Consumers understand that they are the ultimate victims of security breaches. Although it was a company or organization that was hacked, consumers often pay the final price. It is usually their private information that falls into the hands of hackers. Whether it’s payment information, social security numbers, addresses, or medical data, consumers are fully aware of the devastating effects of a company’s data breach.
The Ponemon Institute found that 89% of all healthcare organizations have experienced a data breach of some sort. Dr. Larry Ponemon, founder of the Ponemon Institute, said in the report, “In the last six years of conducting this study, it’s clear that efforts to safeguard patient data are not improving. More healthcare organizations are experiencing data breaches now than six years ago. Negligence—sloppy employee mistakes and unsecured devices—was a noted problem in the first years of this research and it continues. New cyber threats, such as ransomware, are exacerbating the problem.”
Last week we reported about a new type of ransomware affecting businesses and individuals. It’s called Petya and unlike ordinary ransomware, it has the ability to encrypt an entire hard drive - not just individual files - making a victim’s computer unusable until a ransom is paid. However, Petya had a flaw. In order for Petya to take control of a hard drive, it had to be granted access administrative privileges. If the victim does not allow access, the installation of Petya is cancelled and the files are not encrypted.
Not only are ransomware attacks increasing in frequency, but they are also evolving quickly as cyber criminals find new ways to encrypt data and hold it for ransom. Ransomware is the hot hacking trend of 2016. Hospitals, retailers, financial firms and every industry imaginable have fallen victim. The attacks are easy for cyber criminals to implement and the payoff is high when victims have no choice but to cough up the cash (or bitcoin, rather) to get their data decrypted.
The American Dental Association accidentally sent malware-infected USB drives to thousands of dental offices nationwide. The USBs, shaped like business cards, were meant to provide offices with new billing codes for insurance purposes, according to Krebs on Security.
The number of data breaches affecting companies of all sizes has been growing exponentially over the past decade, according to Verizon’s 2016 Data Breach Investigations Report. And the cause of many of those data breaches? “Miscellaneous errors” - also known as employee mistakes. That’s right...the biggest threats to an organization's security cannot be remedied with antivirus, firewalls, and network monitoring alone (though those things are important). It takes employee training and awareness to prevent cyber attacks.
The Cloud Security Alliance (CSA) recently found that compromised login credentials caused nearly a quarter of all data breaches.
The FBI recently released a report to those in the agriculture industry, warning them of an increase in cyberattacks aimed at farming equipment as more devices become connected to the internet. “While precision agriculture technology (a.k.a. smart farming) reduces farming costs and increases crop yields, farmers need to be aware of and understand the associated cyber risks to their data and ensure that companies entrusted to manage their data, including digital management tool and application developers and cloud service providers, develop adequate cybersecurity and breach response plans,” the report began.
If you think that hackers can only infiltrate things like computers, servers, and phones, think again. If something is connected to a network, it can be hacked. This makes medical devices like MRI machines, insulin pumps, x-ray machines, and hundreds of other machines vulnerable to hacking. Imagine if a hacker gains control of a hospital’s network and stops devices from working until a ransom is paid. Medical device cyber breaches are one of the most frightening things that can happen to a healthcare organization and unfortunately, healthcare facilities aren’t doing a great job at securing them.
Here’s another reason to be careful of what you click online. There’s a new Facebook scam circulating around the world’s largest social network and thousands of people have fallen for it.