HIPAA Journal – Cybercriminals targeting remote workers

Highlights from the HIPAA Journal

From the June 8th Newsletter

Cybercriminals have been targeting remote workers during the COVID-19 pandemic due to vulnerabilities across their networks.

  • Main method of attacking remote working has been using the phishing email tactic.
  • According to data obtained from users of Lookout’s mobile security software, mobile phishing attacks increased by 66.3% and continue to rise.
  • Mobile devices do lack the high levels of security that can be provided to a computer.

Sandworm, a Russian cyber gang, is exploiting a vulnerability in the Exim Mail Transfer Agent.

  • The vulnerability can be exploited by sending a specially crafted email which allows commands to be executed with root privileges. After exploiting the flaw, an attacker can install programs, execute code of their choosing, modify data, create new accounts, and potentially gain access to stored messages.
  • This group has been known to create cyber attacks across Europe and the U.S.

Fake VPN alerts used to lure remote workers into providing their Office 365 credentials.

  • VPNs’ have become very popular due to many healthcare providers using them for providing telehealth services with their patients.
  • Ensure that your Organization is using a private VPN that is patched and updated.

Recent cyber/ransomware attacks related to the Healthcare industry

  • Aveanna Healthcare, a Georgia based provider, is currently facing a class action lawsuit over a data breach that occurred in 2019 and it affected over 166,000 patients. Several email accounts were compromised during the attack that contained patient information.
  • A former employee of Kaiser Permanente had unauthorized access to patient records for 8 years and the Organization discovered this in late March of this year. The employee was fired and no evidence was found that the patient information was copied or used to commit fraud.
  • Ridgeview Institute, a provider of mental health and addiction treatment services in Georgia, had an employee gain unauthorized access to patient records and was sending them to their personal email. No data was provided on how many patients were affected by this attack.

We understand the unique and challenging aspects of IT in the Healthcare space