CISA Publishes List of the Most Commonly Exploited Vulnerabilities
Jul29

CISA Publishes List of the Most Commonly Exploited Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) have issued a joint cybersecurity advisory about the most common vulnerabilities exploited by cyber actors in 2020, many of which are still being widely exploited in 2021. The advisory lists the top 30 exploited Common Vulnerabilities and Exposures (CVEs), how each vulnerability is exploited, recommended mitigations, indicators of compromise, and tools and methods that can be used to check whether the vulnerabilities have already been exploited. Recently disclosed vulnerabilities are exploited by cyber threat actors, but most of the commonly exploited vulnerabilities are not new and were disclosed in the past two years. In 2020, the pandemic forced many businesses to switch from an office-based to a remote workforce, so it is not surprising that 4 of the most commonly exploited vulnerabilities in 2020 concern remote working solutions such as VPNs and cloud-based technologies....

Read More
The Average Cost of a Healthcare Data Breach is Now $9.42 Million
Jul29

The Average Cost of a Healthcare Data Breach is Now $9.42 Million

IBM Security has published its 2021 Cost of a Data Breach Report, which shows data breach costs have risen once again and are now at the highest level since IBM started publishing the reports 17 years ago. There was a 10% year-over-year increase in data breach costs, with the average cost rising to $4.24 million per incident. Healthcare data breaches are the costliest, with the average cost increasing by $2 million to $9.42 million per incident. Ransomware attacks cost an average of $4.62 million per incident. The large year-over-year increase in data breach costs has been attributed to the drastic operational shifts due to the pandemic. With employees forced to work remotely during the pandemic, organizations had to rapidly adapt their technology. The pandemic forced 60% of organizations to move further into the cloud. Such a rapid change resulted in vulnerabilities being introduced and security often lagged behind the rapid IT changes. Remote working also hindered organizations’ ability to quickly respond to security incidents and data breaches. According to IBM, data breaches...

Read More
Report: The State of Privacy and Security in Healthcare
Jul28

Report: The State of Privacy and Security in Healthcare

2020 was a particularly bad year for the healthcare industry with record numbers of data breaches reported. Ransomware was a major threat, with Emsisoft identifying 560 ransomware attacks on healthcare providers in 2020. Those attacks cost the healthcare industry dearly. $20.8 billion was lost in downtime in 2020, according to Comparitech, which is more than twice the ransomware downtime cost to the healthcare industry in 2019. With the healthcare industry facing such high numbers of cyberattacks, the risk of a security breach is considerable, yet many healthcare organizations are still not fully conforming with the NIST Cybersecurity Framework (NIST CSF) and the HIPAA Security Rule, according to the 2021 Annual State of Healthcare Privacy and Security Report published today by healthcare cybersecurity consulting firm CynergisTek. To compile the report – The State of Healthcare Privacy and Security – Maturity Paradox: New World, New Threats, New Focus – CynergisTek used annual risk assessments at 100 healthcare organizations and measured progress alongside overall NIST CSF...

Read More
McLaren Health Care and Greenwood Leflore Hospital Impacted by Elekta Ransomware Attack
Jul28

McLaren Health Care and Greenwood Leflore Hospital Impacted by Elekta Ransomware Attack

McLaren Health Care Corporation (MHCC), the operator of 15 hospitals and over 100 primary care locations in Michigan and Ohio, has announced the protected health information of 64,600 of its cancer patients may have been compromised in a ransomware attack on vendor Elekta Inc. Elekta provides software and technology services to MHCC facilities in Macomb, Northern Michigan, Gaylord, Cheboygan, West Branch, Lapeer, Central and Bay City, which includes data storage. Between April 2 and April 20, 2021, Hackers had access to Elekta’s systems, exfiltrated data, then deployed ransomware to encrypt files. A ransom demand was issued, payment of which was required to decrypt data and prevent the exposure of data stolen in the attack. Elekta notified MHCC about the breach on May 17, 2021. While patient data was affected, Elekta said it has no reason to believe that any of the stolen information will be further disclosed or published online. However, as a precaution against identity theft and fraud, complimentary identity theft protection and credit monitoring services are being offered to...

Read More
Phishing Attacks Reported by UC San Diego Health and UnitedHealthcare
Jul28

Phishing Attacks Reported by UC San Diego Health and UnitedHealthcare

UC San Diego Health has discovered unauthorized individuals gained access to the email accounts of some of its employees and may have accessed or exfiltrated emails containing patient data. The email accounts were compromised as a result of employees responding to phishing emails and disclosing their email credentials. The email environment has now been secured and additional measures have been implemented to improve security. The investigation into the breach revealed the first email account was compromised on December 2, 2020, and others were compromised up until April 8, 2020. At this stage, no evidence has been found to indicate any emails or email attachments were subjected to unauthorized access between December 2020 and April 2021, and no reports have been received that suggest the protected health information (PHI) of patients has been misused; however, it was not possible to rule out unauthorized PHI access and data exfiltration. The investigation into the breach is ongoing to identify exactly what happened and the information that has been affected. Notification letters...

Read More