Unfortunately, news of a cybersecurity threat is never hard to find.
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI) and Department of Health and Human Services (HHS), released a joint cybersecurity advisory regarding an imminent ransomware attack targeting the healthcare and public health sector in October.
A new cybersecurity threat
The agencies have received credible information suggesting a possible attack soon and are imploring all providers and businesses who operate in this sector to evaluate their systems and put in place protections against such an attack.
From what we know, these attacks are targeting the sector with TrickBot and BazarLoader malware, which can lead to data theft and the disruption of healthcare services. Impacted providers must work to address these vulnerabilities.
Otherwise, the effects of a disruption of service during the increased capacities associated with the recent surge in COVID-19 cases could prove disastrous.
Hospitals and other frontline medical providers should educate their staff on detecting phishing emails and different types of common intrusions. (More on that in a moment)
Additionally, providers’ IT teams should rehearse lock-down protocols and continue to patch systems regularly. Providers should be prepared to reroute patients and even move patients to alternative locations if a substantial intrusion occurs.
Before we discuss other ways to protect yourself from a cybersecurity threat, let’s talk more about phishing emails. After all, this is one of the most common cybersecurity threats we face each day.
Spotting and avoiding phishing scams
The first thing to know about phishing scams is they often seem to come from people or companies you know and trust. This makes them that much more dangerous!
But here are some ways to spot a phishing scam, even if it looks like it comes from a reliable source:
- Phishing emails will often ask you to confirm personal details and information
- They could include a fake invoice
- They could claim you’re eligible for a government reward or other monetary reward
- Some phishing emails say you need to update your payment information or there was a problem processing your payment
A few other “red flags” include emails that include a link to update your payment information. They also might use a generic greeting such as “Hey Dear” rather than your name.
Even if an email includes a logo or an email address that looks legitimate, any of these warning signs should not be ignored!
Remind your staff to look out for these signs when accessing their email. It’s also important to have them enable multi-factor authentication.
Protecting yourself from a cybersecurity threat
Now that you know more about this cybersecurity threat, it’s time to talk about what you can do to defend yourself against these attacks.
For a threat like this, network best practices include:
- Regularly changing passwords to network systems.
- The use of multi-factor authentication when possible.
- Set antivirus and anti-malware protocols and protections to automatically update.
- Implement network segmentation.
- Scan for open or listening ports and close those that are no longer needed.
When faced with a cybersecurity threat, individuals or providers are not encouraged to pay ransoms. First, payment is never guaranteed. And unfortunately, it likely emboldens and provides necessary funding for parties involved in these schemes.
Additionally, when someone subject to a ransomware attack indeed pays a ransom, it actually makes them a greater target for yet another attack. Once a cybersecurity threat proves results in payment, the victim becomes known to these operators as the party who knowingly plays their game.
If you have TrickBot network compromise indicators, immediately take steps to back up and secure sensitive data. For further information and specific technical guidance provided by CISA, view their advisory here.
To learn more about the best IT solutions for protecting yourself and your business, get in touch with us today.
Did you learn a lot from this post about the new cybersecurity threat many businesses are facing? Here are three posts to read next: