3 cyber storiesWith the national crisis still in play, cybersecurity is essential to operating businesses which are now online more than ever before. Small businesses without any apps before are going online to survive. Telehealth, remote learning, telework are all standard right now.  With so much going on we are trying to keep our eye on cyber stories to prepare ourselves and our clients for what is happening out there.  Today let’s discuss 3 cyber stories we are watching right now.

A 5 star review is all we ask from our listeners.
1x
0:00
...
Free HIPAA Training
Subscribe to the weekly email update from HMWH

I have read and agreed to your Privacy Policy.

In this episode:

3 Cyber stories we are watching – Ep 250

The HIPAA Boot Camp

2020 Session Dates

August 18, 19, 20

Tucker, GA

2020 Fall Session Dates

Sept 15, 16, 17

San Pedro, CA

For info go to TheHIPAABootCamp.com

Registration Form

 

Share Help Me With HIPAA with one other person this week!

 

Thanks to our donors.  We appreciate your support!

 If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com.

Yep, San Pedro is our kind of place.  As my friend’s sign says: in the South we don’t hide our crazy, we bring it out on the front porch and serve cocktails.

Train Operator at Port of Los Angeles Charged with Derailing Locomotive Near U.S. Navy’s Hospital Ship Mercy

Eduardo Moreno: 5 Fast Facts You Need to Know

Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA

A question came that is interesting in this whole COV thing.

Last week, 2 of our providers were exposed to the Covid-19 virus and took the test and self quarantined.

We had to reschedule their patients and we told the patients that they were quarantined due to an exposure to the virus. We gave no other details.

Is this a HIPAA violation?  I said no but our owner and another provider said it was definitely a HIPAA violation.

Who is correct?

This is fact specific as most HIPAA questions.  Who is treating the providers?  If you are treating the providers then you are responsible for meeting HIPAA obligations for their care.

3 Cyber stories we are watching

Products like Zoom have become household names overnight it seems during this pandemic.  We have been using it for years but apparently this national stay-at-home month has made it explode.  That is both good and bad.  We have a couple of topics on Zoom to cover plus some news on the scams we see and some interesting findings from a FireEye ransomware study.

Zoom

“Zoombombing” adds more Zoom privacy and security issues.

Automated tool can find 100 Zoom meeting IDs per hour

Zoom CEO apologizes for having ‘fallen short’ on privacy and security

Use Zoom? These 5 safety tips can keep the ‘Zoombombing’ hackers away

  1. Be wary of links
  2. Adjust the screen share options immediately
  3. Use Waiting Rooms
  4. Create a webinar instead of a meeting
  5. Remember that everything is being recorded

Scams and Attacks

Plenty of COVID phishing happening

Coronavirus Scams: What the FTC is doing

Top Email Protections Fail in Latest COVID-19 Phishing Campaign

FBI: Cybercrime Gang Mailing ‘BadUSB’ Devices to Targets – Malicious USB Devices Accompanied by Fake Gift Cards to Entice Would-Be Victims

Never underestimate the power of a weaponized tchotchke, especially when paired with a free teddy bear and gift card.

FBI Private Industry Notification:

Kwampirs Malware Employed in Ongoing Cyber Supply Chain Campaign Targeting Global Industries, including Healthcare Sector

Announcement text

Particularly bad news in this one.

Kwampirs Targeted Attacks Involving Healthcare Sector

Boost security defenses against Kwampirs RAT malware with new list of IOCs

This one goes back for several years.  In a 2018 article they calculated that 40% of their attacks were on healthcare.

Within the healthcare sector, Kwampirs malware was found installed on a wide variety of systems, including X-Ray and MRI machines, as well as machines used to assist patients in completing consent forms. However, rather than stealing information stored upon these systems, it is suggested that attackers are mostly interested in learning about the devices themselves.

Ransomware study

News in Feb about the damage in 2019.  I knew it was bad but wow.

Ransomware Damage Hit $11.5B in 2019

That averages $141k per attack – that they know about!  In 2018 it was $46,800 per attack.

Among the most targeted were state and local government entities, critical infrastructure organizations, and entities in the healthcare sector.

Cyber Threat Landscape Report 2019-2020

They Come in the Night: Ransomware Deployment Trends

Mandiant Intelligence examined dozens of ransomware incident response investigations from 2017 to 2019. Through this research, we identified a number of common characteristics in initial intrusion vectors, dwell time, and time of day of ransomware deployment. We also noted threat actor innovations in tactics to maximize profits

Major points:

  • They get a foothold and lurk for a while doing reconnaissance
  • They roll out their attacks at night or on the weekend most of the time
  • RDP  still a vector but phishing and drive-by-downloads the most likely way they get in

Many Ransomware Attacks Can be Stopped Before They Begin

Drive-by-downloads, weak and unprotected Remote Desktop Protocol (RDP) services, and phishing with a malicious link or attachment were the most common initial infection vectors in the ransomware attacks in FireEye’s study. RDP attacks, where threat actors log in remotely to a system on a target environment via the RDP protocol, were especially common in 2017,  but they appear to have declined somewhat in popularity since then.

Over the same period, phishing, in particular, and drive-by-downloads have gained in popularity as a way for attackers to try and get an initial foothold on a target network, FireEye said.

There is a lot to deal with these days.  We can’t fix the big things.  Let’s all worry about the things we can do something about for now.  The scary things are out there aimed at your systems and your data.  We will watch these cyber stories and update you as we do our best to help us all cope.

Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word.  As always, send in your questions and ideas!

HIPAA is not about compliance,

it’s about patient care.TM

Special thanks to our sponsors Security First IT and Kardon.