Throughout the nation, hospitals and other medical institutions are under cyberattack; in fact, the threat has reached the level that the Joint Cybersecurity Advisory released a press release warning of ransomware attacks. Travis County's Central Health is the latest victim of this unsettling trend. However, they won't be the last; learn how to protect your organization.
Early in December, Central Health (Travis County's public health district) was the victim of a data breach. While the details regarding the breach are still being investigated, we know that the attack on Central Health is part of a darkly calculating pattern of attacks in which medical organizations are being targeted, usually by ransomware.
Recently, the Joint Cybersecurity Advisory consisting of the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS), together issued a warning to Healthcare and Public Health Sectors. Created to inform healthcare professionals of the increasingly aggressive attacks by cyberhackers, the notice also provided a blueprint to help healthcare organizations protect their systems from ransomware attacks.
As noted, Central Health hasn't released much information as to the nature of the attack. However, it is most likely the breach was part of a larger plan to gain access to the database, encrypt it, and hold it for ransom. This has been a pretty common play by cybercriminals targeting healthcare, especially since the start of the pandemic. Fortunately, the Central Health Technology team was able to resist the attack.
The question is, would your organization be able to do so?
It's understandable that since you're not a medical facility, incidents like this aren't critical to you, and you're wondering why you should be concerned about it. You may even believe since you're a small or medium-sized business, cybercriminals wouldn't be targeting you. Such a belief can be fatal to your business, as doing so could leave your business unprepared. Being lax makes you the type of target cybercriminals are on the prowl for.
Smaller businesses are more likely to have fewer defenses, and just as likely as larger organizations to pay the cybercriminals to remove their ransomware. In the eyes of a hacker, smaller businesses are a profitable target.
Social engineering is a tactic used by cybercriminals to gain the confidence of your team. Social engineering is particularly effective during challenging times like these. The reason is your team understands how many people are having issues and, in attempting to help them, may break security protocol.
Social engineering tactics may present themselves as calls or emails for contact information or even personal information about the decision-makers on your team or organizations you're connected to. Once they have this sensitive information, the cybercriminal will go to the next step, a phishing attempt.
These highly targeted phishing attempts are successful because they present the target with an email or message that seems very authentic. The emails use recognizable information that they acquired via the previous social engineering hack. By adding authentic-looking information into their email, team members are more likely to click on it or even provide the information requested.
Here’s a perfect example: A cybercriminal could look up the CEO’s profile on LinkedIn, and see what kind of associations he or she has. The bad actor could then email a particular user in the HR or accounting department, and spoof the email to look like the CEO’s. That email could have an urgent message like “quick, mail 5 $100 gift cards over to this PO box” or “need a big favor, transfer $1200 to this account, will explain later, in a call right now.” The urgency and authenticity of the email is enough to lower the recipient’s defenses.
As we noted earlier, cybercriminals' most common method to gain access to systems to plant their ransomware is via phishing attacks. They wouldn't use this method unless it had a high success rate, which, unfortunately, as we see from the increase in attacks, they do.
Cybercriminals are using phishing and social engineering tactics to attack your business because most technology is designed to resist them. A correctly implemented network security solution with a content filter and spam protection, individually or in an all-inclusive device like a UTM, will go a long way to keeping your system secure. Hackers know this, and instead of attacking your technology, they will target your weakest link, your team members.
While your team is your greatest resource, people make mistakes. It is this inevitability of human error which cybercriminals count on, and they are rarely disappointed. The most effective way to protect your data is to enlist your team as part of your cybersecurity force, and that is by giving them the tools they need to recognize a cyberattack. Your training should consist of:
Don't assume that because you haven't faced a data breach, you won't. Now is the time to get a cybersecurity plan in place. Capstone Works has a wide range of services and solutions that will help your business remain secure, support your customers, and grow its operations. One of the most important steps you can enact to protect your business is investing in a BDR (Backup and disaster recovery) plan. Call (512) 343-8891 today to schedule an appointment and learn which service is right for your goals.
About the author
Capstone Works, Inc. has been serving the Cedar Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Comments
Learn more about what Capstone Works can do for your business.
715 Discovery Blvd
Suite 511
Cedar Park, Texas 78613