21,400 Patients Impacted by St. Croix Hospice Phishing Attack
Jul19

21,400 Patients Impacted by St. Croix Hospice Phishing Attack

St. Croix Hospice, a provider of hospice care throughout the Midwest, has discovered an unauthorized individual gained access to the email account of an employee and potentially viewed patient information. The breach was detected on May 10, 2019 when suspicious email activity was detected in the account. A third-party computer forensics firm was hired to assist with the investigation and discovered several employees’ email accounts were compromised between April 23, 2019 and May 11, 2019. It was not possible to determine whether any patient information had been accessed or copied, but the forensics firm did confirm that the accounts had been subjected to unauthorised access. An extensive systemic review of the compromised email accounts was conducted to identify which patients had had their protected health information exposed. On June 21, 2019, it was confirmed that protected health information had been exposed. The review has now been completed and patients are being notified that their name, address, financial information, Social Security number, health insurance information,...

Read More
Phishing Attack on California Business Associate Impacts 14,591 DHS Patients
Jul10

Phishing Attack on California Business Associate Impacts 14,591 DHS Patients

Nemadji Research Corporation, doing business as California Reimbursement Enterprises, has announced an unauthorized individual has gained access to the email account of an employee and may have viewed or copied the protected health information (PHI) of its clients’ patients. California Reimbursement Enterprises is a business associate of several healthcare facilities and hospitals in California and provides patient eligibility and billing services. The company also provides services to the Los Angeles County Department of Health Services (DHS). A potential email account breach was detected on March 28, 2019 when IT staff identified unusual activity in an employee’s email account. Assisted by a third-party computer forensics expert, Nemadji determined the employee responded to a phishing email the same day and the attacker accessed the account for several hours. All emails in the account were checked and on June 5, 2019, Nemadji confirmed that patient information had been exposed and notifications were issued to affected business partners. The breached email account contained...

Read More
Sensitive Data Potentially Compromised in Tennessee Hospice Phishing Attack
Jul05

Sensitive Data Potentially Compromised in Tennessee Hospice Phishing Attack

Alive Hospice in Nashville, TN, a provider of end-of-life care, palliative care, bereavement support and community education in middle Tennessee, has announced that the email account of an employee was subjected to unauthorized access in May 2019. Around May 6, 2019, suspicious activity was detected in an employee’s email account. The password for the account was immediately changed and an investigation was launched into the cause of the breach. The investigation revealed the email account was compromised on May 4, 2019 and hackers had access to the email account for a period of two days. Only one email account was compromised. Unauthorized account access was confirmed, but no evidence was found to suggest any patient information was accessed or stolen. The types of information in emails and email attachments varied from patient to patient and may have included the following types of PHI in addition to a patient’s name: Date of birth, Social Security number, driver’s license number, financial account number, medical history, treatment information, prescription information, treating...

Read More
PHI of 10,893 Summa Health Patients Potentially Compromised in Phishing Attack
Jul04

PHI of 10,893 Summa Health Patients Potentially Compromised in Phishing Attack

Akron, Ohio-based Summa Health has discovered an unauthorized individual has gained access to four employee email accounts containing patients’ protected health information (PHI). Summa Health became aware of the breach on May 1, 2019 and launched an investigation that revealed 2 email accounts had been breached in August 2018, and a further two accounts between March 11, 2019 and March 29, 2019. All four accounts were immediately secured and a third-party computer forensics firm was hired to determine whether any patient information had been accessed or stolen. The firm found no evidence of data theft or PHI access, although it was not possible to rule out the possibility that patient information was compromised in the breach. An analysis of the compromised accounts revealed they contained the following types of PHI: Patient names, dates of birth, medical record numbers, patient account numbers, clinical information, and treatment information. In total, 10,893 patients were affected. A small subset of those patients also had their Social Security numbers and/or driver’s license...

Read More
Phishing Attacks Reported by Broome County, NY and UMassMemorial Community Healthlink
Jun21

Phishing Attacks Reported by Broome County, NY and UMassMemorial Community Healthlink

Broome County in New York has started notifying 7,048 individuals that some of their protected health information (PHI) was compromised in a phishing attack on county employees. Broome County officials learned about the attack on January 2, 2019 when it was discovered that an employee’s direct deposit account information had been changed. An investigation was immediately launched which revealed ‘numerous’ Broome County email accounts had been compromised as a result of responses to phishing emails. Further, an unauthorized individual had also gained access to employees’ PeopleSoft accounts. A computer forensics expert was hired to assist with the investigation and determine how and when access to the accounts was first gained. That investigation revealed the first accounts were compromised on November 20, 2018 and further accounts were compromised up to January 2, 2019. Employee direct deposit information has been checked and all emails and email attachments in the compromised accounts have been analyzed. Broome County says multiple county departments were affected, including the...

Read More
April 2019 Healthcare Data Breach Report
May20

April 2019 Healthcare Data Breach Report

April was the worst ever month for healthcare data breaches. More data breaches were reported than any other month since the Department of Health and Human Services’ Office for Civil Rights started publishing healthcare data breach reports in October 2009. In April, 46 healthcare data breaches were reported, which is a 48% increase from March and 67% higher than the average number of monthly breaches over the past 6 years. While breach numbers are up, the number of compromised healthcare records is down. In April 2019, 694,710 healthcare records were breached – A 23.9% reduction from March.  While the breaches were smaller in March, the increase in breaches is of great concern, especially the rise in the number of healthcare phishing attacks. Largest Healthcare Data Breaches in April 2019 Two 100,000+ record data breaches were reported in April. The largest breach of the month was reported by the business associate Doctors Management Services – A ransomware attack that exposed the records of 206,695 patients. The ransomware was deployed 7 months after the attacker had first gained...

Read More
Cisco Umbrella Pricing
May15

Cisco Umbrella Pricing

A DNS filter is an important part of an organization’s malware and anti-phishing defenses. In this post we cover Cisco Umbrella, a popular DNS filter, and look at Cisco Umbrella pricing to help you decide whether this is the right solution for your organization. What is Cisco Umbrella? Cisco Umbrella, the new name for OpenDNS, is a DNS filter that allows healthcare organizations to block web-based threats and carefully control the types of web content that can be accessed by employees and guest users. A DNS filter is also an important element of layered cybersecurity defenses, as it prevents network users from accessing malicious web content and downloading potentially malicious files. Importantly for healthcare organizations, a DNS filter provides an additional layer of protection from phishing by blocking attempts to access phishing webpages via hyperlinks in emails. The solution includes 80+ categories of website which can be allowed or blocked based on the organization’s acceptable internet usage policies. Blacklists and whitelists are supported, which block or allow specific...

Read More
60,000 Records Exposed in EmCare Phishing Attack
Apr23

60,000 Records Exposed in EmCare Phishing Attack

The Dallas, TX-based physician staffing company EmCare has announced that it has suffered a data breach that has impacted approximately 60,000 individuals, 31,000 of whom were patients. The exposed information was detailed in emails and email attachments in employee email accounts that were accessed by an unauthorized individual after several employees responded to phishing emails and disclosed their email credentials. It is unclear from Emcare’s breach notice when the breach occurred and how long the attackers had access to email accounts. The breach was discovered on February 19, 2019. An investigation was launched and, assisted by a third-party computer forensics company, it was discovered that the compromised email accounts contained information about patients, employees, and contractors. The following information was saved in email accounts and was potentially accessed or copied by the attackers: Names, dates of birth, driver’s license numbers, Social Security numbers, demographic information, and clinical information. The investigation did not uncover evidence to suggest...

Read More
11,639 Individuals Impacted by Riverplace Counseling Center Malware Attack
Apr18

11,639 Individuals Impacted by Riverplace Counseling Center Malware Attack

Riverplace Counseling Center in Anoka, MN, has discovered malware has been installed on its systems which may have allowed unauthorized individuals to gain access to patients’ protected health information. The malware infection was discovered on January 20, 2019. The counseling center engaged an IT firm to conduct a forensic analysis, remove the malware, and restore its systems from backups. The analysis was completed on February 18, 2019. The IT firm did not find evidence that suggested patient information had been subjected to unauthorized access or had been copied, but data access and PHI theft could not be totally ruled out. The types on information stored on the affected systems included names, addresses, dates of birth, health insurance information, Social Security numbers, and treatment information. Affected individuals were notified about the data breach on April 11, 2019 and have been offered identity theft monitoring services via Kroll for 12 months at no cost. No reports have been received to date to suggest any patients’ PHI has been misused. Riverplace Counseling...

Read More
Cofense Annual Phishing Defense Summit: September 23-24, 2019
Apr16

Cofense Annual Phishing Defense Summit: September 23-24, 2019

Cofense has announced its fourth annual Phishing Defense Summit and User Conference will be taking place on September 23-24, 2019 in Orlando, Florida. The event – Cofense Submerge 2019 – provides attendees with detailed information on the latest security threats, new phishing tactics being used in real world attacks, and the latest incident response trends. Practitioners on the front lines will be on hand to offer advice on effective phishing defense strategies and the latest best practices to adopt to deal with the growing threat from phishing. First hand experiences will be shared to allow attendees to learn from problems other have experienced and advice will be given on how to plug common security gaps. The most common cybersecurity threats will also be discussed, including ransomware trends, incident response, malware analysis, and improving employee resiliency to phishing and other cyberattacks. Industry experts will also be on hand to discuss the current threat landscape and the most dangerous and damaging phishing attacks over the past 12 months along with the lessons that...

Read More
Webinar: April 4, 2019: Email Security, DMARC, and Sandboxing
Apr04

Webinar: April 4, 2019: Email Security, DMARC, and Sandboxing

The healthcare industry is particularly vulnerable to phishing attacks and successful attacks commonly result in significant data breaches. It is now something of a rarity for a week to pass without a healthcare phishing attack being reported. While healthcare organizations are providing security awareness training to staff and are using email security solutions, those defenses are not always effective. To improve understanding of why advanced attacks are managing to evade detection by traditional email security solutions, email security solution provider TitanHQ is hosting a webinar. During the webinar TitanHQ will explain about the threat from phishing and how organizations can protect themselves and their customers/patients. The webinar will also explain how two new features of TitanHQ’s SpamTitan email security solution – DMARC authentication and sandboxing – can protect against advanced email threats, zero-day attacks, malware, phishing, and spoofing. Webinar Details: Date : Thursday, April 4th, 2019 Time: 12pm EST Duration: 30 minutes Sign up to the Webinar here....

Read More
Concerns Raised About the Sharing of Health Data with Non-HIPAA Covered Entities via Apps and Consumer Devices
Mar27

Concerns Raised About the Sharing of Health Data with Non-HIPAA Covered Entities via Apps and Consumer Devices

Earlier this month, the eHealth Initiative Foundation and Manatt Health issued a brief that calls for the introduction of a values framework to better protect health information collected, stored, and used by organizations that are not required by law to comply with Health Insurance Portability and Accountability Act (HIPAA) Rules. Health information is increasingly being collected by a wide range of apps and consumer devices. In many cases, the types of data collected by these apps and devices are the same as those collected and used by healthcare organizations. While healthcare organizations are required to implement safeguards to ensure the confidentiality, integrity, and availability of health information and uses and disclosures of that information are restricted, the same rules do not cover the data if the information is collected by other entities. It doesn’t matter what type of organization stores or uses the data. If that information is exposed it can cause considerable harm, yet this is currently something of a gray area that current regulations do not cover properly. At...

Read More
Study Confirms Healthcare Employees Are Susceptible to Phishing Attacks
Mar14

Study Confirms Healthcare Employees Are Susceptible to Phishing Attacks

The healthcare industry is being targeted by cybercriminals and phishing is one of the most common ways that they gain access to healthcare networks and sensitive data. The number of successful phishing attacks on healthcare institutions is a serious concern. At HIMSS19, OCR highlighted email as being the main location of breached ePHI and the high risk of data breaches from phishing attacks. Could the high number of successful phishing attacks be mostly down to the industry being targeted more than other industry sectors, or are healthcare employees more susceptible to phishing attacks? A recently published study has provided some answers. Dr. William Gordon of Boston’s Brigham and Women’s Hospital and Harvard Medical School and his team conducted a study to determine the susceptibility of healthcare employees to phishing attacks. For the study, Gordon and his team analysed data from 6 healthcare institutions in the United States that used custom-developed tools or vendor solutions to send simulated phishing emails to their employees. The researchers analyzed data from simulated...

Read More
Sandboxing and DMARC Authentication Added to SpamTitan to Improve Email Threat Detection
Mar13

Sandboxing and DMARC Authentication Added to SpamTitan to Improve Email Threat Detection

Despite increased investment in cybersecurity, healthcare organizations still struggle to protect against advanced phishing threats and email impersonation attacks. Detection of new malware threats can also be a major challenge for small to medium sized healthcare organizations and managed service providers. To better serve the healthcare market and improve protection against sophisticated phishing attacks and zero-day malware, TitanHQ has announced it has added two new features to its SpamTitan spam filtering solution: DMARC email authentication and sandboxing. Due to the increase in email impersonation attacks, the Department of Homeland Security issued a binding operational directive in 2017 that required all executive branch agencies to fully adopt Domain-based Message Authentication, Reporting and Conformance (DMARC) to protect against email impersonation attacks and domain spoofing. DMARC authentication has now been incorporated into SpamTitan to improve detection of domain spoofing phishing attacks and prevent these phishing emails from reaching end users’ inboxes. New...

Read More
HIPAA Compliant Online Forms
Mar12

HIPAA Compliant Online Forms

Web forms offer healthcare organizations an easy way to digitally collect information from patients, but care must be taken not to violate HIPAA Rules. To collect any health data, HIPAA compliant online forms must be used. HIPAA Compliant Online Forms Must be Used for Collecting Health Information The HIPAA Privacy and Security Rules requires all HIPAA-covered entities and business associates to implement a range of safeguards to ensure the confidentiality, integrity, and availability of protected health information. Online forms are not specifically mentioned in the HIPAA text, but the Privacy and Security Rules do apply to online forms. Large healthcare organizations are more likely to have in-house staff with the skills to create forms that comply with HIPAA Rules, but many covered entities take advantage of the convenience of third-party webform solutions. There are many companies that offer HIPAA compliant online forms software that allows forms to be quickly spun up and used for a wide range of purposes such as onboarding new patients, obtaining consent, collecting payments,...

Read More
IRS Issues Warning About Tax-Related Phishing Scams
Mar05

IRS Issues Warning About Tax-Related Phishing Scams

The IRS has launched its 2019 ‘Dirty Dozen’ campaign warning taxpayers about the most common tax-related phishing scams that lead to tax fraud and identity theft. Each year the IRS provides taxpayers, businesses, and tax professionals with information on the 12 most common phishing and tax scams to raise awareness of the most prevalent threats. During tax season, cybercriminals are highly active and seek tax information to commit identity theft and submit fraudulent tax returns. Each year, many consumers are fooled into disclosing their personal information and scores of organizations fall victim to these scams and disclose the tax information of employees to scammers. The scams are conducted over the phone, via text messages, on social media platforms, websites, and via email. On March 4, 2019, the IRS launched this year’s Dirty Dozen campaign with a warning about the most serious threat during tax season – phishing. On each of the following 11 weekdays, the IRS will highlight a different scam. Tax-related phishing scams are often cleverly disguised. Emails are sent that appear to...

Read More
Is JotForm HIPAA Compliant?
Mar05

Is JotForm HIPAA Compliant?

JotForm is a software solution for creating online forms. Can JotForm be used by healthcare organizations to collect patient information? Is JotForm HIPAA compliant? HIPAA Compliant Forms on Websites HIPAA covered entities can use online forms to collect a wide range of information from patients. Online forms are useful for registering new patients, obtaining consent, conducting customer surveys, and taking payments. Web forms streamline data collection, allow patient information to be sent to EHRs or other internal systems quickly and efficiently, and they can improve the patient experience. HIPAA covered entities that have the resources can create online forms manually; however, those that lack staff with the necessary skills or have to create large numbers of forms will benefit from using online form software to speed up the process of creating online forms. While form software can be used for all the above purposes, if the forms are used to collect protected health information, the software provider will be considered a business associate under HIPAA Rules. Consequently, prior...

Read More
Cofense Vision Launched: Accelerated Phishing Threat Detection and Remediation
Mar04

Cofense Vision Launched: Accelerated Phishing Threat Detection and Remediation

Cofense has announced the general availability of Cofense Vision: An alert system that provides real-time visibility into current, unreported phishing threats and accelerates detection and remediation. Phishing defenses should naturally include email gateway controls to block threats before they are delivered to inboxes, but no solution will provide total protection. It is inevitable that some phishing emails will be delivered to end users, even with multiple anti-phishing solutions in place. Training is essential to ensure those threats are recognized by employees, but given the sophistication of today’s phishing threats, some employees are sure to respond. Cofense Vision is a new solution that helps security operation center (SOC) and incident response (IR) teams to identify all instances of phishing messages in their email system and deal with those threats with greater speed and efficiency. The solution works in tandem with Cofense Triage, a solution that allows first responders to prioritize and understand reported phishing threats. An analysis of more than 2 million...

Read More
Is Constant Contact HIPAA Compliant?
Mar01

Is Constant Contact HIPAA Compliant?

Massachusetts-based Constant Contact has developed an online and email marketing solution that makes it easy to keep in touch with customers and send out newsletters and marketing messages, but can Constant Contact be used by HIPAA-covered entities? Is Constant Contact HIPAA compliant? Sending Marketing Emails Containing ePHI The HIPAA Privacy Rule does not prohibit HIPAA-covered entities from sending marketing emails, but before marketing messages can be sent, patients/plan members must give their authorization to receive those communications. Provided authorizations have been received in advance, marketing emails can be sent without violating the HIPAA Privacy Rule. In order to improve efficiency, an email marketing solution may be considered, but HIPAA -covered entities need to exercise caution. Not all email marketing platforms have the necessary safeguards to meet the requirements of the HIPAA Security Rule, and some that do still cannot be used as the service provider is not prepared to enter into a business associate agreement with healthcare organizations. Uploading any...

Read More
Cofense Phishing Simulation Solution Enhanced with Responsive Delivery Option
Feb28

Cofense Phishing Simulation Solution Enhanced with Responsive Delivery Option

Each month, many healthcare organizations discover their employees’ inboxes have been compromised and the attackers have potentially gained access to patient health information. Phishing is the number one cyberthreat faced by healthcare organizations and phishing attacks are increasing in both frequency and complexity. Training employees how to recognize phishing and other email threats is essential, not only to prevent costly data breaches but also for HIPAA compliance. Providing training is only one element of improving human phishing defenses. It is also important to ensure that training has been taken on board by employees. The easiest way to do that and assess susceptibility and resilience to phishing attacks is through phishing simulations. Simulated phishing emails mirror real-world phishing emails and allow IT teams to find out which individuals are most susceptible to phishing attacks. Failed phishing simulations can be turned into a training opportunity. One problem faced by IT teams is making sure that phishing simulation emails are sent at the right time when they are...

Read More
KLAS Rates Lua Leading Post-Acute Secure Messaging Solution
Feb14

KLAS Rates Lua Leading Post-Acute Secure Messaging Solution

KLAS Research has given Lua Technologies’ HIPAA-compliant secure communications platform a score of 94 out of 100 in its 2018 Secure Communication Decision Insights Report. Lua was the highest scoring post-acute secure messaging solution and was recognized for the overall quality of the product, the value provided, and the performance of its secure communications platform. Lua developed its communications platform to meet the needs of a diverse range of healthcare professionals and help them communicate more effectively. The platform helps healthcare providers improve patient outcomes by ensuring healthcare employees can communicate quickly, easily, and efficiently with patients and all members of the care team. The platform incorporates privacy and security features to meet HIPAA requirements and allows protected health information to be shared quickly, easily, and securely with authorized individuals and ensures seamless communications across multiple devices and platforms to enhance mobile workflows in healthcare. “We are thrilled by the KLAS Research assessment of our...

Read More
United Hospital District Phishing Attack Impacts 2,143 Patients
Feb13

United Hospital District Phishing Attack Impacts 2,143 Patients

Blue Earth, MN-based United Hospital District has discovered patient information was exposed and potentially accessed by an unauthorized individual as a result of a June 2018 phishing attack. The phishing incident resulted in the compromise of a single email account, the credentials to which were obtained as a result of an employee responding to a phishing email. The substitute breach notice on the healthcare provider’s website indicates the account was compromised between June 10, 2018 and June 27, 2018. An in-depth analysis of the compromised account was conducted by third-party cybersecurity professionals who determined on December 12, 2018, that patient information had potentially been accessed. Emails and file attachments in the account were found to contain the protected health information of 2,143 patients. The types of information contained in the email account varied from patient to patient and may have included names, addresses, internal patient identification numbers, health insurance information and, for a limited number of affected patients, diagnoses, treatment...

Read More
PHI Exposed in Verity Health System Phishing Attack
Jan29

PHI Exposed in Verity Health System Phishing Attack

Verity Health System, a Redwood City-based network of 6 hospitals in California, has announced that the protected health information of certain patients has potentially been compromised as a result of a November 27, 2018 phishing attack. The Office 365 credentials of a Verity Health employee were obtained by a hacker as a result of a response to a phishing email. For a period of approximately one and a half hours, an unauthorized individual gained access to the employee’s email account and sent further phishing emails to Verity Health employees and other individuals in the employee’s contact list. The emails contained a hyperlink that directed the recipients to a malicious website. An investigation into the breach confirmed that none of the recipients of the phishing emails had disclosed their login credentials. The aim of the attacker appeared to be to gain access to further account credentials rather than to obtain sensitive data contained in the compromised account; however, it is possible that some patients’ personal information was viewed or possibly obtained while account...

Read More
New Report Reveals Spiraling Cost of Cyberattacks
Jan23

New Report Reveals Spiraling Cost of Cyberattacks

A new report from Radware has provided insights into the threat landscape in 2018 and the spiraling cost of cyberattacks. The report shows there has been a 52% increase in the cost of cyberattacks on businesses in since 2017. For the report, Radware surveyed 790 managers, network engineers, security engineers, CIOs, CISOs, and other professionals in organizations around the globe. Respondents to the survey were asked about the issues they have faced preparing for and mitigating cyberattacks and the estimated cost of those attacks. The 2018 Threat Landscape 93% of surveyed firms said they had experienced a cyberattack in the past 12 months. The biggest threat globally was ransomware and other extortion-based attacks, which accounted for 51% of all attacks. In 2017, 60% of cyberattacks involved ransoms. The reduction has been attributed to cybercriminals switching from ransomware to cryptocurrency mining malware. Political attacks and hacktivism accounted for 31% of attacks, down from 34% in 2017. The motive behind 31% of attacks was unknown, which demonstrates that attackers are now...

Read More
1,080 Chaplaincy Health Care Patients Potentially Impacted by Phishing Attack
Jan07

1,080 Chaplaincy Health Care Patients Potentially Impacted by Phishing Attack

Chaplaincy Health Care, a not-for-profit healthcare provider based in Richland, WA, has experienced a phishing attack that has resulted in the exposure of 1,080 patients’ protected health information. The phishing attack occurred on November 20, 2018 and was discovered within 4 hours. Prompt action was taken to block unauthorized access and a third-party computer forensics firm was hired to assist with the breach investigation. The investigation confirmed that a single email account was accessed by the attacker. After gaining access to the email account, the attacker attempted to access further accounts. The breach was discovered when the employee was alerted that her account had been used to send a phishing email to an email contact. No evidence was uncovered to suggest any patient health information was viewed or copied but, out of an abundance of caution, all patients affected by the breach have been offered complimentary credit monitoring and identity theft protection services through LifeLock for 12 months. Patients were notified about the breach on January 3, 2019. The firm...

Read More
Data of More Than 500,000 Staff and Students Compromised in San Diego School District Phishing Attack
Dec27

Data of More Than 500,000 Staff and Students Compromised in San Diego School District Phishing Attack

The San Diego School District has announced it has suffered a major phishing attack that has resulted in the exposure of the personal data, including health information, of more than 500,000 staff and students. The phishing attack was detected in October 2018; however, an investigation into the breach revealed the hacker had network access for almost a year. Access to the network was first gained in January 2018 and the attacker continued to access the network until November 2018. The decision was taken not to alert the hacker to the discovery of the breach immediately. Instead, the school district first investigated the breach to determine the nature of the attack and the extent to which its network had been compromised. Access was only terminated when the initial phase of the investigation was completed. San Diego School District conducted the investigation in conjunction with the San Diego Unified Police and has identified the hacker responsible for the attack. All compromised accounts have now been reset and unauthorized access to staff and student data is no longer possible....

Read More
Study Highlights Seriousness of Phishing Threat and Importance of Security Awareness Training
Dec17

Study Highlights Seriousness of Phishing Threat and Importance of Security Awareness Training

A new study has revealed the extent to which employees are being fooled by phishing emails and how despite the risk of a data breaches and regulatory fines, many companies are not providing security awareness training to their employees. For the study, 500 office workers were surveyed by the consultancy firm Censuswide. While all the respondents were based in Ireland, the results of the survey reflect the findings of similar studies conducted in other countries, including the United States. 14% of all surveyed office workers said that they had fallen for a phishing email, which would equate to around 185,000 office workers in Ireland. There were notable differences in susceptibility to phishing emails across the different age groups: Millennials, generation X, and baby boomers. The age group most likely to be fooled by phishing scams was millennials (17%), followed by baby boomers (7%), and Generation X (6%). Respondents were asked about how confident they were in their ability to identify phishing scams. Even though almost three times as many millennials had fallen for phishing...

Read More
Life Lua Wins Fierce Biotech Innovation Award
Dec16

Life Lua Wins Fierce Biotech Innovation Award

Life Lua, the developer of a HIPAA-compliant web and mobile access technology platform, has been named winner of a 2018 Fierce Innovation Award, Life Sciences Edition, in the Digital Health Solutions Category. Each year, Fierce Biotech recognizes companies that have gone the extra mile and are conducting leading-edge work in the field of health and biotechnology. On December 13, 2018, Rebecca Willumson, publisher of Fierce Biotech, confirmed Life Lua Technologies had been named category winner. Life Lua Technologies, a subsidiary of Life Biosciences Inc, has developed a mobile-first communications platform for the healthcare industry that allows healthcare professionals to communicate efficiently and effectively, no matter where they are located. The platform supports voice and video calls, file sharing, and promotes collaboration with all members of the care team to ensure the best possible care can be provided to patients. The platform also incorporates leading security protections to ensure all protected health information collected, maintained, stored, or transmitted through...

Read More
Webinar: DNS-Based Web Filtering for Healthcare Organizations
Dec04

Webinar: DNS-Based Web Filtering for Healthcare Organizations

Healthcare organizations have an opportunity to find out more about DNS-based web filtering in a Wednesday, December 5, 2018 webinar. The webinar, jointly hosted by Celestix Networks and TitanHQ, explores DNS-based web filtering and introduces Celestix WebFilter Cloud: A 100% cloud-based web filtering solution that protects against web-based threats and allows organizations to implement policy-based Internet controls. Celestix Networks was formed in 1999 and has delivered more than 25,000 security appliances worldwide and now serves more than 5,000 customers. As IT services have moved beyond the data center, Celestix has developed more flexible cloud-based security solutions, including a cloud-based web filter. Celestix WebFilter Cloud is powered by TitanHQ’s WebTitan technology. Since 1999, TitanHQ has been developing virtual appliances and cloud-based cybersecurity solutions to protect businesses from email and web-based threats. TitanHQ’s WebTitan technology protects more than 7,500 businesses from malware, ransomware, botnets, spyware, viruses, C2 callbacks, and phishing...

Read More
Health First Phishing Attack Impacts 42,000 Customers
Nov13

Health First Phishing Attack Impacts 42,000 Customers

Health First Inc., a four-hospital Florida-based health system, experienced a hacking/IT incident earlier this year that was reported to the Department of Health and Human Services’ Office for Civil Rights on October 5. According to the OCR breach summary, 42,000 customers were affected by the breach. Further information has now been released on the nature of the breach. According to Health First, the email accounts of multiple employees were compromised in the phishing attack. The exposed protected health information was contained in the compromised email accounts. The electronic medical record system was unaffected by the attack. An investigation into the breach revealed the attackers first gained access to employee email accounts in February 2018. Those email accounts were used to conduct further phishing attacks on other Health First employees until May 2018. According to Health First, the attackers gained access to “a small number” of employee email accounts. The compromised email accounts contained a limited amount of protected health information such as names, addresses, and...

Read More
Z Services Expands Partnership with TitanHQ to Provide New Cybersecurity Service
Nov08

Z Services Expands Partnership with TitanHQ to Provide New Cybersecurity Service

The United Arab Emirates-based managed security services provider, Z Services, has expanded its relationship with TitanHQ and will be offering further TitanHQ cybersecurity solutions to its customers to protect them from web-based threats and meet compliance requirements. Earlier in 2018, Z Services partnered with TitanHQ and started offering its clients a new spam filtering solution – Z Services Anti-Spam SaaS – which was powered by TitanHQ’s spam filtering technology. The new service has proven to be a tremendous success and is helping Z Services’ clients block email-based threats such as spam, phishing emails, malware, and ransomware to keep their networks secure. The success of the new service prompted Z Services to start offering two new TitanHQ-powered solutions to its clients: A web filtering SaaS offering powered by WebTitan and a new email archiving service powered by ArcTitan. Both solutions have been combined into the Z Services MERALE solution which is focused on SMEs. MERALE offers SMEs enhanced protection against Internet threats and helps SMEs improve productivity by...

Read More
TitanHQ Chosen to Provide Wi-Fi Filtering Service to Leading Satellite Provider
Nov01

TitanHQ Chosen to Provide Wi-Fi Filtering Service to Leading Satellite Provider

The leading satellite operator, Eutelsat, has chosen TitanHQ’s WebTitan Cloud for Wi-Fi to secure its Wi-Fi networks and create at safe and secure environment for employees and guests to access the Internet. Eutelsat is one of the world’s largest satellite operators. Through its fleet of satellites Eutelsat offers organizations, businesses, and governments video, data, and broadband services. Eutelsat has global coverage and serves more than 150 countries throughout Europe, the Middle East, and Africa. Eutelsat has offices in 44 countries and employs more than 1,000 operational, commercial, and technical professionals. To meet the needs of its workforce and provide Internet access to guests, Eutelsat has deployed Wi-Fi access points throughout its offices. To ensure the Internet can be accessed safely and securely by all users, Eutelsat needed to deploy a Wi-Fi security solution that was capable of preventing its Wi-Fi users from visiting malicious websites such as phishing web pages and sites hosting exploit kits. Eutelsat also needed to enforce its acceptable Internet usage...

Read More
Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering
Oct17

Webinar: TitanHQ and Datto Networking Discuss Enhanced Web Content Filtering

Earlier this year, spam and web filtering solution provider TitanHQ partnered with Datto Networking, the leading provider of MSP-delivered IT solutions to SMBs. The new partnership has allowed Datto to enhance security on the Datto Networking Appliance with enterprise-grade web filtering technology supplied by TitanHQ. The new web filtering functionality allows users of the appliance to carefully control the web content that can be accessed by employees and guests and provides superior protection against the full range of web-based threats. TitanHQ and Datto Networking will be holding a webinar that will include an overview of the solution along with a deep dive into the new web filtering functionality. Webinar Details: Datto Networking & Titan HQ Deliver Enhanced Web Content Filtering Date: Thursday, October 18th Time: 11AM ET | 8AM PT | 4PM GMT/BST Speakers: John Tippett, VP, Datto Networking Andy Katz, Network Solutions Engineer Rocco Donnino, EVP of Strategic Alliances, TitanHQ Click here to register for the...

Read More
Most Common Healthcare Phishing Emails Identified
Oct16

Most Common Healthcare Phishing Emails Identified

A new report by Cofense has revealed the most common healthcare phishing emails and which messages are most likely to attract a click. The 2018 Cofense State of Phishing Defense Report provides insights into susceptibility, resiliency, and responses to phishing attacks, highlights how serious the threat from phishing has become, and how leading companies are managing risk. The high cost of phishing has been highlighted this week with the announcement of a settlement between the HHS’ Office for Civil Rights and Anthem Inc. The $16 million settlement resolved violations of HIPAA Rules that led to Anthem’s 78.8 million record data breach of 2015. That cyberattack started with spear phishing emails. In addition to the considerable cost of breach remediation, Anthem also settled a class action lawsuit related to the breach for $115 million. Even an average sized breach now costs $3.86 million to resolve (Ponemon/IBM Security, 2018). Previous Cofense research suggests that 91% of all data breaches start with a phishing email and research by Verizon suggests 92% of malware infections...

Read More
Healthcare Industry Highly Susceptible to Phishing Attacks and Lags Other Industries for Phishing Resiliency
Oct02

Healthcare Industry Highly Susceptible to Phishing Attacks and Lags Other Industries for Phishing Resiliency

The healthcare industry is extensively targeted by phishers who frequently gain access to healthcare data stored in email accounts. In some cases, those email accounts contain considerable volumes of highly sensitive protected health information. Phishing is one of the leading causes of healthcare data breaches. In August 2018, Augusta University Healthcare System announced that it was the victim of a phishing attack that saw multiple email accounts compromised. The breached email accounts contained the PHI of 417,000 patients. The incident stood out due to the number of individuals impacted by the breach, but it was just one of several healthcare organizations to fall victim to phishing attacks in August. Data from the HHS’ Office for Civil Rights shows email is the most common location of breached PHI. In July, 14 healthcare data breaches out of 28 involved email, compared to 6 network server PHI breaches – The second most common location of breached PHI. It was a similar story in May and June with 9 and 11 email breaches reported respectively. Cofense Research Shows Healthcare...

Read More
JotForm Announces Enterprise Version of its Encrypted HIPAA Forms Software
Sep20

JotForm Announces Enterprise Version of its Encrypted HIPAA Forms Software

Jotform has announced that it has released an enterprise version of its HIPAA forms software to allow large healthcare organizations to collect and manage data more efficiently. JotForm is a leading developer of online form software and has more than four million users worldwide. The company’s software solution has been adopted by many enterprises for creating a wide range of data collection forms, although up until now, they were required to use multiple accounts within the same organization. In order to centralize and simplify data collection, the company developed a product to specifically meet the needs of enterprises. Enterprise users can now manage all of their data through a single umbrella account. JotForm Enterprise has no submission limits nor restrictions on the number of forms that can be created and used. The solution includes custom domains for forms, white-labeling for branding purposes, and a suite of management tools. Earlier in 2018, JotForm announced that it is now a HIPAA forms software provider and will sign business associate agreements with healthcare...

Read More
Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation
Aug23

Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation

Cofense has announced that further updates have been made to its award-winning phishing email simulation platform, Cofense PhishMe. The updates provide even greater opportunities for automating phishing simulation campaigns to save administrators even more time. Security awareness and anti-phishing training is now an important part of healthcare organizations’ cybersecurity programs. In addition to investing in technology to block phishing and other email-based threats, end users require training. Even layered defenses will not stop all phishing threats from reaching inboxes. Without training, end users will remain the weakest link in the security chain. Phishing simulation exercises are an important part of the training process. They allow security teams to assess how effective their training programs have been and identify weak points in the training program. They also allow security teams to identify individuals who have failed to understand certain parts of the training program. While phishing simulation platforms include some opportunities for automation and scheduling,...

Read More
Arnot Health Reduces ER Door-to-Floor Times by 36% with QliqSOFT
Aug10

Arnot Health Reduces ER Door-to-Floor Times by 36% with QliqSOFT

Arnot Health has implemented a new communications solution that has improved communication efficiency, slashed the time it takes to transfer patients from the emergency room to new units, and has improved both the level of care provided to patients and staff satisfaction. Arnot Health runs a 475-bed health system in southern New York State and constantly evaluates the healthcare services it provides to patients and searches for new opportunities to improve patient care. One area where there was considerable room for improvement was the admissions process, especially in its emergency department. “The amount of time it was taking to align all the appropriate resources was causing delays, and nobody wants to sit in an ER longer than they need to,” said Mike Connor, director of business information systems at Arnot Health. “We recognized an opportunity in the admissions process to greatly improve patient and staff satisfaction by eliminating the old school way of handling admissions and embracing a more mobile approach.” While many patients can be treated in the...

Read More
Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform
Jul30

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform. The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein. Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats. Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams. However, security teams can struggle to...

Read More
TitanHQ Expands Executive Team with Appointment of Rocco Donnino as VP of Strategic Alliances
Jul04

TitanHQ Expands Executive Team with Appointment of Rocco Donnino as VP of Strategic Alliances

TitanHQ, the Galway, Ireland-based provider of spam filtering, web filtering, and email archiving solutions, has announced the appointment of Rocco Donnino to its executive team. TitanHQ has been experiencing impressive growth over the past three years and has doubled its staff to meet demand and provide support for its customers. To accommodate growth in the United States, TitanHQ has recently opened a new office in New York and has expanded its offices in Florida, now taking up all three floors of the Mazars Building. In the past 12 months, TitanHQ has formed new strategic partnerships with industry heavyweights such as Microsoft, Comcast, Datto, Kaseya, BitDefender, and ViaSat and now provides email and web security services to more than 7,500 businesses around the world. To help continue its impressive growth trajectory, TitanHQ has now appointed Rocco Donnino as its Executive Vice President of Strategic Alliances – a new position created to help ensure the continued expansion of the company’s strategic partnerships. Rocco Donnino has been charged with growing the firm’s...

Read More
Acumera Partners with TitanHQ to Offer Web Filtering to Customers
Jun26

Acumera Partners with TitanHQ to Offer Web Filtering to Customers

The Galway, Ireland-based cybersecurity firm TitanHQ has announced the formation of a new partnership with the Austin, TX-based managed services provider Acumera. Acumera is a leading provider of managed network security services in the United States. Securing widely distributed networks consisting of hundreds or thousands of locations is one of the main strengths of Acumera, with the managed services provider able to meet the unique connectivity, operational, and data security challenges that these large networks create. The company offers network security, connectivity, and visibility services for a wide range of industry sectors. Acumera has been chosen by many healthcare provider networks who have chosen to outsource cybersecurity and provides network security services for drug stores, automated parking garages, and has secured the POS systems and networks of some of the best-known retailers in the United States, including 7-Eleven, Circle K, Subway, Valero service stations, Benetton, and Pluckers. One area where Acumera’s managed services required a boost was web filtering,...

Read More
CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018
Jun15

CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018

Cofense Triage, the phishing incident response platform, has been included in CSO Online’s 2018 list of the best security software solutions of 2018. To produce the list, CSO Online conducted independent reviews of a wide range of software solutions. Strict review methodologies were used to select the best security products currently on the market. Each product was researched to find out how it worked, how the solution could be deployed in customer environments, the benefits it provided, and the major problems that the solution resolved. The review was based on the top technology areas for security identified by Gartner, which included cloud workload protection platforms, remote browsers, deception technologies, endpoint detection and response platforms, network traffic analysis solutions, managed detection and response services, microsegmentation solutions, cloud access security brokers, OSS security scanning services for DevSecOps, and container security. CSO Online tested all security solutions in a dedicated lab environment with each tested, where appropriate, against some of...

Read More
TitanHQ Integrates Web Security into Datto’s Networking Suite
Jun13

TitanHQ Integrates Web Security into Datto’s Networking Suite

TitanHQ, the leading provider of email and web security solutions for SMBs, has formed a strategic alliance with the networking giant Datto and will be providing its innovative cloud-based web filtering solution to Datto MSPs. Norwalk, CT-based Datto is primarily a data backup, disaster recovery, and business continuity service provider. The company’s mission is to provide SMBs with the highest quality enterprise-level technology to protect their businesses and networks. Datto achieves this through its managed service provider (MSP) partners, giving them access to software solutions to ensure their clients are well protected. The company was acquired by Vista Equity Partners in 2017 and merged with New York-based Autotask and now has offices in 21 locations in the United States, Canada, China, Denmark, Netherlands, Germany, Singapore, Australia, and the UK. The company employs more than 1,300 staff and is the world’s leading provider of MSP-delivered IT solutions. TitanHQ Integrates Web Filtering Solution into Datto’s Networking Range Galway-based TitanHQ is an award-winning...

Read More
Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains
Jun08

Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains

The anti-phishing solution provider Cofense has launched a new tool that allows organizations to check what Software-as-a-Service (SaaS) applications have been registered by employees using corporate domains. The tool identifies configured cloud services, allowing security teams to check which SaaS applications are in use and take action over unauthorized use of cloud applications by employees. The solution will query a corporate domain against a list of commonly used SaaS applications and will return a list of all SaaS applications that are in use, highlighting applications that have been provisioned without prior approval from the IT department. A file can be downloaded detailing all SaaS applications in use which can be compared with future scans to identify new SaaS applications that have been provisioned since the last time the query was run. Shadow IT introduces risks, yet IT departments are often unaware of employees’ activities. Many companies are in the dark about the software used by their employees and the cloud services registered using company domains. This new service...

Read More
Cofense Triage Now Helping ADT Protect its Customers from Phishing Attacks
May16

Cofense Triage Now Helping ADT Protect its Customers from Phishing Attacks

Cofense has announced it has partnered with the monitored security and interactive business automation solution provider ADT. ADT provides cybersecurity solutions to enterprises and mid-sized companies throughout the United States and Canada. The firm’s managed detection and response services allow businesses to mitigate cyber threats in real-time before they lead to a data breach. Perimeter defenses only go so far. They will block the majority of cyber threats, although no solution is capable of preventing all phishing emails from reaching inboxes. It is therefore essential for organizations to have a solution in place to allow phishing attacks to be mitigated in real time. The partnership will see Cofense Triage incorporated into ADT’s unified platform for organizing, managing, and collecting cyber intelligence. Cofense Triage is the industry’s first phishing-specific automated incident response platform. The platform provides security teams with detailed information on phishing attacks in real-time, helping them separate attacks in progress from the background noise and...

Read More
Warnings Issued Over Vulnerable Medical Devices
May14

Warnings Issued Over Vulnerable Medical Devices

Warnings have been issued by the Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) about vulnerabilities in several medical devices manufactured by Silex Technology, GE Healthcare, and Phillips. If the vulnerabilities were to be exploited, an unauthorized individual could potentially take control of the devices. Phillips Brilliance CT Scanners In early May, Phillips alerted the National Cybersecurity and Communications Integration Center (NCCIC) about security vulnerabilities affecting its Brilliance CT scanners. Phillips has been working to remediate the vulnerabilities and has been working with DHS to alert users of its devices to help them reduce risk. There have been no reports received to suggest any of the vulnerabilities have been exploited in the wild. Three vulnerabilities have been discovered to affect the following scanners: Brilliance 64 version 2.6.2 and below Brilliance iCT versions 4.1.6 and below Brillance iCT SP versions 3.2.4 and below Brilliance CT Big Bore 2.3.5 and below See ICS-CERT advisory...

Read More
Spate of Phishing Attacks on Healthcare Organizations Sees 90,000 Records Exposed
May10

Spate of Phishing Attacks on Healthcare Organizations Sees 90,000 Records Exposed

The past few weeks have seen a significant rise in successful phishing attacks on healthcare organizations. In a little over four weeks there have been 10 major email hacking incidents reported to the Department of Health and Human Services’ Office for Civil Rights, each of which has resulted in the exposure and potential theft of more than 500 healthcare records. Those ten incidents alone have seen almost 90,000 healthcare records compromised. Recent Email Hacking and Phishing Attacks on Healthcare Organizations HIPAA-Covered Entity Records Exposed Inogen Inc. 29,529 Knoxville Heart Group 15,995 USACS Management Group Ltd 15,552 UnityPoint Health 16,429 Texas Health Physicians Group 3,808 Scenic Bluffs Health Center 2,889 ATI Holdings LLC 1,776 Worldwide Insurance Services 1,692 Billings Clinic 949 Diagnostic Radiology & Imaging, LLC 800 The Oregon Clinic Undisclosed   So far this year there have been three data breaches involving the hacking of email accounts that have exposed more than 30,000 records. Agency for Health Care Administration suffered a 30,000-record breach...

Read More
Cofense Expands Technology Alliance Program to Provide Organizations with Greater Visibility into Network Security
May09

Cofense Expands Technology Alliance Program to Provide Organizations with Greater Visibility into Network Security

Over the past 12 months, the anti-phishing solution provider Cofense has significantly expanded its Technology Alliance Program, increasing its partners by 50% and adding more than 10 new technical integrations in the past year. The purpose of the Technology Alliance Program is to allow partners to offer their customers a much more comprehensive solution to deal with the growing threat from phishing. Complimentary cybersecurity solution providers can concentrate on enhancing their own capabilities, while benefiting from the specialized anti-phishing technology developed by Cofense. By linking technologies together, customers of partners will be able to offer the detailed intelligence and phishing response capabilities of Cofense Triage and Cofense Intelligence. The solutions provide detailed information that can help companies make more effective decisions about the cyber threats facing their company. The integrations with technology partners also reduce the cost for customers, simplify deployments, improve efficiency, and help them optimize their cybersecurity investments. New...

Read More
TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite
May04

TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite

TitanHQ has announced its DNS-based web filtering solution, WebTitan, has now been integrated into Kaseya’s IT Complete platform. The integration allows MSPs serving the healthcare industry to offer their clients an additional layer of protection against web-based threats such as phishing, malware, and ransomware. Via Kaseya, managed service providers can access cybersecurity solutions from some of the biggest names in the industry, including Cisco, Dell, and Bitdefender. While the platform provides MSPs with a wide range of easy-to-deploy cybersecurity solutions, one notable absence was an MSP-friendly content filtering solution. “Security is a critical service that all MSPs must deliver. Adding WebTitan to our open ecosystem of partner solutions means our customers now have even greater access to best of breed technologies to meet the needs of their business,” said Frank Tisellano, Jr., Kaseya vice president product management and design. “With growing concerns over malware, ransomware and phishing as key threats to MSP customers, WebTitan adds a highly effective layer of...

Read More
Several Employee Email Accounts Compromised in UnityPoint Health Phishing Attack
Apr16

Several Employee Email Accounts Compromised in UnityPoint Health Phishing Attack

UnityPoint Health has discovered the email accounts of several employees have been compromised and accessed by unauthorized individuals. Access to the employee email accounts was first gained on November 1, 2017 and continued for a period of three months until February 7, 2018, when the phishing attack was detected and access to the compromised email accounts was blocked. Upon discovery of the phishing attack, UnityPoint Health engaged the services of a computer forensics firm to investigate the scope of the breach and the number of patients impacted. The investigation revealed a wide range of protected health information had potentially been obtained by the attackers, which included names in combination with one or more of the following data elements: Medical record number, date of birth, service dates, treatment information, surgical information, lab test results, diagnoses, provider information, and insurance information. The security breach has yet to appear on the Department of Health and Human Services’ breach portal, so it is currently unclear exactly how many patients have...

Read More
JotForm Announces HIPAA Compliant Form Software
Apr14

JotForm Announces HIPAA Compliant Form Software

Healthcare providers that want to collect data from patients via websites and patient portals need to develop their own forms that meet HIPAA requirements or use HIPAA compliant form software. Regardless of the option chosen, safeguards must be incorporated into forms to ensure the confidentiality and integrity of protected health information (PHI) and satisfy the requirements of the HIPAA Security Rule. Safeguards must protect PHI throughout the collection process, both at rest and in transit. Collecting information using physical forms is practical in certain situations, although that places an administrative burden on employees who must enter form data into hospital systems. Transitioning to digital forms improves efficiency. Patients can complete prescription fill requests online, provide updates to their medical histories, and make online online. Healthcare providers can also create digital onboarding forms to efficiently sign up new patients, obtain consent forms, and create online questionnaires. Healthcare providers can avoid headaches by using third-party HIPAA compliant...

Read More
Lack of Security Awareness Training Leaves Healthcare Organizations Exposed to Cyberattacks
Apr09

Lack of Security Awareness Training Leaves Healthcare Organizations Exposed to Cyberattacks

A recent study conducted by the Ponemon Institute on behalf of Merlin International has revealed healthcare organizations are failing to provide sufficient security awareness training to their employees, which is hampering efforts to improve their security posture. Phishing is a major security threat and the healthcare industry is being heavily targeted. Phishing offers threat actors an easy way to bypass healthcare organizations’ security defenses. Threat actors are now using sophisticated tactics to evade detection by security solutions and get their emails delivered. Social engineering techniques are used to fool employees into responding to phishing emails and disclose their login credentials or install malware. Phishing is used in a high percentage of cyberattacks on healthcare organizations. Research conducted by Cofense (formerly PhishMe) suggests as many as 91% of cyberattacks start with a phishing email. While security solutions can be implemented to block the majority of phishing emails from being delivered to end users’ inboxes, it is not possible to block 100% of...

Read More
Cofense Enhances Security Awareness and Employee Conditioning Solutions
Apr07

Cofense Enhances Security Awareness and Employee Conditioning Solutions

Cofense has announced it has made several enhancements to its phishing training, simulation, and response platform to make it even easier for companies to improve their defenses against phishing attacks – The number one cybersecurity threat faced by organizations in the healthcare sector. While technological anti-phishing solutions can reduce the volume of malicious emails that are delivered to end users’ inboxes, some phishing emails will still be delivered. It is therefore essential – and a requirement of HIPAA – for employees to receive training to help them identify phishing threats. Research conducted by Cofense has shown that organizations can reduce susceptibility to phishing attacks by up to 95% through security awareness training, when training is reinforced with phishing simulations. The Cofense PhishMe training and phishing simulation platform helps organizations improve the security awareness of their employees and conditions them to respond appropriately when potentially malicious messages are received. In addition to regular additions to the library of training...

Read More
Cofense Reporter for Mobile Launched to Accelerate Reporting of Phishing Attacks
Apr05

Cofense Reporter for Mobile Launched to Accelerate Reporting of Phishing Attacks

Cofense Reporter, the phishing email reporting solution used on more than 11 million endpoints to report phishing attacks in progress, has now been released in a mobile-friendly format. The solution allows employees to report phishing attacks, regardless of the device used to check work emails. The HIPAA Security Rule requires covered entities to provide security awareness training to employees to help prevent the exposure or theft of protected health information. Training helps employees to recognize phishing threats before they lead to a data breach. Since phishing emails are likely to be sent to multiple employees, security teams need to act quickly when a phishing attack is identified. A solution that allows phishing emails to be reported by employees will help to increase the speed at which threats can be mitigated. Cofense’s solution – Cofense Reporter – allows employees to report phishing emails with a single click of the mouse. The emails are sent to security teams allowing all other instances of the email to be rapidly removed from employees’ inboxes. Phishing email...

Read More
Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches
Apr03

Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches

Verizon has released its annual Protected Health Information Breach Report which delves deep into the main causes of breaches, why they occur, the motivations of internal and external threat actors, and the main threats to the confidentiality, integrity, and availability of PHI. For the report, Verizon analyzed 1,368 healthcare data breaches and incidents where protected health information (PHI) was exposed but not necessarily compromised. The data came from 27 countries, although three quarters of the breached entities were based in the United States where there are stricter requirements for reporting PHI incidents. In contrast to all other industry sectors, the healthcare industry is unique as the biggest security threat comes from within. Insiders were responsible for almost 58% of all breaches with external actors confirmed as responsible for just 42% of incidents. The main reason for insider breaches is financial gain. PHI is stolen to commit identity theft, credit card fraud, insurance fraud, and tax fraud. Verizon determined that 48% of all internal incidents were conducted...

Read More
QliqSOFT Launches Snap & Fax Service to Integrate Faxing Capability into its Secure Messaging App
Mar30

QliqSOFT Launches Snap & Fax Service to Integrate Faxing Capability into its Secure Messaging App

The secure messaging platform provider QliqSOFT has launched a new clinical collaboration solution that allows physicians and nurses to integrate their current medical fax solution into their daily mobile-focused workflow. Faxing may now be an antiquated method of communication, but faxes are still extensively used in healthcare to send important patient information and are an integral part of healthcare workflows. While alternative communications services have been widely adopted in other industries, faxing still accounts for approximately three quarters of all medical communications in healthcare. The new QliqSOFT service, named Snap & Fax, brings faxing into the modern era. The service allows healthcare professionals to quickly create and fax documents directly from their mobile phones using the Qliq secure texting mobile app. The new service provides the same functions of traditional fax machines with the added convenience of sending documents directly from mobile devices and not having to print out or scan documents. The solution is based on QliqSOFT’s Snap & Sign...

Read More
Centra Health Chooses QliqSOFT to Improve Clinical Collaboration
Mar28

Centra Health Chooses QliqSOFT to Improve Clinical Collaboration

Providing quality care to patients requires collaboration with specialists from different teams within a healthcare facility, and oftentimes with third-party healthcare providers across the country. Many of those organizations use different EHR systems which makes quick and efficient communication and collaboration a major challenge. While it is possible to communicate on the telephone and send information via email and fax, those communication channels are far from efficient. The Virginia cancer care center, Centra Health, grew frustrated with communications problems and sought a solution that could be used to document and share information about the stage of lung cancer patients’ tumors with the entire care team. Centra Health considered several secure communication platforms before opting to implement QliqSOFT’s communications solution. The platform proved to be a huge success, speeding up communication and allowing the entire care team to collaborate efficiently, eliminating phone tag and frustrating communication delays. Once the communication benefits for lung cancer patients...

Read More
Palo Alto Networks Completes Acquisition of Evident.io
Mar26

Palo Alto Networks Completes Acquisition of Evident.io

Evident.io, a leader in the field of public cloud services infrastructure protection, has been acquired by Palo Alto Networks for $300 million in cash. Palo Alto Networks is already a leader in cloud security. The company has developed its VM-Series of virtualized next-gen firewalls which provide in line cloud security, Traps provides host-based protection, and API-based security covers public cloud services infrastructure. Evident.io is also a leader in the field of cloud security. The Evident Security Platform allows organizations to proactively manage cloud security risk, reduce the attack surface, and improve security posture. The platform continuously monitors Azure and AWS deployments, assesses security risks, and provides expert guidance on remediation. Palo Alto believes that the acquisition of a leader in the field of public cloud services infrastructure protection will enable the company to strengthen its position and extend its leadership in the field. Evident.io solutions will be integrated into the Palo Alto range and will allow customers to use a single approach to...

Read More
Healthcare Data Breach Statistics
Mar20

Healthcare Data Breach Statistics

We have compiled healthcare data breach statistics from October 2009 when the Department of Health and Human Services’ Office for Civil Rights first started publishing summaries of healthcare data breaches on its website. The healthcare data breach statistics below only include data breaches of 500 or more records as smaller breaches are not published by OCR. The breaches include closed cases and breaches still being investigated by OCR. Our healthcare data breach statistics clearly show there has been an upward trend in data breaches over the past 9 years, with 2017 seeing more data breaches reported than any other year since records first started being published. There have also been notable changes over the years in the main causes of breaches. The loss/theft of healthcare records and electronic protected health information dominated the breach reports between 2009 and 2015, although better policies and procedures and the use of encryption has helped reduce these easily preventable breaches. Our healthcare data breach statistics show the main causes of healthcare data breaches...

Read More
SafeDNS Partners with Internet Watch Foundation
Mar18

SafeDNS Partners with Internet Watch Foundation

The web filtering platform provider SafeDNS has been helping consumers and businesses control the content that can be accessed via their wired and wireless networks since 2013. SafeDNS is already a ‘Friendly WiFi’ accredited company and its solutions ensure minors can access the Internet safely and securely and avoid sexual content and other age-inappropriate websites. Now the Alexandria, VA-based firm has announced it has partnered with the Internet Watch Foundation (IWF), and through membership with the organization, has taken another step toward making the Internet a cleaner and safer place. The IWF is a not-for-profit organization committed to cleaning up the Internet and removing images and video content of child abuse, child pornography, and other criminally obscene website content. The organization searchers for images of child abuse and allows Internet users to anonymously report any websites, webpages, and forums where such images are hosted. The IWF plays a major role in taking down the content and helps to bring the perpetrators to justice. The IWF also maintains a Child...

Read More
NH-ISAC Partnership with Anomali Helps Accelerate Threat Detection and Information Sharing in Healthcare
Mar17

NH-ISAC Partnership with Anomali Helps Accelerate Threat Detection and Information Sharing in Healthcare

Anomali has partnered with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be providing threat intelligence to healthcare organizations through NH-ISAC. Anomali will be providing NH-ISAC with the required tools and infrastructure to allow its members to collaborate and share threat intelligence with other members. Anomali will be providing up to date threat intelligence on new and current external threats specific to the healthcare industry allowing NH-ISAC members to take proactive steps to minimize risk. Anomali’s early warning system helps healthcare organizations respond to threats quickly when suspicious activity is detected on a network. NH-ISAC members include hospitals, health insurers, medical research institutions, pharma companies, ambulatory providers, medical device manufacturers and other healthcare stakeholders. NH-ISAC community members help each other use physical and cyber threat intelligence to inform security decisions and mitigate threats. The new collaboration between NH-ISAC and Anomali will help empower the healthcare community...

Read More
Is Google Calendar HIPAA Compliant?
Mar07

Is Google Calendar HIPAA Compliant?

Is Google Calendar HIPAA compliant? Can the time management and calendar scheduling service be used by healthcare organizations or would use of the service be considered a violation of HIPAA Rules? This post explores whether Google supports HIPAA compliance for the Google Calendar service.   Google Calendar was launched in 2006 and is part of Google’s G Suite of products and services. Google Calendar could potentially be used for scheduling appointments, which may require protected health information to be added. Uploading any protected health information to the cloud is not permitted by the HIPAA Privacy Rule unless certain HIPAA requirements have first been satisfied. A risk analysis must be conducted to assess potential risks to the confidentiality, integrity, and availability of ePHI. Risks must be subjected to a HIPAA-compliant risk management process and reduced to an acceptable level. Access controls must be implemented to ensure that ePHI can only be viewed by authorized individuals, appropriate security controls must be in place to prevent unauthorized disclosures, and an...

Read More
SonicWall Cyber Threat Report 2018 Shows 71% Decrease in Ransomware Attacks
Mar06

SonicWall Cyber Threat Report 2018 Shows 71% Decrease in Ransomware Attacks

The SonicWall Cyber Threat Report 2018 published this week indicates the volume of ransomware attacks has fallen considerably over the course of the past year, dropping from 638 million attacks in 2016 to 184 million attacks in 2017. While the fall of more than 71% is certainly good news, there has been a notable rise in the ransomware variants used and a sizeable increase in the use of other malware. Between 2016 and 2017 there was a 101.2% rise in ransomware variants in use. SonicWall Captured 2,855 unique ransomware variants in 2017 and reports an 18.4% increase in malware attacks. In 2017, the number of malware attacks rose to 9.32 billion. Ransomware attacks may be down year-over-year, but SonicWall predicts the number of attacks will rise in 2018, albeit targeting different devices. IoT and mobile attacks are likely to become much more common in 2018. SSL/TLS traffic has increased by 24% in the past year as businesses switch from HTTP to HTTPS to provide greater protection for their customers. Cybercriminals have followed suit and are increasingly using SSL/TLS encryption to...

Read More
SpamTitan v7.00 Release Sees Bitdefender Used as Primary AV Engine
Mar05

SpamTitan v7.00 Release Sees Bitdefender Used as Primary AV Engine

TitanHQ has announced the release of a new version of its leading cloud-based anti spam service. SpamTitan v7.00 includes several important updates to better protect users from malicious emails and known threats, including patches for recently discovered vulnerabilities in the ClamAV anti-virus engine. One of the notable changes in the new version is a change to the primary anti-virus engine. SpamTitan v7.00 now offers award-winning anti-malware and ransomware protection through Bitdefender. The change to the Romanian-based antivirus company is part of a growing strategic relationship with the firm that will see further collaboration over the coming weeks and months. The secondary AV engine will continue to be provided by ClamAV. TitanHQ has confirmed that support for Kaspersky AV – the primary AV engine on previous releases of SpamTitan – will stop from May 1, 2018. TitanHQ said its mission is “to provide secure, reliable and affordable security solutions to our partners and customers. Our team continually develops our product suite, implementing customer feedback and feature...

Read More
PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate
Feb26

PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate

PhishMe, the leading provider of human phishing defense solutions, has announced that from February 26, 2018, the firm will be known as Cofense. Along with the name change, the firm has announced it has been acquired by a private equity syndicate, which valued the firm at $400 million. PhishMe was formed in 2007 with the aim of developing products and services to tackle the growing threat from phishing. Employees have long been viewed as the weakest link in security, yet the human element of security defenses was often neglected. Over the years, PhishMe developed its products and services to help companies improve their last line of defense and turn security liabilities into security assets. PhishMe has helped thousands of organizations improve their defenses against phishing through training and phishing simulations. The firm has also developed a range of associated products and services including a reporting platform that has now been adopted by more than 2 million users, as well as incident response and threat intelligence services. While phishing defense is still at the heart...

Read More
AJMC Study Reveals Common Characteristics of Hospital Data Breaches
Feb20

AJMC Study Reveals Common Characteristics of Hospital Data Breaches

The American Journal of Managed Care has published a study of hospital data breaches in the United States. The aim of the study was to identify common characteristics of hospital data breaches, what the biggest problem areas are, the main causes of security incidents and the types of information most at risk. The study revealed hospitals are the most commonly breached type of healthcare provider, accounting for approximately 30% of all large healthcare security incidents reported to the Department of Health and Human Services’ Office for Civil Rights by providers between 2009 and 2016. Over that 7-year time period there were 215 breaches reported by 185 nonfederal acute care hospitals and 30 hospitals experienced multiple breaches of 500 or more healthcare records. One hospital experienced 4 separate breaches in the past 7 years, five hospitals had 3 breaches, and 24 hospitals experienced 2 breaches. In addition to hospitals experiencing the highest percentage of security breaches, those breaches also resulted in the theft/exposure of the highest number of health records. While...

Read More
Barracuda Launches New Security Insight Platform
Feb15

Barracuda Launches New Security Insight Platform

The cloud security and data protection company Barracuda has launched a new Security Insight platform that offers real-time threat intelligence and security risk data on the latest threats around the world. Having visibility into the latest threats allows security teams to take proactive steps to improve their defenses against real-world threats and assess the current threat level. Via the platform, users can view summaries and detailed information on web, email, endpoint, and network attacks tracked by Barracuda. For many companies, it is only when a cyberattack and data breach occurs that they become aware of a new threat. Threat intelligence such as that provided through Barracudas Security Insight raises awareness of attacks that are currently taking place around the globe – Awareness of those threats helps businesses take action to improve their security posture. Barracuda performs large-scale analyses of data collected from a wide range of sources which is summarized and presented through the Security Insight platform. The summaries are easy to read and provide bite-sized...

Read More
January 2018 Healthcare Data Breach Report
Feb14

January 2018 Healthcare Data Breach Report

Our January 2018 Healthcare Data Breach Report details the healthcare security incidents reported to the Department of Health and Human Services’ Office for Civil Rights in January 2018. There were 21 security breaches reported to OCR in January which is a considerable improvement on the 39 incidents reported in December 2017. Last month saw 428,643 healthcare records exposed. While there was a 46.15% drop in the number of healthcare data breaches reported in January month over month, 87,022 more records were exposed or stolen than in December. January was the third consecutive month where the number of breached records increased month over month. The mean breach size in January was 20,412 records – very similar to the mean breach size in December 2017 (20,487 records). However, the high mean value was due to a particularly large breach of 279,865 records reported by Oklahoma State University Center for Health Sciences. In January, the healthcare data breaches reported were far less severe than in December. In January the median breach size was 1,500 records. In December it was...

Read More
Webroot Provides DNS Web Filtering for Guest WiFi
Feb14

Webroot Provides DNS Web Filtering for Guest WiFi

Webroot has expanded its SecureAnywhere DNS filtering service to include guest WiFi networks. The new service uses the firm’s domain layer security and content filtering service and ensures high availability of WiFi access via Webroot’s DNS global servers. Businesses are now under pressure to provide free Wi-Fi access throughout their establishment, with many customers choosing businesses based on whether WiFi access is provided. However, Wi-Fi networks can be hijacked and hacked placing customers at risk. Businesses also need to take care to ensure that their WiFi connections are not abused and used for illegal activities such as copyright infringing downloads and the accessing of criminally obscene website content. Webroot’s cloud-based SaaS has been developed to solve the problem and allows businesses to easily provide clean, safe, and secure WiFi access to guests. The solution has been developed to be easy to implement and use, even by those with little technical ability. Setting up content filtering on WiFi networks requires a minor change to DNS settings to redirect guest...

Read More
Healthcare Industry Scores Poorly on Employee Security Awareness
Feb13

Healthcare Industry Scores Poorly on Employee Security Awareness

A recent report published by security awareness training company MediaPro has revealed there is still a lack of preparedness to deal with common cyberattack scenarios and privacy and security threats are still not fully understood by healthcare professionals. For MediaPro’s 2017 State of Privacy and Security Awareness Report, the firm surveyed 1,009 US healthcare industry employees to assess their level of security awareness. Respondents were asked questions about common privacy and security threats and were asked to provide answers on several different threat scenarios to determine how they would respond to real world threats. Based on the responses, MediaPro assigned respondents to one of three categories. Heroes were individuals who scored highly and displayed a thorough understanding of privacy and security threats by answering 93.5%-100% of questions correctly. Novices showed a reasonable understanding of threats, answering between 77.4% and 90.3% of answers correctly. The lowest category of ‘Risks’ was assigned to individuals with poor security awareness, who scored 74.2% or...

Read More
Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal
Feb12

Barracuda Acquired by Thoma Bravo in $1.6 Billion Deal

The cloud security and data protection firm Barracuda Networks Inc., has been acquired by the private equity investment firm Thoma Bravo in a deal worth $1.6 billion. Financing for the acquisition was provided by Goldman Sachs & Co. LLC, Credit Suisse, and UBS Investment Bank. Barracuda will continue to operate as a privately held company. Barracuda shareholders will receive $27.55 per share of common stock they hold. “Thoma Bravo has an excellent history of investing in growing security businesses, and this transaction speaks to the value and strength of Barracuda’s security platform, which helps customers protect and manage their networks, applications, and data. I expect that our employees, customers, and partners will benefit from this partnership,” said BJ Jenkins, chief executive officer of Barracuda. Barracuda currently protects more than 150,000 customers from email, web, and network attacks with its platform used to protect workloads and applications from the full range of malicious attacks. Its cybersecurity solutions can be centrally managed in...

Read More
PhishMe (Now Cofense) Wins Five Cybersecurity Awards
Feb10

PhishMe (Now Cofense) Wins Five Cybersecurity Awards

PhishMe (now Cofense) has collected five 2018 Cybersecurity Excellence Awards for its phishing defense solutions. The Cybersecurity Excellence Awards program is produced by Cybersecurity Insiders in partnership with the Information Security Community on LinkedIn. The awards program recognizes excellence in the field of cybersecurity with awards being given to companies that have demonstrated excellence, leadership, and innovation in information security. This year there were more than 400 entries across 70 different categories. The awards winners were selected based on the strength of their nominations and members of the Information Security Community are required to vote for their best loved products and services. The finalists for the awards were announced on February 1 and the winners on February 7. To even be named as a finalist confirms that a company has developed exceptional products and services that help businesses protect their networks and data against cyberattacks. Cybersecurity Insiders notes that “All winners and finalists reflect the very best in today’s...

Read More
Symantec Offers Solution for Filtering Uncategorized Websites
Feb06

Symantec Offers Solution for Filtering Uncategorized Websites

Organizations that have implemented URL filtering to control the websites that employees are allowed to access can easily filter websites by category. However, not all websites are categorized, which creates a problem with URL filtering. Without a category, applying category controls is not possible. Now, Symantec has offered a solution to the problem. When new websites are created it takes time for categories to be applied and the lag poses problems for URL filtering. The solution chosen by many organizations has been an all or nothing approach. Block all uncategorized websites or allow them to be accessed. When a category is assigned to the sites, they will be subjected to standard filtering controls. The allow all approach could permit malicious websites to be accessed, while the deny all approach means potentially useful websites will be unnecessarily blocked. While IT departments may be willing to accept the latter, it can result in an increase in support calls to the helpdesk. The Blue Coat Web Filter URL database is comprehensive, although the same problem with uncategorized...

Read More
TitanHQ Partners with HTG Peer Groups
Feb04

TitanHQ Partners with HTG Peer Groups

At the HTG Peer Groups Q1 quarterly meeting in Las Vegas, TitanHQ, the leading provider of cloud-based web filtering and anti-spam solutions, announced it has partnered with HTG: The international coaching, consulting, and peer group organization. The new partnership sees TitanHQ become a Gold vendor, with its cybersecurity solutions made instantly available to HTG community members. HTG was formed in 2000 with the aim of helping businesses expand and realize their full potential. HTG consultants provide insights and share wisdom with business leaders to help them create the accountability and structure necessary to make their businesses a success. Through HTG, business leaders can maximize their potential using tried and tested strategic systems. The path to profitability and success inevitably involves some setbacks and having a partner to provide support and guidance through difficult times can make a big difference. Many companies also require help to avoid common problems: problems that can cause significant, and sometimes catastrophic, losses. One area of concern voiced by...

Read More
Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI
Feb02

Phishing Attack on Business Associate Exposes Forrest General Hospital Patients’ PHI

The management consulting company HORNE LLP, a business associate of Forrest Health’s Forrest General Hospital, is notifying certain hospital patients that some of their protected health information (PHI) has potentially been obtained by a third party after access was gained to the email account of one of its employees. HORNE provides certain Medicare reimbursement services to Forrest General Hospital and as such, requires access to patients’ PHI. HORNE became aware of an email account breach on November 1, 2017 when it discovered the email account of an employee was being used to send phishing emails. The discovery prompted the shut down of the email account and an investigation into a potential breach was launched. That investigation revealed an unauthorized individual had gained access to the employee’s email account the previous day as a result of the employee responding to a phishing email. The phishing attack was investigated by a third-party investigator to determine the nature and extent of the breach and whether the PHI of any patients had been exposed. The investigation...

Read More
Analysis of Healthcare Data Breaches in 2017
Jan24

Analysis of Healthcare Data Breaches in 2017

A summary and analysis of healthcare data breaches in 2017 has been published by Protenus. Data for the report is obtained from Databreaches.net, which tracks healthcare data breaches reported to OCR, the media, and other sources. The 2017 breach report gives an indication of the state of healthcare cybersecurity.  So how has 2017 been? There Were at Least 477 Healthcare Data Breaches in 2017 In some respects, 2017 was a good year. The super-massive data breaches of 2015 were not repeated, and even the large-scale breaches of 2016 were avoided. However, healthcare data breaches in 2017 occurred at rate of more than one per day. There were at least 477 healthcare data breaches in 2017 according to the report. While all those breaches have been reported via one source or another, details of the nature of all the breaches is not known. It is also unclear at this stage exactly how many healthcare records were exposed. Numbers have only been obtained for 407 of the breaches. There was a slight increase (6%) in reported breaches in 2017, up from 450 incidents in 2016. However, there was...

Read More
Analysis of Q4 2017 Healthcare Security Breaches
Jan22

Analysis of Q4 2017 Healthcare Security Breaches

Q4, 2017 saw a 13% reduction in healthcare security breaches reported to the Department of Health and Human Services’ Office for Civil Rights. There were 99 data breaches reported in Q3, 2017. In Q4, there were 86 security breaches reported. There were 27 healthcare security breaches reported in September, following by a major decline in breaches in November, when 21 incidents were reported. However, December saw a significant uptick in incidents with 38 reported breaches. Accompanied by the quarterly decline in security incidents was a marked decrease in the severity of breaches. In Q3, there were 8 data breaches reported that impacted more than 50,000 individuals. In Q4, no breaches on that scale were reported. The largest incident in Q4 impacted 47,000 individuals.  Largest Q4, 2017 Healthcare Security Breaches   Covered Entity Entity Type Number of Records Breached Cause of Breach Oklahoma Department of Human Services Health Plan 47000 Hacking/IT Incident Henry Ford Health System Healthcare Provider 43563 Theft Coplin Health Systems Healthcare Provider 43000 Theft...

Read More
Summary of Healthcare Data Breaches in December 2017
Jan18

Summary of Healthcare Data Breaches in December 2017

There was a sharp rise in healthcare data breaches in December, reversing a two-month downward trend. There were 38 healthcare data breaches in December 2017 that impacted more than 500 individuals: An increase of 81% from last month.     Unsurprisingly given the sharp increase in reported breaches, the number of records exposed in December also increased month over month. The records of 341,621 individuals were exposed or stolen in December: An increase of 219% from last month.     December saw a similar pattern of breaches to past months, with healthcare providers experiencing the most data breaches; however, there was a notable increase in breaches reported by health plans in December – rising from 2 in November to six in December.   Causes of Healthcare Data Breaches in December 2017 As was the case last month, hacking/IT incidents and unauthorized access/disclosures were the most common causes of healthcare data breaches in December, although there was a notable increase in theft/loss incidents involving portable electronic devices and paper records....

Read More
Fortinet Launches New Operational Technology Security Solution for Critical Infrastructure Organizations
Jan18

Fortinet Launches New Operational Technology Security Solution for Critical Infrastructure Organizations

Cyberattacks on critical infrastructure are becoming much more common. Cybersecurity reports suggest SCADA/ICS security breaches have been experienced by more than 50% of critical infrastructure organizations in the past 12 months alone. Those attacks can result in major disruption to essential services including energy, water, and healthcare. Unfortunately, there are major differences between traditional information technology and operational technology (OT). Consequently, most enterprise-class security solutions do not have visibility into OT systems due to the highly specialized nature of the technology. Without visibility, it is not possible to effectively defend against cyberattacks on OT systems. However, Fortinet has now developed a security solution that addresses the unique challenges of protecting operational technology. Its latest offering unifies the management and administration of both OT and IT via the Fortinet Security Fabric. The Fortinet Security Fabric allows organizations to deploy advanced cybersecurity controls to keep their OT systems, control systems, and...

Read More
Cyren and Carvir Partnership Sees SaaS Web and Email Security Solutions Offered to MSP Partners
Jan10

Cyren and Carvir Partnership Sees SaaS Web and Email Security Solutions Offered to MSP Partners

Cybersecurity firm Cyren has announced it has formed a new distribution partnership with Carvir that will see the firm’s web and email Security SAAS platforms offered to Managed Service and IT Service Providers. Carvir is a leading global distributor of monitoring and managed cybersecurity services for the IT services and MSP channel. Carvir already offers a wide range of cybersecurity solutions to MSPs and IT service providers, although there was a gap in its DNS, email, and web security solutions. Carvir now has more than 500 MSP partners who serve the needs of tens of thousands of business customers by providing managed security services. Over the past eight months Carvir has been searching for a new provider of cloud-based web security services. There was no shortage of powerful web security solutions, but most web security solutions were not MSP friendly, having been developed for enterprises rather than service providers. Many solutions lacked the multi-tenant capability or pricing model required by MSPs. By adding Cyren to our portfolio, we are delivering a superior security...

Read More
Barracuda Networks Acquires Security Awareness Firm PhishLine
Jan03

Barracuda Networks Acquires Security Awareness Firm PhishLine

Barracuda Networks has announced it has acquired the security awareness and anti-phishing training firm PhishLine. The deal will see PhishLine’s training and phishing simulation platform incorporated into the Barracuda range of AI-driven anti-phishing solutions to provide more comprehensive protection for its customers. Technological defenses against spear phishing and phishing help companies to reduce risk to a reasonable level; however, no solution can be 100% effective against the barrage of spam and malicious emails now being sent by threat actors around the globe. Email is now the leading attack vector and highly sophisticated tactics are now used to bypass security controls and target employees. Social engineering techniques are used to fool employees into revealing their login credentials and install malware and ransomware. Security awareness training is therefore an important part of any cybersecurity strategy. Businesses must ensure that the workforce has the necessary skills to identify new threats and take the appropriate action. This is where PhishLine excels. The...

Read More
Email Archiving Service Added to the Cyren Cloud Security Platform
Jan03

Email Archiving Service Added to the Cyren Cloud Security Platform

Cyren, a provider of DNS, email, and web security solutions, has announced the inclusion of a new email archiving service in its Cloud Security Platform. The platform can be used to keep business email messages secure while ensuring compliance with state and federal email retention regulations. Cyren’s Security-as-a-Service platform combines web security, email security, DNS security, cloud sandboxing, and email archiving into a single cloud-based platform that can be accessed, monitored, and managed through a single web-based administration control panel. The new release comes in response to requests by customers to provide complimentary services to the platform related to email management. Being cloud-based, the solution allows additional services to be easily rolled out to customers, something that would not be possible with appliance-based solutions. The latest addition helps organizations meet their email management compliance obligations, safely and securely store vast quantities of emails without the need for on-premises storage, and ensures all messages can be quickly and...

Read More
Whitelist Only Feature Added to Cisco Umbrella
Dec30

Whitelist Only Feature Added to Cisco Umbrella

Cisco has announced it has added a new whitelist only feature to Cisco Umbrella. The whitelist only option allows organizations to restrict Internet access to a small number of secure websites, and block access to the rest of the Internet. User are able to access the whitelist only option via their Umbrella dashboard. When the whitelist only option is set, all domains will be blocked by default and will be inaccessible. Any attempt made by an end user to visit a website that has not been added to the whitelist will be blocked before a connection is made. Any individual that attempts to access an unauthorized website would be presented a block page or the user could be directed to a specific URL. The setting can be applied to an existing rule or a new rule can be created. The whitelist only option can be set for the entire organization, for a particular network, for user groups, individual users or certain devices. The whitelist option will disable category lists and blocklists and will only allow sites to be added via allow lists. The whitelist can be used for domains or URLs....

Read More
Phishing Attack on Colorado Mental Health Institute Sees PHI Exposed
Dec27

Phishing Attack on Colorado Mental Health Institute Sees PHI Exposed

The Colorado Mental Health Institute at Pueblo has discovered one of its employees has fallen for a phishing scam that potentially allowed the attacker to gain access to the protected health information of as many as 650 patients. The Colorado Mental Health Institute at Pueblo is a 449-bed hospital providing inpatient care for patients. The hospital serves patients with pending criminal charges that require competency evaluations, individuals found by the courts to be incompetent to proceed, and individuals found not guilty of crimes due to insanity. The phishing attack occurred on November 1, 2017. The employee inadvertently disclosed login credentials that allowed the attacker to gain access to a state-issued computer. Unauthorized activity on the computer was detected the following day and access to the device was promptly blocked. The forensic investigation did not uncover any evidence to suggest the protected health information of patients had been accessed or stolen, although the possibility of unauthorized access and data theft could not be ruled out with complete certainty....

Read More
Cybersecurity Best Practices for Travelling Healthcare Professionals
Dec27

Cybersecurity Best Practices for Travelling Healthcare Professionals

In its December cybersecurity newsletter, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) offered cybersecurity best practices for travelling healthcare professionals to help them prevent malware infections and the exposure of patients’ protected health information (PHI). Many healthcare professionals will be travelling to see their families over the holidays and will be taking work-issued devices with them on their travels, which increases the risk to the confidentiality, integrity, and availability of PHI. Using work-issued laptops, tablets, and mobile phones in the office or at home offers some protection from cyberattacks and malware infections. Using the devices to connect to the Internet at cafes, coffee shops, hotels, and other Wi-Fi access points increases the risk of a malware infection or man-in-the-middle attack. Even charging portable devices via public USB charging points at hotels and airports can see malware transferred. Not only will malware and cyberattacks potentially result in data on the device being exposed, login credentials can...

Read More
New Malware Detections at Record High: Healthcare Most Targeted Industry
Dec21

New Malware Detections at Record High: Healthcare Most Targeted Industry

Throughout 2017, the volume of new malware samples detected by McAfee Labs has been steadily rising each quarter, reaching a record high in Q3 when 57.6 million new malware samples were detected. On average, in Q3 a new malware sample was detected every quarter of a second. In the United States, the healthcare industry continues to be the most targeted vertical, which along with the public sector accounted for more than 40% of total security incidents in Q3. In Q3, account hijacking was the main attack vector, followed by leaks, malware, DDoS, and other targeted attacks. There were similar findings from the recent HIMSS Analytics/Mimecast survey which showed email related phishing attacks were the greatest cause of concern among healthcare IT professionals, with email the leading attack vector. In Q3, globally there were 263 publicly disclosed security breaches – a 15% increase from last quarter – with more than 60% of those breaches occurring in the Americas. Malware attacks increased 10% since last quarter bringing the total new malware samples in the past four quarters to...

Read More
Email Top Attack Vector in Healthcare Cyberattacks
Dec12

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that participated in the survey have experienced more than a dozen malware or ransomware attacks in the past year. While there are several possible ways that ransomware and malware can be installed, healthcare providers rated email as the number one attack vector. When asked to rank attack vectors, Email was rated as the most likely source of a data breach by 37% of respondents, with the second most likely source of a data breach being ‘other portable devices’, ranked as the main threat by 10% of organizations. 59% of organizations ranked email first, second, or third as the most likely attack vector. In second place was laptops, which were ranked 1, 2, or 3 by 44% of organizations. Given the frequency of email based attacks this year, it is no surprise that healthcare organizations believe...

Read More
SafeDNS Partners with Router Manufacturers to Provide WiFi Control Straight out of the Box
Dec11

SafeDNS Partners with Router Manufacturers to Provide WiFi Control Straight out of the Box

SafeDNS has partnered with router manufacturers to offer safe WiFI access straight out of the box. Most WiFi routers do not incorporate the necessary controls to allow the filtering of Internet content without the addition of a third-party solution or controls applied at the ISP level. When web-filtering solutions are included, they tend to be basic and typically do not include advanced capabilities such as SSL inspection, so are restricted to blocking HTTP sites. As more businesses mover over to HTTPS, these web filtering controls cease to be effective. Cybercriminals are also making the move to HTTPS, so the failure to decrypt, inspect, and re-encrypt traffic could leave businesses and consumers exposed to online threats. Further, most routers with Internet access controls included do not offer the same granular control as third party solutions and custom filtering rules cannot be applied.  Even in a home environment this can cause problems, as it is not possible to apply different settings for individual users. The all or nothing approach means the same restrictions for a...

Read More
880 Patients Potentially Impacted by Baptist Health Louisville Phishing Attack
Dec06

880 Patients Potentially Impacted by Baptist Health Louisville Phishing Attack

Baptist Health in Louisville, KY has notified 880 patients that some of their protected health information has potentially been accessed and stolen by hackers. The security breach was discovered on October 3, 2017, when irregular activity was detected on the email account of an employee. Baptist Health was able to determine that a third party sent a phishing email to the employee, who responded and disclosed login credentials allowing the email account to be accessed. Those login credentials were subsequently used by an unknown individual to gain access the email account. The email account contained the protected health information of 880 patients, although it is unclear whether any of the emails were viewed. The motive behind the attack may not have been to gain access to sensitive information. What is known, is access was used to send further phishing emails to other email accounts. Following the discovery of the breach, Baptist Health responded quickly to limit the potential for harm and disabled the affected email accounts and performed a password reset to prevent further...

Read More
18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised
Dec06

18,500 Patients PHI Exposed After Multiple Email Accounts Were Compromised

The Detroit-based Henry Ford Health System has started notifying almost 18,500 patients that some of their protected health information has potentially been accessed by an unauthorized individual. The breach was detected on October 3, 2017 when unauthorized access to the email accounts of several employees was detected. While protected health information was potentially accessed or stolen, the health system’s EHR system was not compromised at any point. All data was confined to the compromised email accounts. It is currently unclear exactly how access to the email accounts was gained. Typically, breaches such as this involve phishing attacks, where multiple emails are sent to healthcare employees that fool them into disclosing their login credentials. An internal investigation into the breach is ongoing to determine the cause of the attack and how the login credentials of some of its employees were stolen. Henry Ford Health System has conducted a review of all emails in the accounts and has determined that 18,470 patients have been affected. The emails contained a range of...

Read More
Survey Reveals Poor State of Email Security in Healthcare
Nov29

Survey Reveals Poor State of Email Security in Healthcare

A recent survey showed 98% of top healthcare providers have yet to implement the DMARC (Domain-based Message Authentication, Reporting & Conformance) email authentication standard. The National Health Information Sharing and Analysis Center (NH-ISAC), the Global Cybersecurity Alliance (GCA), and cybersecurity firm Agari investigated the level of DMARC adoption in the healthcare industry and the state of healthcare email security. For the report, Agari analyzed more than 500 domains used by healthcare organizations and pharmaceutical firms, as well as more than 800 million emails and over 1,900 domains from its Email Trust Network. The report – Agari Industry DMARC Adoption Report for Healthcare – shows that while DMARC can all but eliminate phishing attacks that impersonate domains, only 2% of the top healthcare organizations and fewer than 23% of all healthcare organizations have adopted DMARC. Only 21% of healthcare organizations are using DMARC to monitor for unauthenticated emails, yet those organizations are not blocking phishing emails. Only 2% are protecting...

Read More
TitanHQ Partners with Etihad Stadium to Secure Guest WiFi Network
Nov24

TitanHQ Partners with Etihad Stadium to Secure Guest WiFi Network

TitanHQ has announced it has partnered with the Etihad Stadium in Melbourne and is providing its client-less DNS Internet filtering solution to secure the stadium’s network of more than 700 WiFi access points. As a modern stadium, it was necessary to provide WiFi access to sports fans, but also to ensure that WiFi could be accessed safely and securely. The stadium operators needed to implement security controls to prevent fans from inadvertently downloading malware, visiting phishing websites, or viewing website content that was inappropriate in a public location. A client-based or appliance-based system would have been impractical, so DNS filtering was the natural choice. A DNS-based URL filtering solution would allow accessible web content to be carefully controlled without latency, ensuring fast Internet access speeds could be enjoyed by all visitors to the stadium. The Etihad stadium chose TitanHQ’s WebTitan Cloud for WiFi to protect its 704 high-speed, high-capacity Internet access points spread throughout its 53,359-seater venue and corporate hospitality areas. The Web...

Read More
9,500 Patients Impacted by Medical College of Wisconsin Phishing Attack
Nov21

9,500 Patients Impacted by Medical College of Wisconsin Phishing Attack

A Medical College of Wisconsin phishing attack has resulted in the exposure of approximately 9,500 patients’ protected health information. The attackers managed to gain access to several employees’ email accounts, which contained a range of sensitive information of patients and some faculty staff. The types of information in the compromised email accounts included names, addresses, medical record numbers, dates of birth, health insurance details, medical diagnoses, treatment information, surgical information, and dates of service. A very limited number of individuals also had their Social Security numbers and bank account information exposed. The incident occurred over the space of a week in the summer between July 21 and July 28 when spear phishing emails were sent to specific individuals at the Medical College of Wisconsin. Responding to those emails resulted in the attackers gaining access to email login credentials. Medical College of Wisconsin brought in a computer forensics firm to conduct an investigation into the phishing attack, and while that investigation established...

Read More
Suspected Phishing Attack on UPMC Susquehanna Exposes 1,200 Patients’ PHI
Nov20

Suspected Phishing Attack on UPMC Susquehanna Exposes 1,200 Patients’ PHI

UPMC Susquehanna, a network of hospitals and medical centers in Williamsport, Wellsboro, and Muncy in Pennsylvania, has announced that the protected health information of 1,200 patients has potentially been accessed by unauthorized individuals. Access to patient information is believed to have been gained after an employee responded to a phishing email. While details of the breach date have not been released, UPMC Susquehanna says it discovered the breach on September 21, when an employee reported suspicious activity on their computer. An investigation was launched, which revealed unauthorized individuals had gained access to that individual’s device. It is not known whether the attacker viewed, stole, or misused any patient information, but the possibility of data access and misuse could not be ruled out. The information potentially accessed includes names, contact information, dates of birth, and Social Security numbers. The individuals potentially impacted by the incident had previously received treatment at various UPMC Susquehanna hospitals including Muncy Valley Hospital,...

Read More
October 2017 Healthcare Data Breaches
Nov16

October 2017 Healthcare Data Breaches

In October 2017, there were 27 healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights. Those data breaches resulted in the theft/exposure of 71,377 patient and plan member records. October saw a significant fall in the number of reported breaches compared to September, and a major fall in the number of records exposed. October saw a major reduction in the number of breached records, with the monthly total almost 85% lower than September and almost 88% lower than the average number of records breached over the preceding three months. Healthcare providers were the worst hit in October with 19 reported data breaches. There were six data breaches reported by health plans and at least two incidents involved business associates of HIPAA-covered entities. October 2017 Healthcare Data Breaches by Covered Entity Type Main Causes of October 2017 Healthcare Data Breaches Unauthorized access/disclosures were the biggest causes of healthcare data breaches in October. There were 14 breaches reported involving unauthorized access/disclosures, 8...

Read More
Cybersecurity in Healthcare Report Highlights Sorry State of Security
Nov15

Cybersecurity in Healthcare Report Highlights Sorry State of Security

Infoblox has released a new cybersecurity in healthcare report which has revealed many healthcare organizations are leaving themselves wide open to attack and are making it far too easy for hackers to succeed. The cybersecurity in healthcare report was commissioned to help determine whether the healthcare industry is prepared to deal with the increased threat of cyberattacks. Healthcare IT and security professionals from the United States and United Kingdom were surveyed for the report The report highlighted the sorry state of cybersecurity in healthcare and revealed why cyberattacks so commonly succeed. Devices are left unprotected, outdated operating systems are still in use, many healthcare organizations have poor visibility into network activity, employees are not being trained to identify threats, and there is apathy about security in many organizations. The Poor State of Cybersecurity in Healthcare The use of mobile devices in hospitals has increased significantly in recent years. While the devices can help to improve efficiency, mobile devices can introduce considerable...

Read More
Ursnif Trojan Steals Contacts and Sends Spear Phishing Emails
Nov13

Ursnif Trojan Steals Contacts and Sends Spear Phishing Emails

The banking Trojan Ursnif, one of the most commonly used banking Trojans, has previously been used to attack financial institutions. However, it would appear the actors behind the malware have broadened their horizons, with attacks now being conducted on a wide range of organizations across many different industries, including healthcare. The new version of the Ursnif Trojan was detected by researchers at security firm Barkly. The malware arrived in a phishing email that appeared to have been sent in response to a message sent to another organization. The spear phishing email included the message thread from past conversations, suggesting the email account of the contact had been compromised. The email contained a Word document as an attachment with the message “Morning, Please see attached and confirm.”  While such a message would arouse suspicion if that was the only content in the email body, the inclusion of the message thread added legitimacy to the email. The document contained a malicious macro that ran Powershell commands which tried to download the malicious payload;...

Read More
How Can Healthcare Organizations Prevent Phishing Attacks?
Nov07

How Can Healthcare Organizations Prevent Phishing Attacks?

The threat from phishing is greater than ever before. Healthcare organizations must now invest heavily in phishing defenses to counter the threat and prevent phishing attacks and the theft of credentials and protected health information. Phishing on an Industrial Scale More phishing websites are being developed than ever before. The scale of the problem was highlighted in the Q3 Quarterly Threat Trends Report from Webroot. In December 2016, Webroot reported there were more than 13,000 new phishing websites created every day – Around 390,000 new phishing webpages every month. By Q3, 2017, that figure had risen to more than 46,000 new phishing webpages a day – around 1,385,000 per month. The report indicated 63% of companies surveyed had experienced a phishing related security incident in the past two years. Phishing webpages need to be created on that scale as they are now detected much more rapidly and added to blacklists. Phishing websites now typically remain active for between 4-6 hours, although that short time frame is sufficient for each site to capture many users’...

Read More
New Study Reveals Lack of Phishing Awareness and Data Security Training
Nov03

New Study Reveals Lack of Phishing Awareness and Data Security Training

There is a commonly held view among IT staff that employees are the biggest data security risk; however, when it comes to phishing, even IT security staff are not immune. A quarter of IT workers admitted to falling for a phishing scam, compared to one in five office workers (21%), and 34% of business owners and high-execs, according to a recent survey by Intermedia. For its 2017 Data Vulnerability Report, Intermedia surveyed more than 1,000 full time workers and asked questions about data security and the behaviors that can lead to data breaches, malware and ransomware attacks. When all it takes is for one employee to fall for a phishing email to compromise a network, it is alarming that 14% of office workers either lacked confidence in their ability to detect phishing attacks or were not aware what phishing is. Confidence in the ability to detect phishing scams was generally high among office workers, with 86% believing they could identify phishing emails, although knowledge of ransomware was found to be lacking, especially among female workers. 40% of female workers did not know...

Read More
HIMSS Draws Attention to Five Current Cybersecurity Threats
Nov02

HIMSS Draws Attention to Five Current Cybersecurity Threats

In its October Cybersecurity report, HIMSS draws attention to five current cybersecurity threats that could potentially be used against healthcare organizations to gain access to networks and protected health information. Wi-Fi Attacks Security researchers have identified a new attack method called a key reinstallation (CRACK) attack that can be conducted on WiFi networks using the WPA2 protocol. These attacks take advantage of a flaw in the way the protocol performs a 4-way handshake when a user attempts to connect to the network. By manipulating and replaying the cryptographic handshake messages, it would be possible to reinstall a key that was already in use and to intercept all communications. The use of a VPN when using Wi-Fi networks is strongly recommended to limit the potential for this attack scenario and man-in-the-middle attacks. BadRabbit Ransomware Limited BadRabbit ransomware attacks have occurred in the United States, although the NotPetya style ransomware attacks have been extensive in Ukraine. As with NotPetya, it is believed the intention is to cause disruption...

Read More
Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017
Oct27

Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017

As recent healthcare breach notices have shown, phishing poses a major threat to the confidentiality of protected health information (PHI). The past few weeks have seen several healthcare organizations announce email accounts containing the PHI of thousands of patients have been accessed by unauthorized individuals as a result of healthcare employees responding to phishing emails. Report Shows Massive Rise in Phishing Attacks Using Malicious URLs This week has seen the publication of a new report that confirms there has been a major increase in malicious email volume over the past few months. Proofpoint’s Quarterly Threat Report, published on October 26, shows malicious email volume soared in quarter 3, 2017. Compared to the volume of malicious emails recorded in quarter 2, there was an 85% rise in malicious emails in Q3. While attachments have long been used to deliver malware downloaders and other malicious code, Q3 saw a massive rise in phishing attacks using malicious URLs. Clicking those links directs end users to websites where malware is downloaded or login credentials are...

Read More
Employees Sue Lincare Over W2 Phishing Attack
Oct23

Employees Sue Lincare Over W2 Phishing Attack

In February 2017, Lincare Holdings Inc., a supplier of home respiratory therapy products, experienced a breach of sensitive employee data. The W2 forms of thousands of employees were emailed to a fraudster by an employee of the human resources department. The HR department employee was fooled by a business email compromise (BEC) scam. While health data was not exposed, names, addresses, Social Security numbers, and details of employees’ earnings were obtained by the attacker. This year has seen an uptick in W2 phishing scams, with healthcare organizations and schools extensively targeted by scammers. The scam involves the attacker using a compromised company email account – or a spoofed company email address – to request copies of W2 forms from HR department employees. Cyberattacks that result in the sensitive data of patients and consumers being exposed often results in class action lawsuits, although it is relatively rare for employees to take legal action against their employers. Lincare is one of few companies to face a lawsuit for failing to protect employee data. Three former...

Read More
Beazley Publishes 2017 Healthcare Data Breach Report
Oct23

Beazley Publishes 2017 Healthcare Data Breach Report

Beazley, a provider of data breach insurance and response services, has published a special report on healthcare data breaches covering the first nine months of 2017. While hacking and malware attacks are common, by far the biggest cause of healthcare data breaches in 2017 was unintended disclosures. Hacking and malware accounted for 19% of breaches, while unintended disclosures accounted for 41% of incidents. The figures show healthcare organizations are still struggling to prevent human error from resulting in the exposure of health data. As Beazley explains in its report, it is easier to control and mitigate internal breaches than it is to block cyberattacks by outsiders, yet many healthcare organizations are failing to address the problem effectively. “We urge organizations not to ignore this significant risk and to invest time and resources towards employee training.” Beazley notes that the number of cases of employee snooping on records and other insider incidents is getting worse. This time last year, 12% of healthcare data breaches were insider incidents, but in 2017 the...

Read More
Healthcare Phishing Attack Potentially Impacts 16,500 Patients
Oct19

Healthcare Phishing Attack Potentially Impacts 16,500 Patients

Phishing is arguably the biggest data security threat faced by healthcare organizations. The past few weeks have seen several attacks reported by healthcare organizations, with the latest healthcare phishing attack one of the most serious, having affected as many as 16,562 patients. Chase Brexton Health Care reports that the attack occurred on August 2 and August 3, 2017, when multiple phishing emails were delivered to the inboxes of its employees. Phishing attacks commonly take the form of bogus invoices and fake package delivery notifications, although these emails purported to be surveys. After employees completed the surveys they were required to enter their login information. Four employees fell for the scam and divulged their user account credentials. The phishing attack was discovered on August 4 and access to the employees’ accounts was blocked.  However, on August 2 and 3, the accounts of those employees were accessed and the attackers re-route employee payments to their own bank account. While the aim of the phishing attack did not appear to be to gain access to patient...

Read More
Healthcare Data Breaches in September Saw Almost 500K Records Exposed
Oct19

Healthcare Data Breaches in September Saw Almost 500K Records Exposed

Protenus has released its Breach Barometer report which shows there was a significant increase in healthcare data breaches in September. The report includes healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights and security incidents tracked by databreaches.net. The latter have yet to appear on the OCR ‘Wall of Shame.’ In total, Protenus/databreaches.net tracked 46 healthcare data breaches in September. While the total number of breach victims has not been confirmed for all incidents, at least 499,144 healthcare records are known to have been exposed or stolen. The number of records exposed or stolen in four of the month’s breaches has yet to be disclosed. The high number of incidents makes September the second worst month of 2017 for healthcare industry data breaches. Only June was worse, when 52 data breaches were reported. In August, 33 data breaches were reported by healthcare organizations. The report confirms the worst incident of the month was a ransomware attack that saw the records of 128,000 individuals made...

Read More
Network Health Phishing Attack Impacts 51,000 Plan Members
Oct10

Network Health Phishing Attack Impacts 51,000 Plan Members

Wisconsin-based insurer Network Health has notified 51,232 of its plan members that some of their protected health information (PHI) has potentially been accessed by unauthorized individuals. In August 2017, some Network Health employees received sophisticated phishing emails. Two of those employees responded to the scam email and divulged their login credentials to the attackers, who used the details to gain access to their email accounts. The compromised email accounts contained a range of sensitive information including names, phone numbers, addresses, dates of birth, ID numbers, and provider information. No financial information or Social Security numbers were included in the compromised accounts, although certain individuals’ health insurance claim numbers and claim information was potentially accessed. The breach was detected rapidly and the affected accounts were shut down to limit the harm caused. An external cybersecurity consultant was brought in to assess the extent of the attack and perform a forensic analysis to determine whether access to other parts of the network...

Read More
Almost Half of IT Decision Makers Say Cybersecurity Still Not a Priority for Board Members
Oct10

Almost Half of IT Decision Makers Say Cybersecurity Still Not a Priority for Board Members

Fortinet has published the results of its Global Enterprise Security Survey. The report indicates board members are still not taking sufficient interest in cybersecurity, even with the high volume of cyberattacks that are now being reported. The survey was conducted on 1,801 IT decision makers with responsibility/visibility of IT security. The global survey was conducted in 16 countries including the United States, Canada, Germany, France, Australia, India, and the UK. 48% of respondents said they did not believe cybersecurity was a top priority up for discussion by the board, with 77% or respondents believing the board should be scrutinizing IT security much more carefully. IT security is now viewed as a strategic board decision rather than simply an IT investment and a matter for the IT department to deal with. The need for board involvement has been highlighted by the rapid rise in cyberattacks in recent years. 85% of businesses have experienced a security breach in the past two years. The most common attacks involved malware and ransomware. Malware/ransomware attacks had been...

Read More
70% of Employees Lack Privacy and Security Awareness
Oct05

70% of Employees Lack Privacy and Security Awareness

When it comes to privacy and security awareness, many U.S. workers still have a lot to learn. Best practices for privacy and security are still not well understood by 70% of U.S. employees, according to a recent study by MediaPro, a provider of privacy and security awareness training. For the study, MediaPro surveyed 1,012 U.S. employees and asked them a range of questions to determine their understanding of privacy and security, whether they followed industry best practices, and to find out what types of risky behaviors they engage in. 19.7% of respondents came from the healthcare industry – the best represented industry in the study. Respondents were rated on their overall privacy and security awareness scores, being categorized as a hero, novice, or a risk to their organization. 70% of respondents were categorized as a novice or risk. Last year when the study was conducted, 88% of U.S. workers were rated as a novice or risk. Last year, only 12% of respondents ranked as a hero. This year the percentage increased to 30% – A good sign that some employees have responded to...

Read More
SonicWall Reports 524% Increase in Malware Variants in the Past 6 Months
Oct04

SonicWall Reports 524% Increase in Malware Variants in the Past 6 Months

There has been 524% growth in the number of malware variants captured by SonicWall in the past six months and a 57% increase in new malicious files analyzed each day. More than 1,000 new malware variants are now used to attack SonicWall customers each day. The global Wannacry and NotPetya attacks were headline news in 2017 and claimed many victims, but the attacks continued as news coverage died down. New strands of Wannacry and NotPetya malware have been developed and continue to be used to attack organizations that have failed to update and secure their systems. There has also been a significant rise in ransomware cyberattacks on small businesses in 2017. Those attacks can be devastating. A study conducted by Osterman research indicates the number of SMBs forced out of business as a result of ransomware attacks has increased by 22%. With the average cost of a data breach now $3.62 million that comes as no surprise. The massive increase in new malware and ransomware variants places a strain on traditional cybersecurity solutions. The rise in attacks and the high cost of mitigation...

Read More
LightSpeed Systems Incorporates New Options for Filtering SSL and Google Services
Sep28

LightSpeed Systems Incorporates New Options for Filtering SSL and Google Services

One of the biggest challenges for organizations wishing to filter the internet is inspecting encrypted websites without violating the privacy of users. Encryption is important to protect the privacy of web users, but for schools, it poses a challenge. Information such as credit card details need to be protected by encryption, but it is also important for SSL websites to be monitored and web access managed to ensure students are protected. Many schools have problems determining how SSL websites can be decrypted, analyzed, and re-encrypted to protect students with their existing web filter. Schools also want to filter individual YouTube videos, rather than having to block the entire website and prevent students from accessing important educational material. They also want to have visibility into Google searches and block certain searches from generating search results. Similar controls must also be implemented to prevent certain Google images from being displayed. Most schools get around the problem by using proxies, certificates and PAC files, although such measures are not easy to...

Read More
SonicWall Responds to Increasing Cyber Threats with Major Expansion of Cybersecurity Solutions
Sep27

SonicWall Responds to Increasing Cyber Threats with Major Expansion of Cybersecurity Solutions

The massive rise in new ransomware and malware variants, and the increasing sophistication of cyberattacks on businesses have been accompanied by unprecedented innovation at SonicWall, which has rapidly expanded its range of cybersecurity solutions in response to the growing demand for more powerful solutions. SonicWall has now released its new SonicOS operating system, which includes more than 50 new features to enhance security and is the biggest customer-driven release in the history of the company. The SonicOS (v6.5) powers SonicWall’s Automated Real-Time Breach Detection and Prevention Platform. The new release has enhanced threat API capabilities that allow businesses to automate security systems and incorporate third-party intelligence feeds. New wireless features improve connectivity for an increasingly mobile workforce and help security teams enforce their policies across the entire organization. Advanced networking and connectivity capabilities have also been introduced to provide uninterrupted threat protection for connected networks of all types and sizes. The new...

Read More
Webroot Quarterly Threat Trends Report Reveals 1.5 Million New Phishing Sites Created Each Month
Sep22

Webroot Quarterly Threat Trends Report Reveals 1.5 Million New Phishing Sites Created Each Month

Webroot has published its Quarterly Threat Trends Report for Q2, 2017 which highlights the growing threat from phishing. On average, each month in Q2 saw 1.385 million new phishing webpages created each month, although there was a major spike in May when 2.3 million new phishing websites were detected. On average, more than 43,000 new phishing websites are created each day. The quality of the sites has also increased. It is now virtually impossible to tell from the content of the page whether the website is genuine. The websites are highly realistic and use the same imagery, color schemes, logos and graphics as the sites they mimic. The only tell-tale sign that the websites are not genuine are the domain names used. The most commonly spoofed brand is Google. 35% of phishing sites impersonate Google to obtain Gmail and Google Drive credentials. Chase bank is the second most spoofed brand accounting for 15% of sites followed by Dropbox (13%), PayPal (10%), Facebook (7%), Apple (6%), and Yahoo and Wells Fargo (4%). The websites have a common purpose. To fool consumers and business...

Read More
Cyren Collects Two Cybersecurity Breakthrough Awards for Web and Email Security
Sep20

Cyren Collects Two Cybersecurity Breakthrough Awards for Web and Email Security

At this year’s Cybersecurity Breakthrough Awards, Cyren was honored with two awards in the email and web security categories – The only company in this year’s program to collect two awards. The Cybersecurity Breakthrough Awards program was developed to recognize and reward companies that lead the field in IT security and have shown a high level of innovation and have brought exciting, powerful, and reliable cybersecurity products to the market. This year saw more than 2,000 companies and products nominated for the awards with cybersecurity companies from 12 countries competing. Nominees in categories such as email security, web security, threat detection, risk management, APT protection, identity management, mobile security, and risk management were assessed by a panel of independent judges drawn from the information security industry.  Nominees were narrowed down to produce a shortlist of finalists and category winners. Cyren, a provider of web, email, and DNS security solutions, was honored with Hosted Email Security Solution of the Year Award in the email security category....

Read More
Florida Healthy Kids Corporation Announces 2,000 Patients’ Impacted by Phishing Scam
Sep20

Florida Healthy Kids Corporation Announces 2,000 Patients’ Impacted by Phishing Scam

Reports of phishing attacks on healthcare organizations are arriving thick and fast. The latest HIPAA-covered entity to announce it has fallen victim to a phishing scam is Florida Healthy Kids Corporation, an administrator of the Florida KidCare program. On July 25, 2017, phishing emails started to arrive in the inboxes of members of staff, some of whom responded and inadvertently gave the attackers access to the sensitive information of members of the KidCare program. The phishing attack was identified the following day and access to the compromised email accounts was immediately blocked. While the incident was mitigated promptly, the attackers had access to email accounts and data contained in those accounts for approximately 24 hours. During that time, it is possible that the emails were accessed and sensitive information copied, although no reports of abuse of that information have been received and it is not clear whether any information was actually stolen. An analysis of the compromised email accounts revealed the personal information of 2,000 individuals was potentially...

Read More
CyberSecurity Breakthrough Names SonicWall ‘Cybersecurity Company of The Year’
Sep20

CyberSecurity Breakthrough Names SonicWall ‘Cybersecurity Company of The Year’

Each year, CyberSecurity Breakthrough runs an award program that recognizes the efforts and achievements of technology companies, their products, and the people who drive innovation. The awards program covers the full spectrum of cybersecurity solutions including email, web and cloud security, threat detection, fraud prevention, risk management, firewalls, and UTMs across 16 product categories. Each year, the scale of the awards program grows. More than 2,000 nominations were received for this year’s awards program, with companies coming from 12 countries around the world. Those nominations were assessed by a panel of independent expert judges from the cybersecurity community who whittled down the field and selected the companies, products, and people that are having the biggest impact in their respective fields. This year, awards were given to some of the biggest names in cybersecurity including Paloalto networks, Crowdstrike, Proofpoint, Trend Micro, CipherCloud, Avast, and Lookout. There were more than 60 awards issued in this year’s program, with SonicWall chosen as the overall...

Read More
PhishMe Report Shows Organizations Are Struggling to Prevent Phishing Attacks
Sep19

PhishMe Report Shows Organizations Are Struggling to Prevent Phishing Attacks

Organizations are struggling to prevent phishing attacks, according to a recently published survey by PhishMe (now Cofense). The survey, conducted on 200 IT executives from a wide range of industries, revealed 90% of IT executives are most concerned about email-related threats, which is not surprising given the frequency and sophisticated nature of attacks. When attacks do occur, many organizations struggle to identify phishing emails promptly and are hampered by an inefficient phishing response. When asked about how good their organization’s phishing response is, 43% of respondents rated it between totally ineffective and mediocre. Two thirds of respondents said they have had to deal with a security incident resulting from a deceptive email. The survey highlighted several areas where organizations are struggling to prevent phishing attacks and respond quickly when phishing emails make it past their defenses. PhishMe also notes that many first line IT support staff have not received insufficient training or lack the skills to identify phishing emails. Consequently, many fail to...

Read More
5 Months to Notify Patients of Augusta University Medical Center Phishing Attack
Sep18

5 Months to Notify Patients of Augusta University Medical Center Phishing Attack

An Augusta University Medical Center phishing attack has resulted in an unauthorized individual gaining access to the email accounts of two employees. It is unclear exactly when the phishing attack was discovered, although an investigation into the breach was concluded on July 18, 2017. That investigation confirmed access to the employees’ email accounts was gained between April 20-21, 2017. Upon discovery of the breach, access to the email accounts was disabled and passwords were reset. The investigation did not confirm whether any of the information in the accounts had been accessed or copied by the attackers. Patients impacted by the breach have now been notified – five months after the breach occurred. Patients have been informed that the compromised email accounts contained sensitive information such as names, addresses, dates of birth, driver’s license numbers, financial account information, prescription details, diagnoses, treatment information, medical record numbers and Social Security numbers. The amount of information exposed varied for each patient. It is currently...

Read More
Phishing Attack Results in the Exposure of PHI at Morehead Memorial Hospital
Sep18

Phishing Attack Results in the Exposure of PHI at Morehead Memorial Hospital

Morehead Memorial Hospital in Eden, NC has announced two employees have fallen victim to a phishing attack that resulted in an unauthorized individual gaining access to their email accounts. Those accounts contained the protected health information of patients and sensitive information on employees. Upon discovery of the breach, access to the email accounts was blocked and the hospital performed a network-wide password reset. Leading computer forensics experts were hired to assist with the investigation and determine the extent of the breach. The investigation confirmed that access to the accounts was possible and sensitive patient and employee information could have been accessed. While no reports have been received to suggest any information in the accounts has been misused, the possibility of data access and data theft could not be ruled out. The types of information exposed includes names, health insurance payment summaries, health insurance information, treatment overviews, and a limited number of Social Security numbers. Phishing attacks such as this are common. Emails are...

Read More
IWF Blacklist Incorporated into a Category on Cisco Umbrella
Sep08

IWF Blacklist Incorporated into a Category on Cisco Umbrella

Cisco has announced that its users can now quickly and easily block all employees from accessing websites containing images of child sexual abuse. A blacklist of domains and URLs containing images of child abuse is maintained by the UK’s Internet Watch Foundation (IWF). The IWF is a non-profit organization dedicated to removing all online images of child sexual abuse and preventing child sexual content from being accessed via the Internet. The list contains domains and URLs hosted all over the world that have been discovered to contain these sexual images, in addition to non-photographic images of child abuse hosted in the UK. In addition to searching the Internet for illegal sexual images of children, the charity mans a hotline that allows anyone to report websites found to be hosting child sexual images. Those reported URLs and domains are then added to the blacklist. The IWF supplies partners with up-to-date blacklists allowing them to easily block the illegal content via their filtering technologies. Cisco has now partnered with the IWF and has adopted its list and added it as...

Read More
Community Memorial Health System Phishing Attack Reported
Sep07

Community Memorial Health System Phishing Attack Reported

The protected health information of almost 1,000 patients has potentially been accessed as a result of a recent Community Memorial Health System phishing attack. On June 22, 2017, a Community Memorial Health System employee responded to a phishing email and divulged his/her login credentials, allowing an unauthorized individual to gain access to a single email account. The employee realized the mistake the following day and reported the breach to the IT department, which launched an investigation to determine whether any patient information could have been accessed. The email account was discovered to contain a selection of protected health information including patients’ names, medical record numbers, dates of services, and a limited amount of health information. The Social Security numbers of some patients were also potentially compromised. No bank account information or credit/debit card numbers were exposed. The discovery of protected health information in the email account prompted Community Memorial Health System to bring in a computer forensics expert to determine whether...

Read More
New Ransomware and Phishing Warnings for Healthcare Organizations
Aug30

New Ransomware and Phishing Warnings for Healthcare Organizations

Warnings have been issued about a new ransomware variant that is being used in targeted attacks on healthcare organizations and IRS, FBI and Hurricane Harvey themed phishing attacks. Defray Ransomware A new ransomware variant is being used in highly targeted attacks on healthcare organizations in the United States and United Kingdom. Defray ransomware is being distributed in small email campaigns using carefully crafted messages specifically developed to maximize the probability of a response from healthcare providers. The messages claim to have been sent from the Director of Information Management and Technology at the targeted organization and include the hospital’s logos. The documents claim to be patient reports detailing important information for patients, relatives and carers. The messages are being sent to specific individuals in organizations and via distribution lists. The campaigns involve Microsoft Word documents with embedded OLE packager shell objects. Clicking the embedded executable to view the content of the document will see Defray ransomware downloaded. There is...

Read More
Partnerships with Hospitals, Schools and Insurance Firms Fuels Growth at TitanHQ
Aug28

Partnerships with Hospitals, Schools and Insurance Firms Fuels Growth at TitanHQ

TitanHQ has announced it is enjoying sustained growth that has been fueled by new partnerships with hospitals, school districts, and insurance firms who have chosen to secure their wired and wireless networks with the WebTitan web filtering solution and use the firm’s cloud-based anti-spam service to keep their inboxes spam free. Over the course of the past 12 months, TitanHQ has been increasing its healthcare clients. The healthcare industry is being targeted by hackers and ransomware and malware attacks have soared in recent months. Two of the main ways that malware and ransomware is installed is via malicious links in emails and drive-by downloads, which can be blocked with WebTitan. The latest health system to sign up and use WebTitan is the European Hospitals Group – a leading health system in Brussels in Belgium. The multi-lingual hospital group operates two facilities in Uccle and the Etterbeek/European Quarter and employs more than 1,800 staff. The hospital has now implemented WebTitan to prevent web-based malware attacks and to control the content that can be...

Read More
MJHS Phishing Attack Result in the Exposure of 28,000 Individuals’ PHI
Aug24

MJHS Phishing Attack Result in the Exposure of 28,000 Individuals’ PHI

There has been a spate of phishing attacks on healthcare organizations in the past few weeks. The increased threat of attacks prompted the Department of Health and Human Services’ Office for Civil Rights to issue a warning to healthcare organizations, urging them to improve their defenses by conducting regular security awareness training sessions for employees. Phishing is the number one attack vector for delivering malware and successful attacks can result in the theft of considerable amounts of sensitive data. Email accounts contain a wide range of sensitive data on patients – information that can be used to commit identity theft and medical fraud, although oftentimes attacks are conducted to gain access to emails accounts for the purposes of spamming. In the case of the phishing attack on MJHS, the motive of the malicious actor is unknown. Fortunately, rapid identification and mitigation of the attack limited the attacker’s window of opportunity. The compromised email accounts were secured before the accounts could be used to send any emails, although it is possible that the...

Read More
Security Awareness Firm Securecast Acquired by Webroot
Aug16

Security Awareness Firm Securecast Acquired by Webroot

Webroot has announced it has completed the acquisition of Securecast – A security awareness and training platform that can be used by businesses to create a security culture and prepare employees for phishing attacks. Webroot already offers businesses a range of solutions to counter the threat from phishing, although even with layered defenses and technological solutions, some phishing emails will slip through the net. It is therefore essential for businesses to ensure that they take steps to address the human factor in phishing attacks and conduct security awareness training, educate employees on cybersecurity best practices, and train staff how to recognize phishing emails. The acquisition of Securecast will allow Webroot to provide a more comprehensive suite of anti-phishing solutions to its customers. The company has rebranded the platform Webroot Security Awareness Training and will make it generally available for all Webroot customers in the fall when it will be incorporated into the Webroot SecureAnywhere® business portfolio. Over the next couple of months Webroot plans to...

Read More
New Web Filter Bypass Controls Incorporated into Web Filter Longhorn
Aug15

New Web Filter Bypass Controls Incorporated into Web Filter Longhorn

The use of a web filter is essential in many industries, especially in education where it is necessary to block access to adult content and images for CIPA compliance. Implementing a web filter can help to ensure users are prevented from accessing certain categories of web content, although there will be many individuals that attempt to bypass web filter controls and gain access to restricted content. There are several publicly available tools that can be used to bypass web filtering controls, and a quick google search is all it takes to find them. Schools need to have visibility into these attempts and ideally, be able to block all attempts to bypass the web filtering controls. When attempts are made to bypass the web filter, instant alerts are required to allow rapid action to be taken to terminate sessions. Preventing the use of blocking tools such as Ultrasurf, Hotspot Shield, and Psiphon can be problematic with many web filters; however, Lightspeed Systems has a solution. In the latest version of Web Filter Longhorn, users are given better visibility to allow them to rapidly...

Read More
SafeDNS Earns AV-Comparative Award for Web Filtering
Aug14

SafeDNS Earns AV-Comparative Award for Web Filtering

The independent testing lab AV-Comparatives conducts extensive tests of anti-virus and other security software to provide businesses and consumers with advice on the top security products. In this year’s tests on parental control and web filtering solutions, SafeDNS was ranked in the top three out of all parental control solutions under test. SafeDNS provides consumers with the ability to carefully control the types of content that can be accessed via their home networks, with the solution also offered to businesses to prevent employees from accessing content not suitable for the office. One of the main uses of the solution at home and in the workplace is to prevent pornography from being accessed – An area where the solution performs particularly well, blocking 99.8% of adult content in the AV-Comparatives test. No other solution under test performed as well at filtering adult content. Following tests in previous years, SafeDNS has made improvements to its category filters in other areas, notably the blocking of gambling sites and weapons-related content. The solution blocked 94%...

Read More
3,400 Patients’ PHI Potentially Compromised in City of Hope Phishing Attack
Aug10

3,400 Patients’ PHI Potentially Compromised in City of Hope Phishing Attack

A phishing attack on City of Hope has resulted in cybercriminals gaining access to the email accounts of four employees. The emails made it past spam filtering controls and were delivered to employees on May 31 and June 2, 2017. Four employees responded to the requests and disclosed their login credentials to the attackers. City of Hope says the emails appeared to have been sent from a trustworthy source. The attackers used the login credentials to access the accounts, although City of Hope was unable to determine the scope or nature of access. On July 21, City of Hope confirmed that three of the accounts contained patients’ protected health information. The protected health information in the emails included names, addresses, email addresses, contact telephone numbers, dates of birth, dates of service, diagnoses, test results, medication information, and other clinical data. No financial information, insurance details, or Social Security numbers were exposed or accessed. Phishing attacks such as this are not always concerned with obtaining protected health information. Oftentimes,...

Read More
Phishing Email Response Compromises PHI of 2,800 Patients
Aug03

Phishing Email Response Compromises PHI of 2,800 Patients

A response to a phishing email has resulted in the PHI of 2,789 Kaleida Health patients being made accessible to cybercriminals. Kaleida Health discovered the attack on May 24, 2017, prompting a full investigation which involved hiring a third-party computer forensic firm. An analysis of its systems showed that by responding to the phishing email, the employee had provided access to his/her email account. While access to Kaleida Health’s EHR was not gained, the email account contained a range of protected health information of a small subset of its patients. The types of data in the account varied for each patient, but may have included names, dates of birth, medical record numbers, diagnoses, treatment and other clinical data. However, no financial information or Social Security numbers were exposed at any time. While access to the email account was possible, no evidence was uncovered to suggest that the emails were accessed or any protected health information was viewed or copied. However, since the possibility of data access could not be ruled out with a high degree of...

Read More
Protenus Provides Insight into 2017 Healthcare Data Breach Trends
Aug03

Protenus Provides Insight into 2017 Healthcare Data Breach Trends

Protenus, in conjunction with Databreaches.net, has produced its Breach Barometer mid-year review. The report covers all healthcare data breaches reported over the past 6 months and provides valuable insights into 2017 data breach trends. The Breach Barometer is a comprehensive review of healthcare data breaches, covering not only the data breaches reported through the Department of Health and Human Services’ Office for Civil Rights’ breach reporting tool, but also media reports of incidents and public findings. Prior to inclusion in the report, all breaches are independently confirmed by databreaches.net. The Breach Barometer reports delve into the main causes of data breaches reported by healthcare providers, health plans and their business associates. In a webinar on Wednesday, Protenus Co-Founder and president Robert Lord and Dissent of databreaches.net discussed the findings of the mid-year review. Lord explained that between January and June 2017 there have been 233 reported data breaches. Those breaches have impacted 3,159,236 patients. The largest reported breach in the...

Read More
Forcepoint Adds New Capabilities to CASB, Web, and Email Security Solutions
Aug01

Forcepoint Adds New Capabilities to CASB, Web, and Email Security Solutions

Forcepoint has announced its security solutions now incorporate new behavior-driven controls to help protect critical business data, intellectual property, and employee devices. Forcepoint CASB, Web Security and Email Security have all been updated and now have new capabilities. New CASB analytics have been incorporated to help organizations reduce the time it takes to identify data breaches. Forcepoint cites Gartner data, which shows the dwell time between an attack and discovery is an average of 99 days. The longer a breach continues before it is discovered and mitigated the higher the cost to the organization. By using data and analytics it is possible to greatly reduce the time between an attack and detection, and thus reduce the cost and damage caused. Forcepoint CASB helps organizations study the actions of users to identify risky behavior and vulnerabilities, allowing IT teams to take action to be taken before a breach occurs. The solution also helps IT teams identify anomalies which are indicative of a data breach and take rapid action to mitigate attacks. The new...

Read More
96% of SMBs Susceptible to External Cybersecurity Threats
Aug01

96% of SMBs Susceptible to External Cybersecurity Threats

Webroot has published the results of a new study that examined how well small to medium sized businesses are prepared to deal with cyber threats. The study revealed the majority of SMBs are not currently equipped to deal with external cybersecurity risks and believe they are susceptible to external cybersecurity threats. 600 IT decision makers in the UK, USA, and Australia were surveyed by Wakefield Research on behalf of Webroot. All respondents were employed by small to medium sized businesses with between 100 and 499 employees. 96% of respondents said they believe their organization will be susceptible to cyber threats this year and while their organization is aware of the current threat landscape and the growing number of threats, 71% of respondents said they are not well prepared to address them. The main concerns are malware infections, mobile attacks, and phishing incidents. 56% of respondents were most concerned about malware, 48% most concerned about threats to company-owned or BYOD mobile devices, and 47% were particularly concerned about phishing. The fallout from a...

Read More
Phishing Scam Fools University of Vermont Medical Center Employees into Revealing Login Credentials
Jul26

Phishing Scam Fools University of Vermont Medical Center Employees into Revealing Login Credentials

A phishing campaign targeting University of Vermont Medical Center (UVMC) has resulted in criminals gaining access to UVMC email accounts. The phishing emails were sent in late May and two employees responded. Doing so allowed the attackers to temporarily gain access to their email accounts. The phishing emails were part of a large campaign sent to many UVMC employees. Fortunately, only two individuals responded. The emails appeared to have been sent from within the organization. The accounts were compromised on May 22, and on May 24 UVMC detected spam emails being sent from the accounts and shut them down to minimise the damage caused. The electronic medical record system was not compromised, although the email accounts did contain protected health information (PHI) such as names, medical record numbers, addresses, details of medications, medical diagnoses and treatment information.  No Social Security numbers, insurance information or financial data were compromised. It is possible that the purpose of the attack was not to gain access to PHI, only to use the email accounts to...

Read More
Rosalind Franklin University of Medicine and Science Phishing Attack Sees PHI Compromised
Jul18

Rosalind Franklin University of Medicine and Science Phishing Attack Sees PHI Compromised

The protected health information of 859 patients of Rosalind Franklin University of Medicine and Science (RFU) has been compromised and potentially been viewed/stolen. The information was stored in two email accounts that were accessed by unauthorized individuals in May. Access to the email accounts was gained after employees responded to phishing emails. The phishing attack occurred on May 10, 2017 prompting a full investigation. The malicious actors behind the phishing scam gained access to one email account for less than a day and the second email account for a period of 9 days. Access to the second email account was blocked on May 19. Third party security experts were brought in to assist with the investigation to help determine the full extent of the security breach. RFU is now certain that unauthorized access to sensitive data has been blocked. Part of the investigation involved checking all messages in the compromised email accounts for protected health information. The investigation confirmed that the compromised PHI was limited to patients’ names, addresses, dates of...

Read More
PHI of 15,000 UC Davis Health Patients Compromised in Phishing Attack
Jul14

PHI of 15,000 UC Davis Health Patients Compromised in Phishing Attack

University of California Davis Health is alerting almost 15,000 patients that their PHI may have been viewed as a result of an employee falling for a phishing scam. The incident occurred on May 15, 2017. A phishing email was sent to a UC Davis Health employee who responded and unwittingly gave the attacker login credentials to his/her email account. That email account was accessed by the attacker on May 17. It is possible that the attacker accessed the employee’s email messages and viewed and/or obtained patients’ PHI. The investigation did not uncover any evidence to suggest that any patients’ PHI was viewed, although it was not possible to rule out the possibility with a high degree of confidence. On May 17, the attacker used the email account to send emails to other staff members requesting bank transfers for large sums of money. The emails were recognized as fraudulent and were reported to the data security team which secured the email account to prevent further access. Since access to the email account was rapidly blocked it is possible that PHI was not viewed or copied by the...

Read More
Symantec to Acquire Fireglass to Improve Protection from Ransomware, Malware and Phishing Attacks
Jul08

Symantec to Acquire Fireglass to Improve Protection from Ransomware, Malware and Phishing Attacks

The cybersecurity giant Symantec acquired the web security firm Blue Coat last year in a deal worth $4.65 billion. That was followed by the acquisition of the identity theft protection company Lifelock in a deal worth $2.3 billion in November. Now the Security software giant has announced a further acquisition: the Israeli cybersecurity startup Fireglass. At this stage the price and terms of the acquisition deal have not been disclosed. The acquisition of Blue Coat has allowed Symantec to move into the enterprise web security market, LifeLock has helped improve its footprint in the consumer market, and the Fireglass acquisition will allow the firm to improve its malware, ransomware, and phishing protection offerings. Tel Aviv-based Fireglass was founded in 2014 and has developed innovative technology that helps companies protect against malware, ransomware, and phishing threats. Phishing emails target a weak point in security defenses: Employees. While email security solutions can be deployed to block these threats from reaching inboxes, many malicious emails are still delivered....

Read More
GFI Software Recognized for Quality of Support and Product Documentation
Jul07

GFI Software Recognized for Quality of Support and Product Documentation

GFI Software has been recognized for the quality of its customer support and product documentation by the Society of Technical Communications (STC). The STC is an international professional association that evaluates technical communications between companies and customers, and assesses the standard of technical support, product documentation, and company training materials. The aim of the STC is to advance technical communications and promote better content and information management via technical processes. The non-profit organization helps businesses improve their technical support across all media to ensure customers can use products safely, securely, effectively and get the best value from their investment. This year, the GFI Software team has collected four STC awards in the international and regional categories of the STC awards program. In the User Support: Help category, GFI Software collected a Distinguished Technical Communication Award and a Best of Show Award in the regional subcategory, with its regional support also competing with the GFI Help System. The GFI Help...

Read More
Symantec Included in Leader’s Magic Quadrant for Secure Web Gateways
Jul03

Symantec Included in Leader’s Magic Quadrant for Secure Web Gateways

The cybersecurity firm Symantec has been included in the leader’s Magic Quadrant for Secure Web Gateways by Gartner. This year, the company is the only solution provider in the leader’s quadrant that offers both cloud-based and on-premise web gateway solutions. Only one other company was included in the leader’s quadrant this year – Zscaler. Zscaler was rated highest for completeness of vision, while Symantec was rated highest for ability to execute. Three companies were included in the Challenger’s Quadrant, and 5 in the Nice Player’s Quadrant. This is the 10th consecutive year that the technology behind Symantec’s secure web gateway has been included in the Leader’s Quadrant. Symantec was included in 2016 and 2017, and as Blue Coat in earlier years. Symantec acquired Blue Coat last year. Gartner assesses companies for their completeness of vision and ability to execute, with the assessment based on 15 different criteria. The combined assessments across those criteria resulted in Symantec receiving the highest rating. Secure web gateways incorporate URL filtering to control the...

Read More
Kenilworth Update Improves Authentication on Smoothwall Web Filter
Jun29

Kenilworth Update Improves Authentication on Smoothwall Web Filter

The latest update to the Smoothwall web filter sees improvements made to authentication and safeguarding, along with the option of adding a Google sign-in button to the login page to allow access with a single click. One of the main features to be added to the Smoothwall’s secure web gateway web filter by the Kenilworth update is the incorporation of IDex identity indexing, which makes the process of authenticating users far simpler. IDex is also a more scalable identity checking mechanism that authentication. IDex does not depend on a connection to domain controllers for authenticating users and there are no delays to user access with this new identification system. At the heart of IDex is the IDex Directory – a database housed on a Smoothwall appliance that contains all the necessary user identity information. IDex Directory records the username, IP address, groups, and logged-in timestamp for each user, and integrates that information with all Smoothwall services that require identity verification. Data are also replicated across nodes. Workstations have the IDex Client running...

Read More
Fortinet Named Leader in Gartner Magic Quadrant for Unified Threat Management
Jun28

Fortinet Named Leader in Gartner Magic Quadrant for Unified Threat Management

For the 8th consecutive year, Fortinet has been named a leader in Gartner’s Magic Quadrant for Unified Threat Management for its SMB multi-function firewalls. The Magic Quadrant is a graphical representation of competitive positioning, broken down into four quadrants with technology providers ranked as leaders, visionaries, niche players, and challengers. Challengers rank highly for their ability to execute in today’s marketplace, yet they lack understanding of the direction the market will move in the future. Niche players lack focus and do not innovate or outperform other companies, yet may still offer products well suited to many businesses. Visionaries have an excellent grasp of the market but are not executing to their full potential. The leader’s quadrant includes companies that execute well against their current vision and have an excellent understanding of the market and where it is going. The Magic Quadrant provides companies with a view of the relative positions of each player in the market and allows them to determine which companies are performing the best and which are...

Read More
Expanded Webroot and ConnectWise Partnership Help Customers Block Web-Based Threats
Jun07

Expanded Webroot and ConnectWise Partnership Help Customers Block Web-Based Threats

Webroot has expanded its partnership with ConnectWise which will see its Webroot SecureAnywhere® DNS Protection platform offered to ConnectWise customers to help them block web-based threats more effectively. Webroot SecureAnywhere® DNS Protection is a web filtering solution that can be used by businesses to carefully control the websites that can be accessed by employees. Webroot uses IPv4 and IPv6 addresses to classify more than 95% of the Internet at least three times a day, with sites added to one or more of the 80 categories used by the platform. Users can select which categories they allow their employees to access with controls applied for specific users, groups, or for the entire organization. In addition to offering category filtering controls the solution also blocks websites known to host malware and phishing websites. Since more than 85% of malware infections occur via the web, by controlling the websites that employees can access it is possible to significantly improve an organization’s security posture and protect against malware, ransomware, keyloggers, and spyware....

Read More
Purple Move on WiFi Security Sets Example for All Public WiFi Deployments
May25

Purple Move on WiFi Security Sets Example for All Public WiFi Deployments

Wireless networks offer many benefits to healthcare organizations. Healthcare professionals can access networks and data from any location using portable devices, without the need to plug in to the network. Many medical devices connect wirelessly to WiFi networks improving clinical workflows. However wireless networks can also introduce risks. If any PHI is transmitted over wireless networks, HIPAA requires appropriate controls to be applied to safeguard the confidentiality, integrity and availability of PHI. If WiFi networks lack appropriate security, unauthorized individuals could intercept WiFi packets and view sensitive data, including protected health information. Securing internal WiFi networks is therefore essential. The failure to secure WiFi networks would place an organization at risk of a HIPAA penalty. The risk of a HIPAA violation or data breach is a real concern for healthcare organizations. Security concerns have prevented many hospitals from offering WiFi access to patients, even though offering WiFi can improve the patient experience. Many healthcare organizations...

Read More
Webroot AV Update Failure Causes Havoc: Windows System Files and EXE Files Quarantined
Apr24

Webroot AV Update Failure Causes Havoc: Windows System Files and EXE Files Quarantined

A Webroot AV update failure has caused havoc for thousands of customers. An April 24 update saw swathes of critical files miscategorized as malicious. While occasional false positives can be expected on occasion, in this case the error was severe. The Webroot AV update failure resulted in hundreds of Windows system files being miscategorized, resulting in serious stability issues. Many users’ servers and PCs were crippled after the automatic update occurred. The problem did not only affect Windows files. Scores of signed executables and third-party apps were blocked and prevented from running. The error affected all Windows versions and saw critical system files categorized as W32.Trojan.Gen. Those files were moved to Webroot’s quarantine folder after the April 24 update. Once the files were moved, users’ computers started to experience severe problems with many displaying errors. In some cases, the moving of system files to the quarantine folder caused computers to crash. In other cases, apps were prevented from running causing major disruption to businesses. Webroot AV also...

Read More
TitanHQ Partnership with ADTRAN Enables MSPs to Deliver Cloud-Based Security Solutions
Apr11

TitanHQ Partnership with ADTRAN Enables MSPs to Deliver Cloud-Based Security Solutions

TitanHQ has announced a new partnership with ADTRAN, the leading global provider of communications and networking equipment. The partnership will see ADTRAN expand its ProCloud Subscription Services Suite to four new solution categories to better meet the needs of managed service providers (MSPs). The ProCloud Subscription Services Suite brings together industry-leading cloud-based solutions to allow MSPs to better meet the needs of their customers. The four solution categories that now comprise the suite of services are ProCloud Unified Communications, ProCloud Analytics, ProCloud Network Management and ProCloud Security. TitanHQ’s cloud-based web filtering solution – WebTitan – and cloud-based spam filtering solution – SpamTitan – have been added to the ProCloud Security solution. WebTitan allows organizations to carefully control the web content that can be accessed by employees while protecting organisations from a wide range of web-borne threats such as phishing websites and downloads of ransomware and malware.  SpamTitan is a full-service email security solution that...

Read More
Phishing Attack Potentially Impacts 80,000 Patients of Washington University School of Medicine
Mar31

Phishing Attack Potentially Impacts 80,000 Patients of Washington University School of Medicine

A phishing attack on the Washington University School of Medicine has resulted in a number of staff members’ email accounts being compromised. Washington University School of Medicine learned of the phishing attack on January 24, 2017, more than seven weeks after the attack occurred. An investigation into the incident revealed the attack occurred on December 2, 2016. Phishing emails use a variety of social engineering techniques to fool end users into revealing sensitive information such as usernames, passwords, or bank details. In this case, the phishing emails were used to obtain login credentials to staff members’ email accounts. Email accounts contain a treasure trove of information. An investigation revealed the compromised accounts contained the protected health information of 80,270 patients. Data in the accounts included patients’ names, dates of birth, medical record numbers, clinical information, medical diagnoses and treatment information. Some patients’ Social Security numbers were also exposed as a result of the attack. The investigation did not uncover any evidence to...

Read More
Web Filter Longhorn Version 3.2.1 Released
Mar30

Web Filter Longhorn Version 3.2.1 Released

Lightspeed Systems has released an updated version of its education industry-focused web filter Longhorn. Version 3.21 of Web Filter Longhorn incorporates a number of enhancements to make monitoring and managing website and mobile traffic easier. The new web filter has been made more powerful, incorporating enhanced SSL decryption and more intelligent user identification to ensure users can be easily identified regardless of where they are accessing the Internet. The Adaptive AI database has also been improved for more accurate categorization of websites, reducing the potential for the overblocking of website content. Other major updates include: Allowing users to prioritize identification methods and select the order that each method of identification will be attempted. The addition of a second level of control for restricting access to YouTube videos. If used, administrators can set the YouTube filter as strict or moderate. Version 3.2.1 now incorporates Bing Safe Search, in addition to Google Safe Search The certificate installation process has been simplified by changing the...

Read More
GFI Software Launches New Email Security and IT Management Platforms
Mar21

GFI Software Launches New Email Security and IT Management Platforms

GFI Software has announced the launch of two new software platforms which have now been finalized after an extensive period of evaluation. Both products have been in beta form since November 2016 and have been tested by a limited group of users who have provided comments and feedback. GFI Software has taken the feedback on board and has made changes to the implementation of certain features to make the products more user friendly. The solutions include enterprise-class IT management features tailored for small business users. GFI OneGuard is an IT management platform that allows sysadmins to manage, monitor, and secure their networks through a single management console. The platform maintains an inventory of all hardware and software and helps keep all software systems up to date by scanning for out of date installations, unpatched systems and vulnerabilities that could potentially be exploited to gain access to networks and data. Beta testers praised the solution for its unified view of patch management, AV protection, and asset tracking and the ability to automate time consuming...

Read More
Smoothwall Inverness Update Sees Improvements Made to Safeguarding and Firewall
Mar14

Smoothwall Inverness Update Sees Improvements Made to Safeguarding and Firewall

The Inverness update to Smoothwall products sees several improvements made to the firewall and Safeguarding features to improve usability. The changes made to the firewall include a new user interface that clearly displays all firewall rules, together with the configuration specified for each. The rules are also displayed in groups of similar rules to make administration easier. Configuring and editing firewall rules has also been simplified with a new pop-up that requires fewer clicks. Objects can be created and used for groups of IP addresses and services, with one rule applying to several different addresses. Objects can also be reused for other rules. Improvements have also been made to the firewall log viewer, incorporating more information on the screen to make it quicker and easier for users to find the information they need. Details of specific connections can also be found more easily thanks to a new log filter system. The web filter benefits from two new filtering categories – Web Hosting and Collaboration Software. The Web hosting category includes sites that offer...

Read More
Citizens Memorial Hospital Latest Victim of W-2 Phishing Scam
Feb17

Citizens Memorial Hospital Latest Victim of W-2 Phishing Scam

Another healthcare provider has announced that one of its employees has been fooled by a W-2 phishing scam. Citizens Memorial Hospital in Bolivar, MO., says a request for W-2 Form data was sent to one of its employees by email. The employee responded to the request believing the message was legitimate and had been sent internally. W-2 Forms for all employees at the 86-bed hospital who had taxable earnings for the 2016 fiscal year were sent via email to the scammers as requested. No announcement has been made about the number of employees impacted by the incident. The hospital discovered it was the victim of a scam the following day. The incident has been reported to both the FBI and the IRS and affected employees have been notified and offered 2 years of identity theft protection services without charge through Experian. The incident is not a HIPAA breach as HIPAA Rules do not apply to employee data. To prevent repeat attacks, Citizens Memorial Hospital will be enhancing its data security education programs. Staff will receive further training to help them identify any further...

Read More
Cisco Launches First Cloud-Based Secure Internet Gateway
Feb09

Cisco Launches First Cloud-Based Secure Internet Gateway

The popularity of Software-as-a-Service (SaaS) applications has grown considerably in recent years. Working practices have changed, and SaaS is well suited to an increasingly mobile workforce. SaaS is certainly not a fad. The use of SaaS is likely to grow considerably over the coming years, with Gartner predicting an increase in SaaS use of 70% by 2018. While branch offices used to connect to the Internet via the corporate network, now many offices are connecting to the Internet directly, which means they bypass many network and Internet security controls. Not only does this increase risk, organizations potentially now lack visibility into threats targeting certain sections of the enterprise. One way organizations have got around this is with the use of virtual private networks (VPNs), although VPNs are not always used by employees. A recent survey conducted by IDG revealed 82% of mobile workers did not always use VPNs. An alternative strategy is to use on-premise web gateway solutions; however, multiple secure web gateways add complexity and latency and are therefore far from an...

Read More
IRS Issues Warning About W-2 Phishing Scams
Feb07

IRS Issues Warning About W-2 Phishing Scams

W-2 phishing scams increased considerably in 2015 prompting the IRS to issue a warning about the risk of attack. Now, just over 4 weeks into 2017, the IRS has issued a further warning in response to the sheer number of W-2 phishing scams that have been reported so far this year. This type of scam – often referred to as business email compromise (BEC) or business email spoofing (BES) – is simple, but highly effective. The attacker sends an email request to a payroll or HR staff member and requests W-2 Form data for the entire workforce by return. Typically, the request is for the W-2 Forms of all individuals who worked in the previous tax year. The information is often asked for in PDF format. The request appears to come from the company’s CEO, CFO, or another high-ranking executive with authority. Payroll and HR employee respond to the email and send data as requested as the email seems genuine. The individual who appears to have sent the request is likely to have a need for the information. Research is conducted on the company by the attackers. They find out the email...

Read More