Three New Resources for You
Hello Medcurity community! Today we wanted to call your attention to three resources that were published recently. Each of these can serve as an educational tool and/or a conversation starter for you to improve your organizations’ security practices surrounding these issues.
From HC3 - Resource #1:
The Health Sector Cybersecurity Coordination Center’s new 52-page brief: Types of Cyber Threat Actors That Threaten Healthcare was released last week.
Threat actors fall into several categories, six of which are covered in this free resource:
- Cybercriminals - individuals or groups out for financial or personal gain who are collectively responsible for stealing billions of consumer and business dollars annually.
- Hactivists - target government entities or organizations in countries seen as enemies with the goal of causing significant reputational harm.
- Nation State Actors - sponsored groups that launch sophisticated attacks against foreign governments and organizations.
- Cyberterrorists - target systems to disrupt the critical services/infrastructures of a specific nation, sector, or organization.
- Script Kiddies - amateur hackers using well-known techniques to compromise networks for personal or simple reasons like seeking attention, having fun, creating chaos, or revenge.
- Insider Threats - people within an organization who compromise protected data through negligence or with malicious intent.
From the CISA - Resource #2:
The CISA’s Guide to Security Remote Access Software “provides organizations with a remote access software overview, including the malicious use of remote access software, detection methods,” etc.
Additionally, the guide includes recommendations by organization type, including useful tips for:
- MSP and SaaS Customers
- MSPs and IT Administrators
- Developers of Products with Remote Access Capabilities
As well as further information and resources for providers and the organizations that serve them.
From Verizon - Resource #3:
Verizon’s 2023 Data Breach Investigations Report compiles information from 5,000+ breaches that happened between November 2021 and October 2022. Here’s a few things their researchers found this year:
Most breaches (83%) were caused by external actors, with nearly all of these actors looking to gain from the incident financially. Data-hunting criminals are out there, like the ones discussed in Resource #1, and they’re intentionally going after healthcare organizations’ valuable patient information.
74% of the breaches involved the human element. This included employees falling for social engineering scams, misusing data, or making other errors. Employee training is critical if your organization doesn’t want to fall into this category!
Stolen credentials were by far attackers’ favorite tool used to get in, followed distantly by phishing scams and exploitation of vulnerabilities.
Ransomware was involved in nearly a quarter of all breaches. This is still an extremely successful and profitable tool for cybercriminals, so your best defenses against it must be in place.
There’s a new(ish) security threat in town. “Pretexting:” playing on your emotions by creating a made-up scenario that requires your immediate response. Whether it’s a desperate plea from a “family member,” or an urgent request from “your boss,” these fake messages can appear very legitimate, and are fooling healthcare providers large and small every day.