Future of Sourcing - cyberattack https://www.futureofsourcing.com/tags/cyberattack en Proper Tools and Training Can Lower Cyber Risks in the Healthcare Sector https://www.futureofsourcing.com/proper-tools-and-training-can-lower-cyber-risks-in-the-healthcare-sector <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="https://www.futureofsourcing.com/sites/default/files/articles/Proper%20Tools%20and%20Training%20Can%20Lower%20Cyber%20Risks%20in%20the%20Healthcare%20Sector%20%20.png"><a href="https://www.futureofsourcing.com/sites/default/files/articles/Proper%20Tools%20and%20Training%20Can%20Lower%20Cyber%20Risks%20in%20the%20Healthcare%20Sector%20%20.png" title="Proper Tools and Training Can Lower Cyber Risks in the Healthcare Sector " class="colorbox" rel="gallery-node-1991-Rmavbzn2fDA"><img typeof="foaf:Image" src="https://www.futureofsourcing.com/sites/default/files/styles/juicebox_medium/public/articles/Proper%20Tools%20and%20Training%20Can%20Lower%20Cyber%20Risks%20in%20the%20Healthcare%20Sector%20%20.png?itok=-wG8BJAz" width="624" height="325" alt="Proper Tools and Training Can Lower Cyber Risks in the Healthcare Sector " title="" /></a></div></div></div><div class="field field-name-field-intro field-type-text-long field-label-hidden"><div class="field-items"><div class="field-item even"> <h1>Proper Tools and Training Can Lower Cyber Risks in the Healthcare Sector</h1> </div></div></div><div class="field field-name-field-related-news field-type-entityreference field-label-above"><div class="field-label">Related news:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/5-ways-to-prepare-for-the-next-supply-chain-crisis">5 Ways to Prepare for the Next Supply Chain Crisis</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"> <p>Organizations in the healthcare industry have always been a target for cyberattacks. Since the COVID-19 pandemic struck and sent the healthcare industry into chaos, the number of cyberattacks and attempts has increased exponentially.</p> <p>Although hospitals and clinics, and other organizations in the healthcare field are responsible for the safekeeping of extremely valuable data, a <a href="https://www.healthcareglobal.com/technology-and-ai-3/tumourvue-groundbreaking-ai-imaging-tackle-brain-tumours" target="_blank">recent survey</a> concluded that only 18% of healthcare workers believe that their medical devices contain strong security features. And over the last five years, 80% of respondents suffered at least one cyberattack.</p> <p>With the industry experiencing <a href="https://www.expressvpn.com/blog/why-hospitals-are-getting-more-cyber-attacks/" target="_blank">more cyberattacks on hospitals</a> than ever before, employees need to be knowledgeable about security measures and take the proper precautions to safeguard the valuable data in their systems.</p> <h2>Cyber Risks in the Healthcare Sector</h2> <p>As the pandemic struck down on the world, the healthcare sector began focusing every effort on protecting the health of patients. It wasn&rsquo;t long before a shortage of supplies became a new challenge as healthcare workers risked their lives to contain the virus.</p> <p>While all the attention was turned to containing COVID-19 and treating victims of the virus, already vulnerable digital systems became even more susceptible to cyberattacks. As organizations allowed employees to use personal devices to access internal networks, the time and resources to train them on proper security protocols were non-existent. The perfect scenario was created for hackers and cybercriminals to hack and phish their ways into systems and gain access to confidential information.</p> <p>Organizations and employees need to know what they can do to protect the data in their systems. With 88% of med-tech leaders in the U.S. doubting that their organizations are prepared for cyberattacks, it&rsquo;s vital to educate and empower the industry to take security measures seriously because the impacts of a cyberattack can be devastating.</p> <p>Here are a few simple ways for healthcare employees and organizations to keep their systems and data protected.</p> <h2>Tips for Institutions and Individuals to Stay Protected</h2> <p>With employees working remotely and time and resources running low, it&rsquo;s more difficult now than ever to focus on implementing security measures and training. Still, it&rsquo;s also more important now than ever for the same reasons. By taking the time and finding the resources to follow the steps below, institutions and individuals can rest assured that their systems and the data stored within them are protected.</p> <h3>Organize Security Awareness Training</h3> <p>Knowledge is power. One of the best tools that an organization can use against cyberattacks is education. It&rsquo;s essential to organize security awareness training to teach employees about the various types of threats to the system and what they can do to protect data and keep intruders at bay. The number-one reason why phishing attacks are successful is through <a href="https://medium.com/@emma.woods/the-role-of-human-error-in-successful-cyber-security-breaches-c6c4e5077233" target="_blank">human error</a>. When individuals don&rsquo;t know the warning signs and what to look out for, they can easily fall victim to a cyberattack.</p> <h3>Keep Software Up to Date</h3> <p>Every computer system needs reliable antivirus software installed and enabled. It also needs to be updated regularly. Security updates for systems and software get routinely released, and one of the best ways to keep your data protected is always to make sure you&rsquo;re using the most up-to-date versions. Outdated software can contain bugs and gaps that hackers can use to infiltrate the system and gain access to confidential information. To ensure that you&rsquo;re always using the most up-to-date versions of your software, enable automatic updates.&nbsp;</p> <h3>Using Security Tools</h3> <p>Whether your organization is equipped with Mac or Windows, there are several built-in security tools that you can take advantage of to safeguard your system. Here are the top three most straightforward security tools that you should set up if they aren&rsquo;t already:</p> <ul> <li>Always protect your devices with <a href="https://cybernews.com/best-password-managers/how-to-create-a-strong-password/" target="_blank">custom alphanumeric passwords</a> so that hackers can&rsquo;t use an algorithm to decode them.</li> <li>Use two-factor authentication wherever possible to add an extra layer of security that requires a live code sent to a separate device that you choose.</li> <li>Browse the internet using a Virtual Private Network. A VPN encrypts all incoming and outgoing data and masks the IP address so that no one can gain access to your system using it, including the government, your ISP and hackers.</li> </ul> <p>Organizations and individuals within the healthcare system have the power to reduce cyber risks and attacks significantly. With the proper knowledge and tools, you can protect your data whether you&rsquo;re in charge of an organization or are an employee working from home. Everyone needs to do their part to keep the system safe.&nbsp;&nbsp;</p> </div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Tags:&nbsp;</div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="/tags/cyberattack" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">cyberattack</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/cybersecurity" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Cybersecurity</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/phishing" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Phishing</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/vpn" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">VPN</a></div></div></div><div class="field field-name-field-addthis field-type-addthis field-label-hidden"><div class="field-items"><div class="field-item even"><div class="addthis_toolbox addthis_default_style " addthis:title="Proper Tools and Training Can Lower Cyber Risks in the Healthcare Sector - Future of Sourcing" addthis:url="https://www.futureofsourcing.com/proper-tools-and-training-can-lower-cyber-risks-in-the-healthcare-sector"><a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_linkedin"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_facebook"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_twitter"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_googleplus"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_pinterest_share"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_reddit"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_email"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_print"></a> </div> </div></div></div><div class="field field-name-field-region field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Region:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/regions/global" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Global</a></div></div></div> Wed, 26 May 2021 02:00:00 +0000 Brad Smith 1991 at https://www.futureofsourcing.com https://www.futureofsourcing.com/proper-tools-and-training-can-lower-cyber-risks-in-the-healthcare-sector#comments Detecting the SolarWinds Hack https://www.futureofsourcing.com/detecting-the-solarwinds-hack <div class="field field-name-field-image field-type-image field-label-hidden"><div class="field-items"><div class="field-item even" rel="og:image rdfs:seeAlso" resource="https://www.futureofsourcing.com/sites/default/files/articles/Detecting%20the%20SolarWinds%20Hack.png"><a href="https://www.futureofsourcing.com/sites/default/files/articles/Detecting%20the%20SolarWinds%20Hack.png" title="Prominent cybersecurity firms such as Microsoft and FireEye were victims of the SolarWinds attack and also the first to identify it. " class="colorbox" rel="gallery-node-1926-Rmavbzn2fDA"><img typeof="foaf:Image" src="https://www.futureofsourcing.com/sites/default/files/styles/juicebox_medium/public/articles/Detecting%20the%20SolarWinds%20Hack.png?itok=U2H26869" width="624" height="325" alt="Prominent cybersecurity firms such as Microsoft and FireEye were victims of the SolarWinds attack and also the first to identify it. " title="" /></a></div></div></div><div class="field field-name-field-related-news field-type-entityreference field-label-above"><div class="field-label">Related news:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/exploring-the-feasibility-of-a-blockchain-enabled-supply-chain">Exploring the Feasibility of a Blockchain-Enabled Supply Chain</a></div></div></div><div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even" property="content:encoded"> <h1>Detecting the SolarWinds Hack</h1> <p>The cybersecurity world has been overtaken with concern over a state-sponsored cyberattack perpetrated by Russian intelligence agents against multiple federal agencies, including those responsible for our nuclear stockpile. Prominent cybersecurity firms such as Microsoft and FireEye, who were also victims of the attack, were the first to identify it.&nbsp;</p> <p>Their internal networks were accessed, undetected, since March of 2020, and the attackers accessed documents, stole penetration testing tools, and found their way into other systems. The attackers initially inserted a maliciously modified version of <a href="https://www.onshore.com/managed-security-services/detecting-the-solarwinds-hack/">SolarWinds</a> Orion, a tool used by many organizations, both private and public, to monitor large networks, into the SolarWinds update server as early as March of 2020.</p> <h2>Supply Chains are Easy Targets</h2> <p>As the recent investigation began, it was clear that this trojanized update, called SUNBURST, had spread widely, though it still is difficult to know if the back door the hackers created for this attack allowed further intrusions and infection. It is known that up to 18,000 customers of SolarWinds have been affected by the malware. More will certainly be found out in the coming weeks. The targets being high profile, high in number and the novelty of the supply chain attack vector are enough to fill the papers, but customers, clients and everyone in the ecosystem are left with many questions on what the lasting effects of this hack will be. It is being called the most significant cyberattack in our history.</p> <p>Beyond learning quite a bit about how the attack on our federal agencies and companies via the SUNBURST malware was actually perpetrated, businesses and cybersecurity professionals are asking what lessons can be taken away. How will this change how we do things? What things should organizations and cybersecurity practitioners consider? Many companies, both those affected by the hack and those not (and it&rsquo;s not 100% clear who is who at the moment) have released statements with some recommendations, such as onShore Security did for its clients.</p> <p>In the very short term, care should be taken regarding these exact pieces of software. If SolarWinds software is being used in your organization, it&rsquo;s recommended that it be shut down and not turned back on until SolarWinds publishes a third-party code audit that makes it clear that the vulnerability gaps are filled. Secondly, your organization should adopt the rules released to detect for SolarWinds&rsquo; vulnerability and use the signatures provided by FireEye to detect SUNBURST and the FireEye tools stolen in the attack.&nbsp;</p> <h2>Watching and Waiting</h2> <p>The nature of the attack, that of writing a backdoor into the software, and the unusually long dwell time, mean that it is simply impossible at this point to be able to clear anyone of risk and the possibility of other, secondary &ldquo;infections&rdquo; must be considered until dispelled.</p> <p>Because of the long dwell time, lateral movement in the network is almost assured. This teaches us an important lesson in protection vs. detection. When protection and prevention fail, it can be impossible to know until it is far too late. In the case of this hack, the attackers had months inside networks, allowing lateral movement, secondary infection, and other malicious activity that may require deep forensic investigation to uncover and repair. Many of the organizations that have been affected are still trying to make up for lost time in their efforts to mitigate and prevent similar attacks.</p> <p>We must also consider the software supply chain. Reliance on third-party suppliers of software is only increasing and our government has been even more willing to trust third parties, as it moves capability to the cloud and other forms of technology outsourcing. Some attention has been paid to hardware supplied by Chinese companies, but this event clearly shows that attackers don&rsquo;t need to own pieces of the supply chain to infect it. Scrutiny needs to be applied where it can be and, in the case of software, that means code review.</p> <h2>Open Source Software Helps Mitigate Risk</h2> <p>Using open-source options where possible makes review easier because a wide array of parties can collaborate on the review. APIs need to be published and open. Our government can contract from suppliers but require that all components and licenses meet the required certifications. Famously, the Chinese government insisted that Microsoft provide source code to them for review as a prerequisite to doing business in China. That&rsquo;s a tall order, but their fears weren&rsquo;t unfounded. This year, it was revealed that a Swiss company supplying secure communications to many governments included a back door for our own CIA, demonstrating a need for some sort of cyber-arms treaty.</p> <p>We also need to see greater collaboration with the detection process. SolarWinds had been instructing clients to exclude certain Orion binaries from anti-malware scanning because false positives were produced. This is likely at least one reason the attackers chose those binaries. There are reasons for exclusions but often it&rsquo;s a way to avoid the harder task of collaborating with anti-malware and detection vendors to supply appropriate signatures for proper scanning. Microsoft, who were one of the victims, quickly revoked the digital certificate for the malicious binaries but clearly more care must be put into the signing and verification process as well.</p> <h2>Fortify Your Cybersecurity Stack&nbsp;</h2> <p>The unfortunate truth is that there exists a zone of uncertainty around this hack. It is easy to tell if you were targeted in any way, meaning you can tell if the attackers ever took notice of you. Beyond that, the extent of the attack on you in particular can be hard to suss out. There are some signature parts of the attack that can be searched for. For example, email systems were frequent targets. Also, instances of create, execute, delete commands can be evidence of the malware covering its own footsteps. These novel stealth tactics, designed to avoid detection and increase dwell time as much as possible, mean that forensic investigators have their work cut out for them, now put into the position of, essentially, proving a negative.</p> <p>In the future, supply chain attacks will be part of any organization&rsquo;s threat modeling and there will be policy in place to detect and even prevent similar attacks. If anything, however, this incident highlights the importance of detection in the cybersecurity stack, the need for greater scrutiny in the code or signing of software, using open source and open APIs where possible and the need to begin serious work on cyber diplomacy.</p> </div></div></div><div class="field field-name-field-tags field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Tags:&nbsp;</div><div class="field-items"><div class="field-item even" rel="dc:subject"><a href="/tags/solarwinds" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">solarwinds</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/cybersecurity" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Cybersecurity</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/microsoft" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Microsoft</a></div><div class="field-item odd" rel="dc:subject"><a href="/tags/solarwinds-orion" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">solarwinds orion</a></div><div class="field-item even" rel="dc:subject"><a href="/tags/cyberattack" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">cyberattack</a></div></div></div><div class="field field-name-field-addthis field-type-addthis field-label-hidden"><div class="field-items"><div class="field-item even"><div class="addthis_toolbox addthis_default_style " addthis:title="Detecting the SolarWinds Hack - Future of Sourcing" addthis:url="https://www.futureofsourcing.com/detecting-the-solarwinds-hack"><a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_linkedin"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_facebook"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_twitter"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_googleplus"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_pinterest_share"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_reddit"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_email"></a> <a href="https://www.addthis.com/bookmark.php?v=300" class="addthis_button_print"></a> </div> </div></div></div><div class="field field-name-field-region field-type-taxonomy-term-reference field-label-inline clearfix"><div class="field-label">Region:&nbsp;</div><div class="field-items"><div class="field-item even"><a href="/regions/global" typeof="skos:Concept" property="rdfs:label skos:prefLabel" datatype="">Global</a></div></div></div> Thu, 25 Feb 2021 02:00:00 +0000 Stel Valavanis 1926 at https://www.futureofsourcing.com https://www.futureofsourcing.com/detecting-the-solarwinds-hack#comments