Tag Archive for: journal

Hackers hit health companies, insurers with increasing regularity – Indianapolis Business Journal

/in


Of all the industries in the country, health care might be the juiciest for cyberhackers. And around central Indiana, institutions large and small are paying the price.

In the past few years, some of the region’s largest health care players—including Indiana University Health, Eskenazi Health and Elevance Health (formerly Anthem Inc.)—have seen patient or customer information compromised by hackers.

So have some of the area’s smaller hospitals, including Hancock Health and Johnson Memorial.

Hospitals, health insurers and medical clinics are loaded with patient and employee data that can be mined for identity and medical theft. Hackers can shut down computer systems for days or weeks, holding hospitals hostage until ransom is paid.

One of the latest attacks became public last month when the Maine Attorney General’s Office disclosed that a software vendor to Indiana University Health and nine other U.S. health systems was attacked.

The vendor, MCG Health, told authorities an “unauthorized party” obtained names, Social Security numbers, medical codes, postal addresses, telephone numbers, email addresses, birthdates and gender information for 1.1 million patients of about 10 hospital clients.

IU Health, the largest hospital system in Indiana, said it notified 60,000 patients about the breach, but declined to reveal details or answer further questions.

“Because this is MCG’s data breach, we recommend you contact them for information. They would have specific details relating to the breach,” IU Health said in a brief statement.

MCG, based in Seattle, did not respond to emails and phone calls from IBJ. Multiple class action lawsuits have been filed against the software company, a subsidiary of Hearst Health, in a federal district court in Washington state. The lawsuits allege negligence, invasion of privacy, breach of confidence and violations of consumer protection laws. IU Health and the other hospital systems were not named as defendants.

Nationally, cybersecurity breaches in the health care sector hit an all-time high in 2021, with nearly half of all hospitals in the country reporting an attack, according to a report from cybersecurity…

Source…

Ransomware on Target for 150% Increase This Year — THE Journal

/in


Data Security

Ransomware on Target for 150% Increase This Year

More bad news on the data security front. Ransomware and fileless
malware are both seeing large surges this year.

According to the newly released Q2
2021 Internet Security Report from WatchGuard Technologies, in
the first six months of 2021, ransomware attacks were already at
nearly the total volume for all of the previous year and are on
target to see a 150% increase by the end of the year. According to
WatchGuard: “While total ransomware detections on the endpoint
were on a downward trajectory from 2018 through 2020, that trend
broke in the first half of 2021, as the six-month total finished just
shy of the full-year total for 2020. If daily ransomware detections
remain flat through the rest of 2021, this year’s volume will reach
an increase of over 150% compared to 2020.”

Fileless malware — malware originating from scripting engines,
such as PowerShell — is increasing at an even greater pace and is
on track to double 2020’s total this year. AMSI.Disable.A is one such
malware type that’s on the rise. According to WatchGuard:
“AMSI.Disable.A showed up in WatchGuard’s top malware section
for the first time in Q1 and immediately shot up for this quarter,
hitting the list at #2 overall by volume and snagging the #1 spot for
overall encrypted threats. This malware family uses PowerShell tools
to exploit various vulnerabilities in Windows. But what makes it
especially interesting is its evasive technique. WatchGuard found
that AMSI.Disable.A wields code capable of disabling the Antimalware
Scan Interface (AMSI) in PowerShell, allowing it to bypass script
security checks with its malware payload undetected.”

Other findings from the report included:

  • A massive 91.5% of all malware arrived over encrypted
    connection. “Put simply, any organization that is not examining
    encrypted HTTPS traffic at the perimeter is missing 9/10 of all
    malware,” according to WatchGuard.

  • Network attacks rose 22% in the quarter, reaching the highest
    level sine…

Source…

South metro Atlanta communities laying foundation to bridge digital divide – The Atlanta Journal Constitution

/in



South metro Atlanta communities laying foundation to bridge digital divide   The Atlanta Journal Constitution

Source…

US needs to boost its cyber security in cyber warfare age » Albuquerque Journal

/in


The Department of Homeland Security has declared the United States has 16 “critical infrastructure sectors.” Translated, that means these enterprises are crucial to a safe and orderly society. The sectors include: food and agriculture, water, medical and health care, energy, transportation, telecommunications, law enforcement and, of course, our defense systems.

With increasing regularity foreign-based cybercriminals are attacking these vital systems and temporarily crippling essential services. Why? Sometimes these keyboard terrorists simply want to create mayhem. More often they are mining for government or corporate secrets, and quite often they seek ransom before they unblock a victim’s disabled computer system.

Item: On June 1, we learned JBS, the world’s largest meat producer, suffered a massive ransomware attack and had to cease operations at 13 U.S. processing plants. There was worry consumers might face a beef, pork and poultry shortage. Thankfully, the company had cybersecurity plans in place, and the shutdown was short.

Item: On May 8, the Colonial Pipeline, a major energy supplier that carries 100 million gallons of gasoline daily to customers between Houston and New York, was paralyzed by a cyberattack. Operators were forced to shut down the entire system to stem the damage. Panicked gas buying resulted. A Bitcoin ransom was paid to restore normalcy. In a rare move the FBI was able to claw back some $2 million of the payout.

……………………………………………………….

Item: In December 2020, Solar Winds, a major U.S. technology firm, was reported to have discovered its system had been infiltrated for months by computer criminals who were after sensitive corporate and government intelligence. The hackers were able to spy on private companies like Microsoft and top officials within the U.S. government including the Treasury Department and, yes, even Homeland Security.

Item: Last October, in the worst days of the pandemic, hospitals across the U.S….

Source…