Healthcare and International Terrorist Threats Abound
We are amid National Cybersecurity Awareness Month, a collaborative effort between our government and businesses to raise awareness about cybercrime and to ensure that we have the resources we need to be safer and more secure online.
Today’s blog will focus on two areas concerning SACS Consulting & Investigative Services, Inc. – healthcare and international threats – and practical things you can do to make a difference.
According to a study spanning between 2009-2019 of more than 1,400 healthcare organizations, researchers at Michigan State University and Johns Hopkins University found that sensitive data is already in the hands of bad actors. Here is a summary of their findings:
- 71% of healthcare data breaches involved sensitive data, such as social security numbers, driver’s license information, and credit card data.
- These breaches affected 159 million individuals and
- Most of this data will be or has been on the dark web — a network of untraceable online activity, and websites on the internet.
How You Can Protect Yourself and Your Practice
First, before you give sensitive information to your healthcare provider, find out how and where the information will be stored. If you are filling out or accessing information online, determine how the data is encrypted and at what level. If you are filling out paper forms in a doctor’s office, find out where they will store that paper. NEVER fill in your social security number on a paper or online system — this is often the last thing hackers need to complete identity theft.
Second, speak to our identity theft prevention expert, Craig Freeman, to learn more about individual and business cybersecurity protection options.
Third, if you run a healthcare practice, complete a cybersecurity audit at least once a year. We can complete a full security audit (physical and cyber) that will include practical solutions for your business.
International Threats to Our Homeland
It isn’t just the United States that’s concerned about worldwide cybersecurity threats – many countries around the globe have the same fears.
Twenty-seven countries, including the US, UK, Australia, Japan, and South Korea, recently signed a UN agreement to remind every country to protect all civilians from being hacked or spied upon by adhering to international law.
The countries of the most significant concerns are China, Russia, Iran, and North Korea. China for its decade-long hacking campaigns in multiple countries and pirating US technology, Russia for creating the NotPetya, a ransomware epidemic that was aimed squarely at Ukraine.
Also, we need to be concerned about Advanced Persistent Threats where a cyber-attack can occur when hackers covertly gain access to a system and remain inside it, undetected, for a significant time to achieve a specific goal.
Our national experts believe al-Qaeda thrives here. Since most state-sponsored terrorist groups have no constraint and our current administration underestimates this threat, we have a perfect storm for potentially taking down our national power grids or…much worse.
What You Can Do
Send emails or visit your US Senators to support passage of the Advancing Cybersecurity Diagnostics and Mitigation Act (HR 6443) which directs the Department of Homeland Security (DHS) to: (1) deploy, operate, and maintain a continuous diagnostics and mitigation program to collect, analyze, and visualize security data and cybersecurity risk; (2) regularly implement new technologies and modify existing technologies to improve such program; (3) develop a comprehensive strategy to carry out the program; and (4) report to the congressional homeland security committees on cybersecurity risk posture based on data collected through the program. It has already passed the House but is yet to see Senate introduction.
Keep your operating systems, routers, IoT, and apps up to date. This one act will keep foreign entities out of your operations. Once they are in one business computer, they potentially have access to the entire system.
Establish a full-spectrum electronic communications policy that includes texting, BYOD, and messaging apps. We offer help in this arena, as well as training in Prevention Methods for Cybersecurity Threats.
We put you back in control of your business since 1989
Contact SACS Consulting & Investigative Services, Inc. at 330-255-1101 or 888-722-7937 for more information about ways we can help with your cybersecurity challenges!