A 2018 national audit of healthcare preparedness observed that only 45 percent of businesses followed the NIST Cybersecurity Framework, a policy framework for cybersecurity guidance for private sector organizations in the United States.
No wonder then that the healthcare sector sees a tremendous penetration of cyberattacks year-after-year. A recent example of this is the theft of personal information of 14,591 patients that received medical care through Los Angeles County’s hospitals and clinics. Moreso, experts are now saying that the monetary losses to the global healthcare industry are mounting into billions, courtesy cyberattacks.
When it comes to the operational end of healthcare, the consequences of a cyber attack can be catastrophic. A cyber attack on a healthcare system can be dangerous and life-threatening – imagine critical care patients being locked out of the system. Also, considering the fact that industries in this sector store potentially vital personal information, it is even more worrisome that this sector is not investing a lot in cybersecurity.
The industry needs to act swiftly.
For stakeholders, here are some of the top cybersecurity issues facing this sector –
Reiterating, healthcare data is a thriving breeding ground for hackers all over the world. Healthcare data primarily consists of hyper-confidential patient care details, insurance information and financial data. This information can be kidnapped and sold to an array of buyers – pharmaceutical behemoths, insurance bigwigs and banking juggernauts are just some of them.
Hence, ransomware is the preferred tactic for cyberattackers to sabotage the healthcare industry at large. Typically how this works is that hackers gain access to systems and encrypt data locking original users out. These users are then threatened that the encrypted information will be deleted or leaked unless they pay a ransom (mostly in the form of a cryptocurrency like Bitcoin). Hackers are specific to state that the data will only be freed post-payment.
2. Insider Threats
Insider threats are certainly not a new risk anymore but their threat potential is increasing as we speak. Data is now routinely being stored in the cloud which means employees of an organization have a lot of access to sensitive data within the organization. This is compounded by the fact that humans can often be the weakest link in any cybersecurity framework.
3. Advanced Persistent Threats (APT)
Advanced persistent threats refer to malicious campaigns where attackers breach a network and then stay there, quietly gathering intelligence about the target. They can sometimes go undetected for months or even years. The main aim of APTs is to steal sensitive confidential data. They enter an organizational network, expand their presence slowly and gather data before finally exiting. Data from the healthcare industry is exceedingly valuable – and hence cybercriminals know it’s worth it to think long-term in terms of securing this data.
4. Mobile devices
According to statistics, 68% of healthcare security breaches were due to stolen/mobile devices. Healthcare providers are routinely using mobile devices for services such as submitting patient data, submitting bills, scheduling appointments, etc., increasing the amount of patient data being disseminated. Lost or stolen mobile data were one of the leading causes of healthcare data breaches.
5. Spear phishing
A variation of phishing, spear phishing is a big threat to healthcare industries – just like APTs, it gives attackers access to valuable data. Hackers send a targeted email to an individual which appears to be from a trusted source. The agenda of these emails, like any other cyber fraud is to either gain access to the user’s system or obtain other classified information. Spear phishing is considered to be one of the most successful cyber-attack techniques because of the superior level of personalization done to attack users which makes it highly believable.
Stay protected against all these threats by employing Seqrite’s range of solutions which are defined by innovation and simplicity. Through a combination of intelligence, analysis of applications and state-of-the-art technology, Seqrite provides the best defence against myriad cybersecurity threats.
The post The healthcare industry’s largest cyber challenges appeared first on Seqrite Blog.
While most industries around the world are affected by the looming danger of cyber threats, the banking sector has always been the worst hit. Naturally, this brings upon considerable damages due to the very environment that the banking sector works in – they deal in billions of dollars every single day, trading with a plethora of people and businesses all over the world. They also deal in an incredibly important and vast financial information from multiple customers, making the banking industry a veritable goldmine for cybercriminals.
Recently, a cyber attack on Cosmos Bank in Pune, India resulted in Rs. 94 crore being stolen. In 2016, Bangladesh Bank, the country’s central bank, was hacked and the hackers successfully stole 81 Million USD. The hackers used the bank’s SWIFT credentials to transfer money into various banks across the globe before the heist was discovered. Hackers had used a combination of social engineering and viruses to obtain employee credentials and access the bank’s network to make the transfers. Fortunately, the transfer of 800 Million+ USD was stopped after the discovery of the breach. These incidents make it clear that the negligence of cybersecurity can have severe consequences on the banking sector.
- Insider Threats
Insider threats refer to current or former employees who may have been responsible for security breaches in an organization. This is a major issue for banks – in 2015, Morgan Stanley fired a financial adviser in its wealth management division who stole data from 350,000 clients or 10% of its customer base. In fact, 82% of financial organizations considered insiders with legitimate access as the main threat to cybersecurity.
- Not investing in the best cyber defence
At times, banks can lag behind when it comes to following the latest cybersecurity measures, which can bring about a catastrophe. Merely investing in the best and most powerful solutions does not always work – cybersecurity is an ever-evolving threat and even banks need to be proactive and conduct a continuous risk assessment and intelligence gathering.
- Dependence on legacy banking systems
Cybercriminals love targeting banks because they are aware that banks are not very keen on upgrading to modern systems from their legacy systems. These legacy systems have plenty of loopholes and issues which cybercriminals are aware of, ensuring that they use these channels as their primary attack routes.
An Indian survey suggested that there was a 350% increase in cybercrime in India which happened through legacy systems.
- Malware & frauds
Banks and financial institutions are extremely vulnerable to various forms of cyber attacks and online frauds. 40% of banking, financial services and insurance (BFSI) businesses have been attacked at least once and there has been a multifold increase in credit and debit card related frauds.
With the majority of mobile banking transactions happening on personal devices, this is also likely to increase.
- Non-patched systems
A major survey of over 7,000 financial firms found that more than 1,300 of them had at least one patched security vulnerability. Given their cumbersome infrastructure, most banks work with applications that contain unpatched, known security vulnerabilities.
Seqrite helps to mitigate such threats with its range of dynamic, scalable and future-ready solutions: Endpoint Security, Data Loss Prevention, Unified Threat Management and mSuite with powerful features like Patch Management, IDS/IPS, Device Control, Gateway Protection, ensures the provision of a strong cybersecurity setup.
Until recently, the manufacturing sector as a whole rarely took cyber threats seriously. This was primarily due to the domain’s outlook that it was a highly specialized industry and hence would not be on the radar of cyberattackers. The outlook started to change after annihilating cyberattacks such as spear-phishing attacks on Saudi Aramco, Stuxnet and the LockerGoga started to surface.
Citing one of the latest cyberattacks, Airbus faced a threat this year when it reported that it had detected an attack on its information systems which resulted in a data breach. Though it did not affect their operations, Airbus did admit that employee-related details had been lost in the breach.
It was events like these when this industry realized that it too is equally prone to cyber threats that can shut down entire production lines and have ramifications throughout the supply chain.
In fact, according to Seqrite’s Q2 Threat Report, cyberattacks are on the prowl in manufacturing, especially in the automobile sector.
We discuss key channels for attackers to target the this industry.
- Data breaches
Manufacturers store a vast range of often specialized and classified data on their systems. This ranges from the projects they are working on, blueprints for future products that companies would like to be secretive about, confidential financial data and a lot more. Hackers are aware that this data is a potential goldmine putting manufacturers at risk of data breaches which can lead to disastrous consequences. Manufacturing companies must recognize that the risk of data breaches actually exists and work hard to plug the gap.
- Internet of Things and connected manufacturing
The manufacturing industry is increasingly moving towards an era of smart manufacturing where the shop floor and the supply chain are progressively getting interconnected. This helps to speed-up production and time-to-market but also creates an ecosystem where there is a reduced division between different stages in the manufacturing lifecycle.
Although beneficial, this increases the risk of a cyberattack in multitudes – the risk of a single cybersecurity breach can have a deep impact on a manufacturing plant.
Furthermore, with futuristic technologies like the Internet of Things (IoT) seeing enterprise adoption at lightning speeds, manufacturers, now, have to deal with an added cyber threat channel.
- IP theft
Intellectual property is the manufacturing industry’s key asset and prized possession. Hence, it is obvious that if it goes in the wrong hands, this could cause immense reputational and financial damage to a manufacturing company. While most companies in this sector have strict rules for employees on the information they can disseminate to external sources, enterprise stakeholders do not consider that the risk for IP theft can also come from cyber attacks, whether it’s data breaches or insider threats.
- Falling behind in the skills gap
Mostly, the manufacturing industry collectively understands the importance of specialized knowledge and hiring people with expert skills to solve the problems they face in day-to-day operations. However, considering the current dangerous scenario of enterprise cyberattacks, this needs to be extended to resolve their cybersecurity problems as well.
After all, cybersecurity is a specialized issue and it requires specific people with the correct training and knowledge to tackle it. The manufacturing industry must look beyond a conventional IT department to tackle cyberthreats.
- Regulation and compliance
The manufacturing industry has mandates to comply with regulations at a national and an international level that currently encapsulates cybersecurity as well. Most manufacturing companies nowadays operate under some sort of regulatory control for their data. Often this information is stored in the cloud with very limited access and under strict regulations.
If this data privacy is violated, it can have serious consequences and is a factor to be kept in mind when considering a cloud network security strategy.
Keeping the above in mind, it is important for the manufacturing sector to prioritize cybersecurity and invest in solutions like Seqrite Endpoint Security (EPS) and Unified Threat Management (UTM) to ensure they remain protected in this day and age of sophisticated and tailor-made cyberattacks towards the enterprise.
The post The manufacturing industry’s major cybersecurity challenges appeared first on Seqrite Blog.
With enterprises being the centre of attention of an ever-evolving threat landscape, foolproof security of business assets has become the need of the hour. To counter the menace of cyberattacks, today we have businesses that specialize in the development and deployment of advanced and futuristic solutions that have the capability to defend businesses from the most dangerous of malware.
However, this vigilance may falter if enterprise stakeholders are not cautious about the basics of cybersecurity. Every critical aspect such as email, user access, software updates et al. needs to be optimized so that even a worst-case scenario pertaining to cyberattacks turns in the business’ favour.
Seqrite intends to educate its esteemed customers about very simple but effective steps that organizations need to integrate into their status quo to bolster cybersecurity.
Regular data backups
Data backups are essential because ransomware is notorious for locking enterprise data and demanding monetary benefits in exchange for data release. There is other malware too that may make businesses lose 100 % of their critical data.
- Back up your important data regularly and keep a recent backup copy offline
- Encrypt your backup
- Always use a combination of online and offline backup
- If your computer gets infected with ransomware, your files can be restored from the offline backup, once the malware has been removed
- Do not keep offline backups connected to your system as this data could be encrypted when ransomware strikes
Administrators should practice extreme caution while granting rights to the business workforce. Pin-point accuracy is a must while assigning access rights to employees. Admins should have absolute clarity about what parts of the business should be accessible to which users.
- Regularly audit local/domain Users and remove/disable unwanted users
- Set strong passwords for every business account
- A strong password includes a combination of –
- Letters in upper case
- Letters in lower case
- Numbers & special characters
- Password should consist of a minimum 8-10 characters
- Mandating a password change on a periodic basis
- A bad example would be common passwords like P@ssw0rd, Admin@123#, etc.
- Set password expiration & account lockout policies (in case the wrong password is entered)
- Don’t assign Administrator privileges to users
- If possible enable Multi-Factor authentication to ensure all logins are legitimate
- Don’t stay logged in as an administrator, unless it is strictly necessary.
- Avoid browsing, opening documents or other regular work activities while logged in as an administrator
Software updates drop the latest fixes to bugs and patches to every software entity present in your business.
- Keep your Operating System and other software updated. Software updates frequently include patches for newly discovered security vulnerabilities which could be exploited by attackers. Apply patches and updates for software like Microsoft Office, Java, Adobe Reader, Flash, and Internet Browsers like Internet Explorer, Chrome, Firefox, Opera, etc., including Browser Plugins
- Always keep your security software (antivirus, firewall, etc.) up-to-date to protect your computer from new variants of malware
- Do not download cracked/pirated software, as they risk backdoor entry for malware into your computer
- Avoid downloading software from untrusted P2P or torrent sites. In most cases, they harbour malicious software
Securing network and shared folders
Typically, network and shared folders are home to the most confidential business data. Hackers are always on a prowl to break-in to these folders and gain access to highly-sensitive information.
- Keep strong and unique passwords for login accounts and network shares
- Disable unnecessary, admin share. i.e. admin$. Give access permission to shared data as per requirement
- Audit RDP access & disable it if not required or, set appropriate rules to allow only specific & intended systems
- Change RDP port to a non-standard port
- Configure firewall in the following way –
- o Deny access to all to important ports (in this case RDP port 3389)
- o Allow access to only IP’s which are under your control
- Use a VPN to access the network, instead of exposing RDP to the Internet
- Possibly implement Two Factor Authentication (2FA)
- Set lockout policy which hinders guessing of credentials
- Create a separate network folder for each user when managing access to shared network folders
- Don’t keep shared software in executable form
No business can function without email. History is proof that email is one of the most go-to channels for hackers to propel cyber attacks.
- Enable Multi-Factor authentication to ensure all logins are legitimate
- Set password expiration & account lockout policies (in case the wrong password is entered)
- Don’t open attachments and links in an email sent by an unknown, unexpected or unwanted source. Delete suspicious-looking emails you receive from unknown sources, especially if they contain links or attachments
- Cybercriminals use ‘Social Engineering’ techniques to trick users into opening attachments or clicking on links that lead to infected websites
- Always turn on email protection of your antivirus software
Disable macros for Microsoft Office
Fairly self-explanatory, macros should be disabled because a lot of malware penetrates due to the enablement of macros.
- Do not enable ‘macros’ or ‘editing mode’ by default upon execution of the document, especially for attachments received via emails. A lot of malware infections rely on your action to turn on macros
- Consider installing Microsoft Office Viewers. These viewer applications let you see what documents look like without even opening them in Word or Excel. More importantly, the viewer software doesn’t support macros at all, so this reduces the risk of enabling macros unintentionally
Web browsers are the most sought out channels for malware attacks – everybody knows it.
- Always update your browser
- Try to avoid downloading pirated/cracked media or software from sites like torrents
- Block the ad pop-ups in the browser.
- Always verify whether you are accessing the genuine site by checking the address bar of the browser. Phishing sites may show contents like a genuine one
- Bookmark important sites to avoid being a victim of phishing
- Do not share your personal details like name, contact number, email id, social networking site credentials for any unknown website
- Do not install extensions in browsers which you are not fully aware of. Lookout for impersonating web-pages and do not allow any prompt on an unknown web page that you are visiting. Avoid visiting crack software download websites
- Policies should be clearly communicated for employees opting for BYOD (Bring Your Own Devices) facilities
- Policies for using official applications on platforms other than office infrastructure should be established
Lastly, for pen drives, disable the autorun feature if not needed and regularly educate employees for best cybersecurity practices.
Seqrite is Quick Heal Technologies’ flagship enterprise product – the company is a stalwart and an industry major that has spearheaded the movement about the importance of cybersecurity. Hope, this educational document helps.
Please get in touch with us for any specific questions.
The post Essential practices to strengthen your business’ cybersecurity appeared first on Seqrite Blog.