Author Archives: Hailey Carlson

Gone Phishing: Who’s really on the other end of the line?

Gone Phishing: Who’s really on the other end of the line?

Phishing

Email, social media, smartphones, and other electronic communication are now the norm for communicating across and between businesses of any size. You may even be a part of a company so big that you email back-and-forth with people on a daily basis whom you’ve only met a few times in passing. Or you may be contacting multiple potential clients for your start-up business, many of which you have never met before at companies you’ve barely heard of. If you see that an email is from someone who appears to be an employee at your business or a good potential client, you click on it so as to build and maintain positive relationships with them and help them with whatever it is that they may need. But how do you know if that email is actually from Jim in Accounting or Jane at your strong lead’s firm and not a hacker posing as him or her? When it is really the hackers and not the genuine people you think it is, this is called phishing.

Phishing is a tricky cyber threat—able to stump 20% of employees at J. P. Morgan when the company sent out a fake phishing email—but what is it exactly? Phishing is when impostors pose as reliable entities, such as banks, universities, or other well-known companies, via electronic communication, to solicit personal information which they can then use to steal people’s identities or infect their computers with malware. Phishing is growing at a rapid rate with many other cyber crimes; not even halfway into 2016, there have already been 36 companies that have fallen victim to phishing email attacks where the hackers were in search of employees’ personally identifiable information (PII) to aid the hackers in identity theft. Arguably just as vicious as going after people’s PII, these hackers have begun to steal funds from companies primarily through a form of phishing known as whaling.

 

Whaling, the new Phishing

Whaling, a form of phishing usually synonymous with the term spear phishing, is when hackers target executives for their phishing attacks; either emailing them directly or posing as these high-ranking members to send mass emails to employees (and in turn successfully infecting all employee’s computers who open the malware-ridden emails), in order to gain access to valuable information like financial numbers, wire transfers, and employee information.  A Mimecast survey conducted late last year found that 55% of businesses across the globe had experienced an increase in whaling attacks over the previous twelve months.

Whaling has been in the news recently for having hit Mattel, the producer of such toys as Barbie and Hot Wheels, with a malicious $3 million transfer of money to a hacker based out of the Bank of Wenzhou in China. Cyber criminals posed as a legitimate member of the Mattel executive board—the newly-instated CEO, Christopher Sinclair—to trick finance employees into transferring the sum to their malevolent bank accounts. In order to transfer money, Mattel requires two executives to sign off on the transfer so as to help reduce financial-related risks, one of which being the CEO. When the unnamed financial executive saw what he thought was the CEO’s approval, he assumed the transfer was legitimate and transferred the funds to the Bank of Wenzhou, unknowingly completing the hacker’s mission.

Thankfully, this event happened on a Chinese banking holiday, meaning that the funds were held up and Mattel was able to recover the wrongfully transferred funds almost immediately after finding out about the issue. Though this is good news for the toy-producing giant, most companies do not always have such lucky timing when cyber crimes strike. This is why knowledge and education are crucial defenses on the cybersecurity front. If employees know how to identify suspicious communications, then it is less likely that the company will be subject to phishing and whaling attacks.

 

How to identify a suspicious message

The primary goal in combating phishing and whaling attacks is to make sure that harmful traffic to employees is stopped without hindering the good traffic of current and new clients as well as other reliable entities. The best way to handle a phishing email scam is to prevent it from happening in the first place; employee training on how to identify a fraudulent email is an extremely important step in ensuring workplace cybersecurity, and there are a few telltale signs that indicate whether or not an electronic communication is a scam:

Links- The best way for a hacker to access your information is by making you come to him. Many links in suspicious emails can be verified by hovering your mouse over it; if the link is taking you to an .exe file for example, do not click on it, as these have been known to be the source of various malicious software in other cyber crime situations.

Threats- When there is a threat in an email, such as forcefully taking down an account or being fined if you do not take instant action, this is usually an indicator of phishing. This can come in the form of both email and phone solicitation and threats are easily identifiable by the request of immediate action or otherwise facing the hacker’s consequences.

Posing as a popular company- Seeing a familiar logo or name on an email or other electronic communication can give you a false sense of security that what you are receiving is a legitimate connection from an accredited company. An indicator that a message is phishing is when the hacker includes the company title in a way that is slightly different from the actual company name (i.e. Twitter Co. instead of Twitter Inc.). Also, if you regularly get emails from a reliable company and you receive one that looks different than usual, this is a sign that it may be a phishing scam.

Spelling errors- If there are clear spelling errors throughout the email, it is obvious that this email was not carefully looked over by a member of an authentic company and is likely phishing. This not only includes spelling and grammatical errors, but also when key parts of an email, such as the subject line or a signature, are missing or strangely worded.

If you believe an electronic communication to be malicious or suspicious, do not open it, delete it, and report the incident to your IT department. For small businesses that may not have an IT department or think that cybersecurity is out of reach for your company’s budget, please go to www.axiomcyber.com to learn more about our affordable managed cybersecurity solutions and how we can help your business get and stay secure.

The Healthcare Industry is Undeniably Vulnerable to Ransomware Attacks

The Healthcare Industry is Undeniably Vulnerable to Ransomware Attacks

HEALTHCARE DATA BREACHES

Recently it has become obvious that we are all vulnerable to attacks by anonymous people on the internet who wish to hack into our lives and steal our private information for their own personal gain if we do not take the proper measures to protect ourselves. Hospitals and other healthcare facilities are goldmines for hackers looking to steal hundreds of people’s information at once. You would think that with all of this sensitive information in their files, hospitals would be highly concerned about the protection and security of this data. However, the Healthcare industry has become one of the most hard-hit industries when it comes to cyber security due primarily to the heavy amount of data breaches that have plagued the industry in recent years.

Data breaches have skyrocketed over the past six years, especially in the Healthcare industry, and things are looking worse, making us more susceptible to breaches of our own personal medical information—and we’re not the only ones who are afraid. In just one year, Healthcare professionals have grown 13 percent more worried about attacks on their databases; and with 59 percent fearing that the existing budgets set in place for protection against these kinds of incidents are insufficient, it is obvious that the Healthcare industry is struggling to keep up with the changing world of cyber security.

According to the sixth annual Benchmark Study on Privacy & Security of Healthcare Data conducted by Ponemon Institute, 89 percent of Healthcare providers fell victim to multiple data breaches over the past two years and one-third of providers were subject to anywhere from 2-5 breaches. Approximately 50 percent of these breaches were due to a mix of employee negligence, third-party snafus, as well as stolen electronics. When the study was conducted six years ago, the majority of data breaches were caused by these issues; however it is clear that today, responsible for the remaining half of these breaches, the number one cause of Healthcare data breaches is cybercrime.

RANSOMWARE

One of the fastest growing, most devastating of these cybercrimes is ransomware and the Healthcare industry has taken more than its fair share of the brunt of this issue just this year. A few months ago, ransomware was found to be the cause of two Healthcare networks to be forced to take their systems offline, for fear of the issue spreading. Prime Healthcare Management, Inc. in California and Methodist Hospital of Kentucky were in a state of crisis when their networks were compromised by ransomware. While it seems that Prime was able to detect and handle the situation prior to any protected health information (PHI) being made vulnerable, Methodist was not so lucky. Reports say that they paid $17,000 as a ransom to regain access to their PHI files, while insiders claim that the amount paid could be significantly higher. This is one of the worst situations you could be in when dealing with ransomware, second only to your business being shut down. Prevention is a much better defense than reaction or negotiation with criminals.

Axiom can aid in these preventative measures due to its proprietary ransomware algorithm built into their Sentry firewall that would have been able to block these ransomware communication protocols at the firewall before criminals could have encrypted the PHI files. This would have saved Methodist Hospital of Kentucky thousands of dollars in ransom paid to criminals as well as their patients’ peace of mind.

HIPAA COMPLIANCE

When these Healthcare providers wish to combat ransomware, it is important for them to be aware of their HIPAA compliance. HIPAA HITECH requires that you have a disaster recovery plan and adequate backups, so HIPAA regulations have been a hot topic of discussion during this spike in Healthcare breaches. While some influential figures have questioned whether or not these breaches caused by ransomware are protected under HIPAA, it is conclusive that the industry is in dire need of revamping their approach to cybersecurity.

Axiom is able to help businesses in the Healthcare industry feel at ease by acting as their HIPAA Compliance Partner through providing them with professional and technical product services that include a HIPAA Security Assessment, Gap Analysis, Preparation and Certification as well as VOIP and 24-hour technical support.

If you’d like to find out more about what Axiom Cyber Solutions can do for you in regards to HIPAA compliance and protecting your business from cyber threats, please visit www.axiomcyber.com.