On February 4th, Anthem Inc., the second largest insurer in the US, revealed that they had been the victim of a massive data breach which exposed the records and PII (Personally Identifiable Information) of roughly 80 million current and former members and employees, including information like names, birth dates, member IDs, email addresses, Social Security numbers, addresses, phone numbers, and even employment information. One week later, on February 11th, Reuters ran a story about security industry experts warning 2015 could be 'Year of the Healthcare Hack.' Joe Caruso, the founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York City, has worked with healthcare providers of all sizes and has seen many times how this kind of PII can be leveraged by hackers to orchestrate all kinds of attacks, especially targeted phishing campaigns, which he says, ”can be the springboard for almost every type of cyber attack imaginable, from gaining credentials and access to personal and/or corporate accounts, to being targeted to receive fraudulent solicitations for non-existent products and full-blown identity theft.
The business of hacking is like the oil business
“In general, hackers are a lot like shady oil prospectors, says Caruso. “They’ll start by blindly poking holes in all kinds of organizations’ cyber security until they find a well, and if they find one, they’ll try to cultivate it for all it’s worth. But if someone else finds an area that turns out to be on a gusher of premium quality crude, they’ll happily jump on the bandwagon and go after every bit of adjacent property so they can tap that same well as quickly as possible before its bled dry.”
“At the end of 2013, Target was the gusher in the retail business after tens of millions of customer credit cards were compromised, and massive breaches followed the retail industry throughout 2014, with giants like Home Depot and a slew of others accounting for tens of millions more. But in the aftermath, security was not only tightened, the wholesale prices of compromised card information on the Dark Web started bottoming out as well because the industry started making it harder for thieves to use the compromised card information; supply and demand played a role as well. Their 'sweet crude' turned into 'sour crude' and the prices they were getting reflected that. So on to the next honeypot, like insurers and healthcare providers. Anthem may well have been the new gusher, and you can bet a slew of 'prospectors' are marking their maps to get in on the action. That’s why initiatives are under way, like the one New York's Department of Financial Services announced on February 10th which they are rolling out to try to address a problem they, and the security industry, see on the horizon. Their approach starts with what we’ve been preaching to clients for years – regular, professional cyber vulnerability/risk assessments, like the ones we provide,” Caruso says.
Test, assess, address – early and often
“Cyber vulnerability/risk assessments and penetration testing are not luxuries in today’s age of cyber threats, they are a necessity, and the cornerstone of the foundation effective cyber security is based on," according to Caruso. "When we are called in to improve an organization’s cyber security posture, we start with a thorough cyber threat assessment. That means we look at the entire digital infrastructure and how it fits into an organization’s daily operations, needs and objectives. Are personal devices like smartphones and tablets part of the equation? Is remote access from home by employees a concern that should be on the table? And so on. Then we review all of the policies and procedures in place relating to cyber security, identify the weaknesses and help improve them. If no policy or procedure guidelines exist, we help craft them. If regulatory compliance is part of the picture, we focus on that too. The next step is comprehensive penetration testing, where we take on the role of real-world hackers to infiltrate the client’s network using the same tradecraft real-world hackers would use to compromise a network, from social engineering techniques like phishing and spear phishing campaigns, to brute force attacks and any other targets of opportunity. We’ve never failed to compromise our target during this phase, and that success only serves to make our clients stronger against all comers, as well as raising cyber security awareness every step of the way. And since threats are constantly evolving, doing both of these regularly is crucial, because what worked last year may not be the best approach today.”
Don’t wait until it’s too late
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.