Cyber Threats Hitting Today
Last week we spoke about the impending cyber apocalypse that could leave all of us without internet for days, weeks, or months. We received quite a response from our readers. While some were grateful for the awakening, most expressed exasperation with yet another doomsday scenario to confront. If you didn’t read it, click here. Well, we’re not changing course just yet.
Last week we talked about the threats on the horizon. This week let’s look at what’s hitting right now.
Phishing attacks are continuing to increase in frequency and effectiveness. Estimates put the increased success of the attacks at somewhere between 30% to 50% thanks to the added security challenges introduced with working from home. These attacks primarily consist of emails from spoofed and/or compromised domains and email accounts. Don’t click links, don’t open attachments, and when in doubt, pick up the phone and call the sender. While some attacks will still occur, these practices will prevent the overwhelming majority of attempts.
Next to consider is ransomware. There was a time in the HIPAA world where the argument could be made that a ransomware attack wasn’t necessarily a reportable breach. Well, those days are gone. Over the past few months ransomware has evolved into an exfiltration and encryption attack. If you don’t pay, not only will they not provide a decryption key, but they’ll threaten to release all of the stolen protected information to the public. The potential embarrassment has proven to be a highly effective strategy for cybercriminals, and as a result, ransomware attacks are continuing to increase in popularity with the global miscreant community. The vector for most (not all) ransomware attacks is through phishing campaigns, so adhering to the guidance above will help reduce your risk.
Finally, patch your darn devices. Microsoft is on a record pace in 2020 for the number of patches they’ve released. Interestingly, unpatched systems continue to be exploited at alarming levels. You’re thinking “my IT handles our patches”, and you may be right. Do this to check (Windows OS) – click the lower-left Window icon, click the settings icon, click the Update & Security link, and check for yourself. If your system needs updates, contact your IT for answers. Then call us to replace them (partially joking).
None of us want more on our plates or more to think about, but we’re living in a new reality. These cyber risks aren’t going away. You need to either address them yourself or work with experts like the team at Acentec to handle your cybersecurity for you.
Is it just me or do landline telephones, TV antennas, and pen and paper not seem so bad anymore?
Vince Lombardi said it’s not whether you get knocked down, it’s whether you get up. We have to keep getting up.
If you have any questions or if you are concerned about your organization’s cybersecurity, give us a call at (800) 970-0402. We’ll be happy to help.
For more HIPAA information, download our ebook – The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.