoft Word.  Which means the file contains a macro which MS Word will execute when you open the file in MS Word.  Healthcare is the leading industry targeted by the campaign.The healthcare industry is now the "industry of choice" by cyber-criminals since Protected Health Information (PHI/ePHI) i ...

Healthcare entity leaves its patients exposed after breach

 Athens Orthopedic Clinic (AOC) in Georgia, suffered a cyber-attack in June of 2016 that impacted roughly 200,000 patients.  If that's not bad enough, AOC is not able to pay for extended credit monitoring for its victims.  The healthcare industry, including small, single doctor practices, needs to sit up and take notice. Cyber criminals are at your back door, front door and trying to crawl through your networks.  You need to take action to Defend, Detect, and Defeat cyber breaches from steal ...

Focus on Security: Top Ten Tips for Cyber-Security for Small Businesses

I know it's getting old and boring, but cyber-criminals are focused on PHI, which means we, in healthcare, need to take action to protect it.The SBA has a helpful list of cyber-security tips posted on their web site.  It's a great starting point to harden your defenses and defend against the highly likely cyber-breach.  Here's a summary of what's covered.Protect against viruses, spyware, and other malicious code Secure your networks Establish security practices and policies to protect ...

Focus on Security: It’s going to take more resources

No one wants to spend money for something they don't want or need.  Many companies, including the healthcare industry, try to squeeze IT when it comes to the budget.  But what most CFO's and executives that control the IT budget need to understand is, they have become a digital business, at least in the back office. Everything is now done on the computer.  Therefore, there must be an increase in resources to keep the computers up-to-date, secure and operating at acceptable levels.With cyber criminals ...

The Big Boys’ 2016 Cyber Security Reports

The "big boys" in cyber security have released their annual Cyber-Security reports, ugh or UGH.  Cyber security is so important now that some companies have jumped into the mix of providing a report.  AT&T released their first cyber-security report this year. Forbes has a great article by Steve Morgan, outlining all of the reports and providing links to download all of them.  I'll try to sum them all up in a short list here.  But, check Mr. Morgan's article out for more in-depth summaries and links ...

1 2