BayShore Interactive - Your Managed IT Solutions Provider

Blog

Obstacles To Cybersecurity in Healthcare   

In the United States, computer related crimes are a major public health concern. By 2020, it is estimated that there will be more than 1 million cybersecurity job openings and only about “250,000 qualified applicants to fill those positions.” This could lead to as much as a 200 billion dollar loss for American businesses.

A 2013 article in journal Health Affairs reported that “more than three-quarters of the hospitals surveyed had experienced at least one security incident in any given month.” Most breaches were related to theft or loss of devices, but many involved unauthorized access, data tampering or disclosure. The vast majority of these incidents went unreported.

Like other businesses, healthcare organizations are increasingly recognizing the need to upgrade their cybersecurity protections. However, similar to most other non-technical fields where it is difficult for employees to discern between important and unimportant information, healthcare professionals often have a hard time understanding exactly what they should be protecting.

The lack of standards across the healthcare industry makes hospitals particularly vulnerable to cyber-attacks. Because there is such a wide range of industries and technologies in use, it becomes much easier for hackers to find the point of access that they want.

The government has provided numerous incentives for healthcare administrators to invest more in cybersecurity measures; however, these programs often fail due to lack of participation by hospital staff. As a result, these hospitals are often the victims of costly data breaches.

Lack of Cybersecurity Training in Healthcare

The lack of training programs has led directly to poor investment in cybersecurity measures by healthcare organizations. There are currently no federal laws in place to protect patient information, which has led to the rise of medical identity theft. The United States Department of Health and Human Services reported that there were more than 21 million cases of medical record theft in the past 6 years, with only about 1 in 20 instances being investigated by law enforcement.

Cybersecurity has become a major concern in today’s society, where most people rely on technology for various services. However, with the increased use of computers and other digital devices, comes an increased risk of cyber attacks. Many companies have been targeted by these attacks, resulting in financial losses or compromised personal information. Now that healthcare providers are more connected to a network of devices, more providers are being targeted by hackers. While most healthcare facilities have implemented security measures against cyber threats, they have not been successful in thwarting these attacks. Healthcare providers must learn how to identify and protect themselves from potential threats due to the fact that protecting cybersecurity is becoming a requirement by law.

Healthcare providers need to be aware of all potential threats in order to keep cybersecurity intact. One of the biggest threats to healthcare security is spear phishing. Spear phishing is a form of electronic identity theft that targets specific individuals or organizations. Hackers can identify an individual’s email address and use it to send an email containing malware or a link leading to malicious software . This threat has caused the healthcare industry to implement new practices in order to protect themselves from cyber threats.

Healthcare Facilities need to fully embrace cybersecurity training in order to keep patients data protected at all times. Providers should take advantage of the many training programs that are available. Being aware of different types of cyber security threats will help protect providers against these attacks.

High-Risk Networked Medical Devices

Medical devices are more interconnected than ever before, however there are very few standards that creators have to adhere to when developing new products. In addition, many medical devices have been designed with a poor user interface as the focus as opposed to security controls. As a result, it is easier than ever for hackers to gain unauthorized access to this equipment.

High-risk medical devices are at the center of attention for several reasons. On one end, some embedded device manufacturers do not implement adequate security measures to protect these systems against hackers or breaches that may compromise patient safety. Even if the manufacturer takes every possible step to make sure its device is properly protected, an insecure network environment can cause vulnerability.

For instance, consider a hospital that has an infusion pump connected to the local clinical network. This device is used to administer infusions of fluids and medication for patients. Unfortunately, it is configured to allow access from any computer on the same subnet without authentication. An attacker simply needs to connect his system to the subnet and send commands directly to the infusion pump through the network.

The consequences of an attacker compromising an infusion pump are serious. He can set the flow rate to a dangerous level, or he can stop the infusions completely, resulting in loss of blood pressure for the patient and possibly death.

Poor Investment In Cybersecurity Threatens The Health Of Hospitals

According to the 2015 HIMSS Cybersecurity Survey, security risk ranks as a top priority for 63.1 percent of respondents and nearly 65 percent said they were concerned about their organization’s ability to manage and control access to their data. We’ve heard many times now that cybersecurity must be a priority in healthcare. Yet, the survey results indicate that many organizations and professionals are not doing enough.

Survey data also reveals a lack of awareness from IT leaders about their organization’s risk to point-of-sale malware at pharmacies, as well as other security risks, such as account takeover fraud resulting from weak or nonexistent password practices. Only 43 percent of respondents said they have implemented security measures to prevent account takeover fraud resulting from weak or nonexistent password practices.

More emphasis must be placed on security, and a big part of that comes from increased investment. As the saying goes, “a chain is only as strong as its weakest link,” and in this case, that weak link is often cybersecurity.

Even if the risks are high, why aren’t more organizations taking action? According to research from Accenture, small to medium-sized hospitals invest up to 20 percent of their IT budgets in security. Meanwhile, larger organizations often spend less than 10 percent of their budget on security, leaving a budget gap that many smaller entities can’t fill.

The key is to prioritize spending and understand that there is no such thing as 100% secure when it comes to cyber attacks. Big breaches have already occurred and organizations need to be willing to take that into account.

Insecure Medical Networks

Insecure hospital networks  have led to cybersecurity being an ongoing concern for healthcare organizations. Studies have shown that cyber security continues to be a widespread problem in hospitals across the United States, Europe and Asia.

The number one challenge is the lack of budget given for cyber security. The second major obstacle is there are many separate networks at hospitals so it’s difficult to centralize the security measures. The third challenge is a lack of trained computer professionals, and finally there’s a basic lack of cybersecurity knowledge among healthcare staff.

According to reports from the UK National Health Service (NHS), hospitals have been victims of cyberattacks where patient records were being held hostage by hackers demanding bitcoin ransom payments that reportedly ranged from $180 to $15,000. Another report from the United States Department of Health and Human Services (HHS) revealed that in 2015 there were 295 health data breaches reported by 251 organizations with a total of 100 million records compromised.

The HHS Office for Civil Rights (OCR) is the federal agency tasked with ensuring compliance by covered entities with the HIPAA Administrative Simplification Rules, which were issued by the HHS Secretary and designed to improve the efficiency and effectiveness of the nation’s healthcare system.

One of the most successful ransomware attacks was at Hollywood Presbyterian Medical Center where hackers were able to infect their systems with a crypto virus, which held their files hostage for $17,000 in bitcoin. This changed when they paid the ransom and removed the infection from all affected devices. Healthcare organizations need to stay vigilant as this cybercrime trend continues to spread.

Breached Hospital Passwords

Cyber-attacks against U.S. hospitals increased 400% in 2015 and first half of 2016; 66 more data breaches were reported by the Department of Health and Human Services Office for Civil Rights (OCR) during this period compared to all of 2014, as AC & SC Magazine reports.

There was a 426% increase in malware attacks against hospitals from 2014 to 2015, according to a report released by OCR. Malware compromises patient privacy and enables unauthorized access to sensitive patient information.

The University of Pittsburgh Medical Center (UPMC) fell victim to two major ransomware attacks within the last 18 months that cost the university $18 Million. Ransomware is a type of malware which locks users and/or their files and data from access until they pay the ransom fee to unlock them; most hospitals that were successfully attacked paid between $10,000 to $50,000.

About 59% of users had internet-connected devices on their hospital networks that could be susceptible to cyber attacks, according to a HIMSS Media survey of healthcare IT professionals conducted last July. These devices include digital dictation machines and cardiology imaging systems as well as more traditional IT systems such as computers and printers.

According to the 2016 National Health IT Collaborative (NHIT) Cybersecurity Survey, smartphones are now more prevalent than laptops or tablets on health care networks; 20% of hospitals reported that mobile devices were the most targeted form of attack in 2015, up from 7% in 2014.

In conclusion, it is clear from this review that cyber security in healthcare continues to be a significant and growing challenge. The fundamental issue is around the balance of patient benefit vs. security. Healthcare processes and systems will not be made risk free, so we must design them with controls that limit exposure to known risks as much as possible. Over time, emerging challenges will need to be addressed through the same risk management methods. Stay in touch with Bayshore Interactive to learn more about cyber security.

 

 

The Five Biggest Cyber Attacks In History 

The internet has brought about a lot of change in the modern world. It’s so pervasive that people rarely ever think about life without it. As with all technologies, there are both benefits and risks associated with Internet technology. Unfortunately, criminals have figured out ways to exploit the internet for their own personal gain or malicious pleasure. Here is a list of some of the biggest cyber attacks in history.

Melissa Virus 1999

In 1999 Melissa was the first virus to spread via email. The virus infected computers with Microsoft Outlook and sent itself out to everyone in the victim’s email contact list. It also inserted some HTML code into each message that caused the recipient’s computer to launch an instance of Notepad (the default text editor for Windows PCs). This is where the name of the virus comes from.

The worm came in an email with the subject line “ILOVEYOU” and was also designed to send itself to everyone in the victim’s contact list. The worm contained a number of text files that contained the following message:

“kindly check the attached LOVELETTER coming from me.” The Melissa virus caused more than $80 million in damage by disrupting personal computers and computer networks in business and government.

Playstation Cyberattack 2011

In 2011, the infamous PlayStation Network hack occurred, resulting in the exposure of 77 million PlayStation Network users’ login information. Additionally, hackers gained access to 25 million records from a separate database. This resulted in a class-action lawsuit and Sony estimating the total loss of revenue due to downtime.

A group called Anonymous hacked into sony playstations and personal emails. The information was later posted onto the internet. The group also brought down several websites for long periods of time such as the PlayStation Network, which is an online service that allows gamers on different consoles to play together.  Sony estimated that they lost around $171 million as a result of the attack.

The group used denial-of-service attacks to bring down the network and stole personal information from gamers’ accounts that could be used for financial gain, such as credit cards and addresses. This data was never released publicly and hackers claimed that they only accessed the information as a result of poor security. Since this attack, Sony has upgraded their security and services to protect themselves from future attacks.

Adobe Cyberattack 2013

On September 17, 2013 a huge Adobe Systems security breach was reported by Brian Krebs of krebsonsecurity.com. They discovered a file called “users.tar” being shared across the web that contained over 150 million user names and hashed passwords for Adobe users. Unlike the breach in 2013, this one impacted all three of their products – Acrobat, ColdFusion and ColdFusion Builder.

Adobe Systems Incorporated released a software update to its Adobe Flash Player. This update contained an exploit later found to have been developed by the group “Hacking Team”, who sells computer exploits and hacking tools to governments and law enforcement agencies. The exploit gave the user total control of their systems, allowing for them to download any file, view any directory, and execute any command. This exploit was believed to have been used by the NSA in Stuxnet, but until now its use had not been confirmed. Before Adobe Systems Incorporated could fix the exploit’s vulnerability, “Hacking Team” sold it to many countries including North Korea, Russia, China, Syria, France, and the United States. Adobe Systems Incorporated was forced to release a new version of the Flash Player which fixed this exploit, and as a result many companies’ machines were compromised as they never installed the update.

Yahoo Cyber Attack 2014

Yahoo had one of the biggest data breaches ever to happen on record. During the last years Yahoo has constantly been targeted by different hackers. Now, as a result of their continuous efforts, an unprecedented number of 500 million accounts have been stolen from the company. The data includes usernames and passwords as well as telephone numbers and dates of birth which provide unauthorised access to other websites people use those details to login. Yahoo has confirmed that the breach occurred in 2014 but were not aware of it until recently. The hackers who attacked them are believed to be Russian agents and may have done so with political purposes in mind. They might try to use these accounts for espionage, fraud or identity theft against users worldwide.

However, Yahoo does not seem very concerned about the consequences of this attack, since it only revealed the incident on December 14th. The company has been struggling for a while now and has been doing its best to win back users’ trust after it was forced to disclose another security breach in early 2016.

Numerous other attacks were made against Yahoo, too. It’s hard to keep track of them all because they seem to happen every year.

Nasa Cyber Attack 2015

It is believed that the biggest cyber attack of all time happened in late 2015, when a group hacked into Nasa’s computers and stole employee data. More than 2,000 files were accessed by a hacker going by the name of Anonsec, who stated online that they did it to highlight security weaknesses at the space agency. The confidential information was not classified, but could be used to create fake identities.

The hacker tried to blackmail Nasa by threatening to sell confidential information and tools online. However, the agency refused to give in to the demands, so Anonsec published many files online instead. One document detailed aircraft flight patterns, while another was labelled ‘flaw notice’, suggesting it could be used to hack into Nasa equipment.

The hacker also claimed they were able to download 126MB of PowerPoint slides, including information on the Curiosity Rover mission. Nasa said it would investigate how its computers had been breached and was working with law enforcement to track down those responsible.

One of the files hacked was a 47-page document which detailed security vulnerabilities in Nasa’s Global Traffic Management (GTM) system. The hacker claimed they used this information to access the computers of various other government agencies, including the US State Department and Federal Aviation Administration.

Cyber attacks often seem to be happening under the radars of most people.  Sometimes, industries or even countries suffer from a cyber attack without anyone noticing until later on in the aftermath.

Oftentimes, though, what’s left behind after these cyber attacks is quite obvious for everyone to see. The thing about cyber attacks is that they are always happening. They are always successful at some point, despite what the victim might think or believe happened. Stay tuned into Bayshore Interactive’s Blogs to learn more about cyber security

 

 

5 Greatest Threats In Cybersecurity

As we all know, cybersecurity is a much discussed and researched topic. Whether it’s individual internet users complaining about their security and privacy being violated by companies and governments or large tech corporations investing billions to prevent these kinds of attacks, the problem is real and apparently not going away anytime soon.

This article will focus on the top five greatest threats in cybersecurity. Note that these are not the only threats out there, just the five most impactful ones.

Ransomware

Ransomware is a type of malware that is used to extort money or data from its victims by holding their system hostage until they pay up. It blocks access to computer systems by encrypting the victim’s data and demands a ransom to decrypt it. This type of malware is usually contracted through phishing campaigns, malicious email attachments, or infected USB drives.

Ransomware has been a major issue in cybersecurity for quite some time now. In fact, it is the number one threat in cybersecurity.

In April of 2017, WannaCry ransomware affected over 200,000 people from 99 different countries when it infected computers and demanded ransom payments to release files back to its owners. This made headlines all over the world and eventually became the largest ransomware attack in history.

One can only hope that the ransomware industry will be stopped in its tracks soon because paying ransoms will ultimately solve nothing in terms of cybersecurity. When dealing with ransomware, prevention is the best cure to make sure it never happens to you or anyone you know. Prevention will help spare thousands of dollars from being lost in the process.

Ransomware is not only dangerous to users on a personal level, but it is also dangerous to businesses on a global scale. If ransomware infects an office building on Wall Street for example, that could have significant effects on the economy across the world. If people are unable to get their work done due to being locked out of their computers, important deadlines and financial planning will be missed.

Cloud Computing Vulnerabilities

Cloud computing vulnerabilities are increasing daily. Hackers are able to exploit vulnerabilities in the cloud by stealing information, using them as an entry point into your network, and even hijacking cloud-based systems for their own use. This is not just a future threat, but one that many companies have fallen victim to since the rise of cloud computing.

Some experts say that these outbreaks resemble a lightning storm, and that the cloud is particularly vulnerable to cyber attacks. As more and more companies continue to move their data to the cloud – whether it’s for convenience or for storage – it will be imperative that we create ways to secure this vulnerability, or we could face detrimental consequences such as lost client information (and company reputation), and financial loss.

Security professionals note that up until recently, it was thought that the cloud would be safer than regular computing and data storage systems because of its distributed nature – security breaches were less likely to happen with so many different locations to access the cloud. But as cyber crime has become more sophisticated, hackers have managed to find ways around these obstacles.

Social Engineering

Social engineering is a form of psychological manipulation that uses human behavior for infiltration purposes. For example, a hacker could pose as a wordpress developer and trick a target into installing malware or handing over their password.

Alternatively, a hacker may pose as a friend and call their target, convincing them to do the same. Examples of social engineering include phishing, covert channel, and zero-day exploit.

Phishing is a method of instilling fear or concern into an individual using email with subject lines such as “Your Account Has Been Suspended” or “Verify Your Account” in order to instill a sense of urgency. The individual is then prompted to enter personal information such as passwords and credit card numbers into a fake website that will instead be used for identity theft.

A covert channel is a communication channel that allows two entities from different security domains (e.g. the inside and the outside) to exchange information without detection by an intermediary party (e.g., an eavesdropper). Covert channels are typically employed by parties seeking to subvert their adversary’s discretionary security policy or bypass protective countermeasures.

A zero day exploit is a vulnerability that can be exploited by attackers before the developer of a piece of software is aware of its existence, meaning that no patches are available for it. These exploits are used by hackers to gain access to systems without being detected.

It is difficult to detect these types of exploits because there are no signatures in place until the vulnerability is found and patched by the developer.

Third Party Software

Many companies use third-party software to help their business grow, but there are inherent security risks associated with using other people’s code. The best way for a company to avoid these threats is by making sure all the new programming used in its systems comes from trustworthy sources. However, since this can be difficult to verify security firms often recommend companies stick to trusted sources.

Security threats can come from third-party software for several reasons. First, there is the possibility that the third-party organization has been compromised and this new code is malware in and of itself (i.e., a computer virus). Second, there is also the possibility that the organization didn’t write the program at all; rather, it is copied from another source and therefore contains malicious code. Third, if the organization has written the program, there is still a possibility that someone has hacked into their system and added in malicious components or backdoors to infect other companies who use their software.

DDoS Attacks

Ddos attacks are just some of the many threats that are presented to our daily lives. Cybersecurity is a very complex field with an abundance of new information being learned every day. These are not merely computer-related attacks, but they are digital-based tactics intended to disrupt normal activities or functions of an organization or individual. This could include stealing data, and could even lead to much bigger things, such as stealing money

DDoS attacks are conducted by various kinds of hackers but can be generally categorized into two groups. The first one is the “for fun” category in which private individuals carry out these attacks mostly to show off their skills. If they want to take down a certain website, say an online game server for example, they will send multiple requests at the same time, causing congestion and slowdown. DDoS attacks can also be politically motivated in which hackers will aim at national infrastructures such as airports and power plants.

Cybersecurity is a topic that has been getting a lot of attention as of late, as it should. With the increasing ubiquity and interconnectedness of modern technology comes an ever-increasing number of opportunities for those wishing to do harm to have access to an increasingly vast number of ways to do so. In this article, we have covered the top five greatest threats in cybersecurity today. Make sure you are constantly updated on your cybersecurity and follow one of Bayshore Interactives Social Media accounts.

Top 5 Employee Cybersecurity Mistakes

If you’re concerned about keeping your employees and company data safe, then there are a few mistakes that you should avoid. These five mistakes can be easily avoided with a little preparation and knowledge, but they do come up more often than they should.

Bad Computer Habits

There are many dangers associated with employees leaving their computer unattended, leaving their computer logged in to a social media or shopping site, and giving out too much information on a public profile. Many employees also fail to properly secure their mobile devices, allowing hackers to take control of the device and steal any valuable data.

Employees may neglect certain precautions because they do not consider themselves a threat or they believe that cybercriminals will target someone else. When it comes to cyber security, all employees must be aware of their actions and how they may compromise data. When you’re an employee of a company, your cyber security is just as important as the cyber security of the company. Your personal laptop should be protected by all the same anti-virus, anti-malware programs as your company laptop.

Carelessly Handling Sensitive Data

Carelessly handling sensitive data by removing files without understanding their importance or what risks they may contain can put your company in jeopardy. Whether it’s data theft or a compliance violation, you could be the reason for an investigation.

To avoid being at fault for compromising sensitive data, it’s crucial to have a plan in place when deleting files that are no longer in use. Employees must understand why they’re deleting specific files and what risks they may contain.

Data leaving the premises, theft of laptops, and mobile devices pose a real risk to organizations. When bringing devices home for use, make sure you have the right safeguards in place—like disk encryption or VPN access—to keep data safe when it’s away from your company network.

Employees must be aware of policies and the repercussions for breaking them. If the company has a mobile device policy, remind employees that this also applies when they bring company-issued mobile devices home for personal use.

Sharing Passwords

An employee’s password, encrypted or not, gives their colleagues the permission to access the account (possibly with restrictions). If this account belongs to a sensitive system such as an internal document management tool or a local file storage, then it is vital that passwords are kept safe and secure.

This sensitive information can also be sent over insecure messengers, such as Yahoo Messenger or Skype. If the device is hacked, then the hacker will have access to all of your accounts. A popular method of hacking involves Trojans which are hidden in downloads or attachments. Once on the device, they start sending passwords to a predefined email address.

Using a social media site such as Facebook or Twitter can give strangers access to plenty of personal information about you and your family, including photos and videos that have been tagged with information about the location where they were taken, making it easier for hackers to know your whereabouts at all times. People who are careless with their passwords or security on social media are also at a higher risk of having their accounts hacked.

Lacking Awareness Of Cybersecurity

An employee can cause a data breach or fall victim to one if they do not take the necessary precautions to protect their devices and themselves from hackers. For example, an employee could access mobile malware by clicking on ads displayed in mobile apps. Or an employee could acquire ransomware through unsecured Wi-Fi, open phishing emails, or fall victim to a social engineering attack.

In fact, 90 percent of data breaches are due to human error — and negligence has been the leading cause over the past two years. In addition, employees have made it easy for hackers by using weak passwords, reusing passwords across multiple sites, leaving computers unlocked while at work or on vacation, downloading/opening unverified files, and failing to update software patches and anti-virus definitions.

According to a report by Verizon, 75 percent of hacking-related breaches involved exploiting weak or stolen passwords within the first hour of an attack. It only took hackers 12 minutes on average for employees to click on phishing emails, and one minute before malware was downloaded.

Social media sites are also one of the biggest threats to an organization’s cyber security; Facebook, Twitter, Instagram, and Pinterest are all very popular ways to share information with others. However, these social media channels can also be used to share malicious links that employees often click on without paying any attention. If an organization sets up a social media policy, then employees will be aware of what they should and should not share with other individuals on these sites. An alternative to this would be to simply block all access to social media channels within the office; this way, employees will not even have the option to click on dangerous links that could lead them to downloading malicious software to their device.

Using Outdated Software

Using outdated software Ignoring software updates on your device  could be the quickest way to getting hacked. Hackers look for known vulnerabilities and bugs in software, such as system updates that haven’t been applied to a device (called outdated), and then use those flaws to hack into your device. As an IT person, it is important that you know about all of the devices within your company and make sure their software is maintained and up to date. There are multiple types of software updates, but in general, most have critical security patches or bug fixes. Turn on all automatic update features on your device to make sure you’re notified when the next update is available.

When you’re under pressure to meet work deadlines, it’s easy to underestimate the importance of cyber security. While it can be difficult to juggle your standard workload with adding new security measures, the consequences of not taking the necessary precautions could cause a lot more trouble in the future. Stay tuned in to Bayshore’s Blog for more.