Posts Tagged computer

Cyber Security:  Five Common Phish Attack Schemes

Cyber Security:  Five Common Phish Attack Schemes

Hackers only need you, that’s right just you. They are sneaky and know the general population is busy and doesn’t pay close attention to the emails they receive. Hackers know people are comfortable in their daily habits. They exploit this behavior by creating email scenarios designed to encourage a click. They need just one person to click just one time to infect their computer with malware that grants them access to the information they need to launch a more sinister attack.

“Phishing attacks are by far the most common cyber attack today, and these attacks continue to get more and more sophisticated.  Gone are the days of the ‘dear sir’ attack-now we have to worry if an email appearing to be directly from a co-worker is actually from them,” said Steven Hines, president of Threat Advice.

Because hackers are continually changing their tactics, clicking on a nefarious email or link leading to a cyber attack can happen to anyone. Recognizing the threat before it turns into a disaster is just one way we each can be more prepared. The following are five ways hackers are currently trying to access your business and personal information:

  1. Look but don’t click. If the email address or the attachment name seems “phishy,” it probably is. Are there spelling or grammatical mistakes? Companies with professional staff are not going to make these types of mistakes.
  2. Analyze the salutation and signature closely. Most legitimate businesses will use your name rather than a generic greeting like “Dear customer.” The business should provide ways to contact them in the signature. If that’s not provided, it could be a phishing attempt.
  3. Know your brands. Hackers will spoof your favorite brands and make their emails look enough like the actual brand to fool you. Is the logo color wrong? Are there additional words in the brand name? Did you sign up to receive emails from them? Don’t click any links before you examine the email to confirm the sender.
  4. Urgent or Threating – No one likes a bully. A common phishing technique is to use harassing or threating language in the subject line or email content or to create a sense of urgency to handle a fake problem. Most legitimate banks, utilities/municipalities and businesses will not ask you to provide your private information via email nor threaten you in an email.
  5. What grandma said…“If it’s too good to be true, it probably is!” Hackers will continue to send phishing emails promising riches and prosperity if you only send your social security and bank information. Why? Because unfortunately, people still take the bait.

Article contributed by Cobbs Allen. Cobbs Allen is an official Gold Partner with the Medical Association. For more information about cyber liability insurance and how it protects your business, contact Margaret Ann Pyburn.

Posted in: MVP

Leave a Comment (0) →

Don’t Fall Victim to Cyber-Security Disasters

Don’t Fall Victim to Cyber-Security Disasters

Editor’s Note: This article was originally published in the 2015 Fall Issue of Alabama Medicine magazine

Every day, it seems the news is filled with more and more reports of cyber-security attacks. Unfortunately, the health care community is considered a prime target for those individuals who would seek to gain access to confidential information.

Did you know that stolen medical records can be valued at up to 10 or 20 times that of a credit card number?1 Compounding this is the ever-growing reliance within the medical community upon electronic and digital systems to capture patient data and deliver medical care. So how can health care providers protect themselves from being the victim of a cyber-security incident?

Assess and Manage Your Risk

Medical providers should have a comprehensive knowledge of where their critical information resides, and of any and all vulnerabilities related to the storage and transmission of the data. To ensure that those in the medical community recognize the threat(s) to confidential information, the United States Department of Health and Human Services mandated within the HIPAA Security Rule that all covered entities conduct a thorough risk analysis to identify all potential vulnerabilities as well as determine the probability and magnitude of a possible security event.2

While a risk assessment should be a formal exercise in which all facets of information security are reviewed and vetted for adequacy, the provider should also establish and maintain a strategy for risk management. This involves implementing proper safeguards to secure information as well as communicating and educating personnel throughout the organization on the policies and procedures which continually mitigate risk. By creating and cultivating a culture of compliance, one can significantly reduce the chance of exposing a vulnerability that could lead to unauthorized access.

Increase Detection Capabilities

Recent cyberattacks in the health care community have exposed a very dangerous trend: Many times, hackers have accessed and begun harvesting data several weeks or even months prior to being detected.3 It is no longer sufficient for medical providers to consider security safeguards, such as firewalls and anti-virus software applications as “set-it-and-forget-it” mechanisms. Solutions should be implemented to enable the monitoring and detection of breaches that could trigger proper incident response processes quickly and efficiently.

Health care organizations should consider investing in Next-Generation Firewalls. These security devices provide more than just network filtering – they typically offer advanced security features, such as deep packet inspection (where each specific data part that passes through is examined for viruses or other types of malicious software) as well as intrusion prevention systems that monitor network traffic for malicious activity and are configured to actively prevent or block such attempts once detected.In addition to these technologies, other applications, such as Security Information and Event Management Systems, allow for real-time analysis and monitoring of systems. These solutions can be configured to alert the proper personnel in the event of a suspicious activity (e.g., multiple failed system logins) and allows for the organization to establish a proactive stance against unauthorized access to critical systems.

In addition to these technologies, other applications, such as Security Information and Event Management Systems, allow for real-time analysis and monitoring of systems. These solutions can be configured to alert the proper personnel in the event of a suspicious activity (e.g., multiple failed system logins) and allows for the organization to establish a proactive stance against unauthorized access to critical systems.

Protect and Secure Mobile Devices

According to the 2014 SANS Health Care Cyber-Security Survey, 52 percent of respondents allow access to health record information via mobile devices. Another 30 percent indicated that sensitive data was being included in instant messaging applications.4 As mobile device usage continues to grow, it becomes more and more important for healthcare providers to implement a mobile device management policy to address and minimize the threat of these devices causing a security incident.Specific to the mobile device itself, all providers should ensure that both authentication (via password or PIN code) and encryption are enabled on all devices. Furthermore, public Wi-Fi networks should not be used in situations where health information will be transmitted. Secure, encrypted connections, such as SSL VPN should be established when accessing corporate resources remotely. Providers should also implement technologies that can remotely wipe or disable mobile devices that are lost or stolen.

Specific to the mobile device itself, all providers should ensure that both authentication (via password or PIN code) and encryption are enabled on all devices. Furthermore, public Wi-Fi networks should not be used in situations where health information will be transmitted. Secure, encrypted connections, such as SSL VPN should be established when accessing corporate resources remotely. Providers should also implement technologies that can remotely wipe or disable mobile devices that are lost or stolen.As much as one can try to protect and mitigate risk related to the mobile device itself, the user of the device can still pose a significant liability. In addition to addressing the physical device, organizations should also invest in continuing education and training for users, as well as maintain strict policy and procedures related to the use of the device in providing medical care.

As much as one can try to protect and mitigate risk related to the mobile device itself, the user of the device can still pose a significant liability. In addition to addressing the physical device, organizations should also invest in continuing education and training for users, as well as maintain strict policy and procedures related to the use of the device in providing medical care.

Looking Ahead

The SANS report data shows that the health care industry is slowly starting to make strides and improve when it comes to protecting critical data from attack. However, it has become clear that not only are the hackers getting smarter, but their overall activity and attempts to infiltrate and mine confidential information continue to increase significantly.5 A 2014 report in United States Cyber Security Magazine indicated that the health care industry was the target of more cybercrime incidents than any other market, and this trend is likely to continue as hackers start to realize the value of medical information.6

Health care organizations will need to continue to thoroughly examine and assess the ways in which they are protecting themselves from attack. Analysis will need to be conducted internally and externally, as associated organizations such as payers, insurers, and other entities within community health care networks will be responsible to each other for protection of medical information. By effectively assessing and managing risk and building a risk framework that addresses all areas of critical data, medical providers can take significant steps towards minimizing the likelihood of a cybersecurity attack.

Sources

  1. http://www.reuters.com/article/2014/09/24/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924
  2. http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf
  3. http://krebsonsecurity.com/2015/02/anthem-breach-may-have-started-in-april-2014/
  4. https://www.sans.org/reading-room/whitepapers/analyst/threats-drive-improved-practices-state-cybersecurity-health-care-organizations-35652
  5. http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf
  6. http://www.uscybersecurity.net/Pages/online_magazine.html

The information in this article is not intended as tax or legal advice. Please consult your tax advisor for specific information regarding your individual situation.

Contbronzemvpributed by Nic Cofield, Jackson Thornton Technologies Consultant. Jackson Thornton is a Certified Public Accounting and Consulting Firm and an official partner with the Medical Association.

Posted in: Management

Leave a Comment (0) →