Attention Healthcare Organizations: Get Ready For Some Serious Cyber Security

Attention Healthcare Organizations: Get Ready For Some Serious Cyber Security

2015 has been inundated with cyber-attacks against the healthcare industry. In recent headlines, Excellus Blue Cross Blue Shield stated that approximately 10 million of its customers had their healthcare records compromised.

Not only did critical information such as names, Social Security numbers, addresses, and birthdays get leaked but financial data such as credit card information was also compromised. Additionally, this puts their customers at risk for fraud and identity theft.

Criminal cyber-attacks are rising amongst the healthcare community and despite strict HIPPA guidelines and regulations, many hospitals and healthcare providers are grappling with keeping their patients’ data safe.

Cyber-attacks and data breaches cost the U.S. healthcare system approximately $6 billion annually, according to security research firm, The Ponemon Institute.
KPMG polled over 200 healthcare providers and found that four out of five providers had been hacked.

44% of healthcare organizations have been attacked 1-50 times while 38% have been attacked between 50-350 times in the last year. 13% were attacked more than 350 times.

It doesn’t take a stretch of the imagination to realize just how many additional attacks are left undetected and unreported such as the case with Excellus, wherein hackers first accessed patient records in December of 2013 but weren’t discovered until August of 2015. This gave the attackers nearly two years of running data collection. In the same study, KPMG also found that only 53% of healthcare providers are ready to defend against a cyber-attack.

They listed five issues that healthcare organizations are facing.

1. The adoption of digital patient records and the automation of clinical systems.

2. The use of antiquated electronic medical records (EMRs) and clinical applications that are not designed to securely operate in today’s networked environment — and software vendors who push that problem to the provider.

3. The ease of distributing electronic personal health information both internally (via laptops, mobile devices, thumb drives) and externally (third party firms and cloud services).

4. The heterogeneous nature of networked systems and applications (i.e. network-enabled respirator pumps on the same network as registration systems that can browse the Internet).

5. The evolving threat landscape, where cyberattacks today are more sophisticated and well-funded, given the increased value of the compromised data on the black market.

“Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed. A key goal for executives is to advance their institution’s protection to create hurdles for hackers”, according to Michael Ebert of KPMG’s Healthcare & Life Sciences Cyber Practice.

These data breaches and security vulnerabilities cannot and should not be underestimated and there severity and frequency is a cause for concern. Healthcare providers must make cyber security a priority. No longer is this an issue that companies can ignore.

Protecting patient data is critical and the healthcare industry must start preparing and implementing a strategy to prevent these hacks before the U.S. Government begins to levy heavy penalties and fines on those who do not step-up to today’s threats.

DDoS: What is it and How Will it Affect My Business?

DDoS: What is it and How Will it Affect My Business?

You hear about it almost every day. Some large business, corporation, or government entity has suffered a “Distributed Denial of Service Attack”, or DDoS attack, and lost time and revenue due to an inability to continue to operate under such conditions. It’s happening with increasing frequency and intensity, and has now become a top concern for small and medium sized enterprise organizations all over the country.

To understand how a DDoS attack can cripple a network, it helps to know what one is. The attack can come in many forms but most often starts as a network of geographically distributed computers who were unwillingly enlisted into a virtual army, waiting for commands from the hacker to begin flooding their target.

You’ll commonly hear networks like this referred to as “bot-nets”, and these networks can produce floods of traffic anywhere from megabits to hundreds of gigabits depending on the number of nodes enlisted. Most bot-net administrators do not perpetrate attacks themselves, instead renting out their networks to clients who pay by the hour to utilize the service to attack.

As bandwidth and compute power has decreased internationally, the price of renting a gigabit botnet has reached an all-time low. This has created an environment wherein hacking service providers have resorted to marketing tactics, such as coupons and subscriptions, to lure customers away from competing services.

With a web-link and handful of US dollars, you too can rent enough power to bring a large public-facing entity to a grinding halt.

Coincidently, as bandwidth to small and medium businesses has increased, service-providers have had to support access to very fast circuits and switching networks to adapt. Therefore an attack at 500Mbps, that may cripple your Web server’s ability to communicate with the outside world, will not have any effect on your provider’s ability to continue operations.

Therefore, they are unlikely to step in to mitigate, or port, the traffic until you call to alert them of the malicious traffic. To them, you’re just using more of your already fast internet connection!

Axiom researchers have found that the number of DDoS attacks in 2014 was up approximately 90% over the prior year. In 2015 alone, we have already recorded a 100% increase in attacks over 300Mbps in comparison with 2014.
With the decreasing price of hacking tools, this increase in attacks will continue to become the new norm. Businesses of all sizes need to adapt to these new threats now in order to continue operating in the coming storm.

#FightBackWithAxiom

Axiom DDoS protection uses a proprietary security solution that denies the attacker information about your network and causing an increase in resource commitment on behalf of the attacker to in order continue their virtual volley. This not only allows you to continue business operations during an attack, but turns you into an undesirable target for any hacker. It makes them think twice about spending money to mess with you again.

Axiom Sentinel solutions come in different sizes and solutions. From Axiom Sentry devices with 500Mbps of mitigation capacity to our flagship Axiom Sentinel appliance, a sealed bridging appliance with 2 Terabit mitigated capacity, all Axiom solutions are designed to deal with the attack vectors of today while being adaptive and flexible enough to continue to secure your network for years to come.

For more information about Axiom Sentinel, feel free to call us about a capabilities presentation at (800)-519-5070

Worried about the Ashley Madison Hack? Beware before you enter your spouses data on these fake sites

Worried about the Ashley Madison Hack? Beware before you enter your spouses data on these fake sites

Given the constant media attention being dedicated to the Ashley Madison hack, it’s reasonable to expect that there are a number of curious spouses who may be tempted to find out if their partners were using Ashley Madison’s services.

In the past few days, hundreds of fake phishing, malware, and virus ridden websites have popped up encouraging users to enter their spouses personal information with promises to provide confirmation or denial of their involvement.

33 million users were exposed in the breach making any of these concerns valid.

Axiom would like to urge caution and ask netizens to summon the patience and wait for a legitimate security firm to provide a secure tool to analyze the data.

Many of these websites ask for names and e-mail addresses, but some ask for credit card and billing information, as well as partial social security numbers.

On top of these requests , some go as far as to require you to sign up for free and paid services, or take lengthy surveys.

In addition to downloading inadvertent malware, spyware and viruses, providing personal information to these thieves exposes the suspect, and anyone that may be closely associated with them, to inadvertent danger.

Many of these hacks are no longer targeted at identity theft, but instead are targeted at allowing state sponsored entities to create population and citizen databases to discover possible physical and social vulnerabilities leaving you, your family, and your nation at risk.

Axiom data engineers have been analyzing the recently available data dump and can confirm that it will require intervention on behalf of a data warehousing specialist or administrator to render the data searchable in a web friendly format.

To date, our researchers have not found any legitimate services offering database information without significant security risks.

 

Again, we urge caution to those lying in wait and ask that you #FightBackwithAxiom by not falling victim to these predators.

What Is The Future Of Internet Security?

What Is The Future Of Internet Security?

What if you woke up tomorrow and couldn’t access Facebook. Next you try Google and nothing happens. Next it’s CNN.com and Wikipedia. 

Nothing resolves and nothing works. Now, imagine this is not a short lived outage but days, weeks, even months.

This is a potential reality. What would businesses do? Think about banking, transportation, and healthcare. Every single industry relies on the internet to do business and keep our lives running.

As bandwidth availability continues to increase, there is a real threat of a distributed attack on the nation’s core infrastructure that could paralyze our world. We are tracking daily these attacks from Asia and Eastern Europe that are testing our vulnerabilities.

A few weeks ago, we saw a 25% packet loss across the backbone of the internet when the New York Stock Exchange was impacted. That same day United Airlines suffered outages due to that same flood. Many other businesses and government entities were impacted that day as well. Those attacks weren’t aimed at those businesses, but the carriers who service them.

Just like the Velociraptors in the original Jurassic Park movie, our enemies are testing our defenses. They are poking and prodding daily, finding our weaknesses. In the last week, core Level 3 routes were impacted by one of the worst sustained floods in recent months. Google DNS servers were also halted for more than 5 minutes, which is unprecedented.

In addition to increasing bandwidth, compute is becoming more accessible. Today you can purchase a Raspberry Pi device that has a 100MB interface for $39.  Many similar ARM SOCs (systems on a chip) are shipping with 1GBe interfaces. Most are less than $40. Someone with access to a 10Gbe circuit and an array of these compute nodes would have the distributed power equivalent of a State Sponsored action just 5 years ago.

We have to be thinking in future terms. At Axiom, we are developing devices that could have stopped these attacks at the upstream provider. What is needed, what Axiom is refining, is a compute solution that is designed to fight back. #FightBackWithAxiom. The answer is not to deny packets, not to black-hole packets, but to use a software defined algorithm that actively fights back and mitigates the attack. Not just at a single layer of the OSI model but at all of them.

In the past, flood attacks often used a single protocol as an attack vector. Since these kind of attacks are becoming easier to mitigate, attackers are evolving, adapting and creating new ways to attack specifically at the application layer, hitting you where it hurts. The best intruder will always use an open front door.

Axiom’s algorithm combined with our compute nodes is designed to mitigate an attack at any layer.

We are working with devices up to and including 100Gbe bonded interfaces, utilizing 400Gbe mitigation and TB switching fabric at the carrier level to stop these attacks before they ever get to the end customer.

Distributed denial of service (DDoS) is the new normal. We must fight back. #FightBackWithAxiom