Search
  • Avantia Threat Update

Healthcare caught in phishing net!

Updated: Oct 26, 2018



This week Medical Data is on our minds, due to a new study on the healthcare industry and cyber security. Facebook and the United Nations were also breached this week, and both were very large datasets, impacting tens of millions of people.


Dark Web: Weekly Trends*

  • Total new Website Compromises: 861

  • Top Source Hits: ID Theft Forum

  • Top PIIs (Personaly Identifiable Information compromised: Domains

  • New Clear Text Passwords: 501

  • Top Company Size: 11-50

  • Top Industry: High-Tech & IT


In Other News:


No Fly Zone The Dark Web is known to have all things illegal for sale, from medical information to illicit drugs. A new trend has been discovered by researchers where frequent flyer miles are being sold for significantly less than what legitimate buyers would pay. The average rate that a batch of frequent flyer miles sells for is $31, although the price depends on the airline and number of miles.

Restaurant Recipe Cooked.

Recipe Unlimited, a publicly traded company that operates nearly 1,400 restaurants under 19 different brands in Canada, has experienced what appears to be a significant security incident impacting several of its brands. The company — formerly Cara Operations — noted that a malware outbreak caused a partial network outage at nine of its franchises. A "small number" of restaurants have been closed for a "temporary period of time" because of service issues related to the malware, the company said in a statement, In a report Wednesday, CBC News described Recipe as the victim of a ransomware attack that forced several locations across Canada to temporarily close down this week. CBC posted a copy of a ransom note that it said had been obtained from a worker at one of the affected restaurants, who described all systems at that location as having crashed. In the ransom note, the hackers claimed to have used the "strongest military algorithms" to encrypt critical company files and were demanding an unspecified amount of money in Bitcoin, CBC said.


Who’s the Dope now?

Canada said Thursday it too was targeted by Russian cyber attacks, citing breaches at its center for ethics in sports and at the Montreal-based World Anti-Doping Agency, after allies blamed Moscow for some of the biggest hacking plots of recent years. "The government of Canada assesses with high confidence that the Russian military's intelligence arm, the GRU, was responsible" for these cyber attacks, the foreign ministry said in a statement. Ottawa said these formed "part of a broader pattern of activities by the Russian government that lie well outside the bounds of appropriate behavior, demonstrate a disregard for international law and undermine the rules-based international order.


Managed Service Providers get hammered.

The US Department of Homeland Security this week issued an alert on ongoing activity from an advanced persistent threat (APT) by Cyber Criminals & state sponsored hackers targeting global managed service providers (MSPs). {Advanced persistent threats are a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time. The intention of an APT attack is usually to monitor network activity and steal data rather than to cause damage to the network or organization.} The use of MSPs ( increases an organization’s virtual enterprise infrastructure footprint, but also creates a large attack surface for cyber criminals and nation-state partners to attack.


THREAT FOCUS: Facebook - USA

Exploit: Web vulnerability. Facebook: Facebook is a social media platform that is one of the Internet’s most popular websites. Risk to Small Business: 2.333 = Severe: The loss of trust any organization would feel after a breach of this magnitude would greatly harm the organization’s ability to retain or obtain customers. Individual Risk: 2.571 = Moderate: The data accessed puts those affected by this breach at an increased risk for identity theft, spam and targeted phishing campaigns. Customers Impacted: 50 million.

How it Could Affect Your Customer’s Business: Facebook being such a large and widely-used social media platform means that it has data on a large amount of the population that uses the Internet. If employees post information to this site, they could now be open to targeted phishing campaigns and spam.

Risk Levels: 1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: Aspire Health - USA

Exploit: Compromised email account hacked through a phishing scheme. Aspire Health: According to Aspire health website, “Aspire Health specializes in providing an extra layer of support and relief from stress, pain and symptoms to patients facing a serious illness.” Risk to Small Business: 2.333 = Severe: The risk to small business is severe due to medical data as well as confidential information being accessed. Individual Risk: 2.571 = Moderate: The data accessed puts those affected by this breach at an increased risk for identity theft. Customers Impacted: This information has not been released as the investigation is ongoing.

How it Could Affect Your Customer’s Business: Breaches that involve medical data can have serious long-lasting effects on the reputation of a business, due to the sensitive nature of the data.

Risk Levels: 1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


THREAT FOCUS: United Nations - USA

Exploit: WordPress Vulnerability. United Nation: An intergovernmental organization tasked to promote international cooperation and to create and maintain international order. Risk to Small Business: 2.333 = Severe: While the United Nations is unlikely to see any repercussions for this breach, a small business would face serious PR consequences if they experienced a breach such as this. Individual Risk: 2.714 = Moderate Risk: Resumes contain a significant amount of personal information and job history, which can be used for spear phishing attacks and identity theft. Customers Impacted: Resumes that have been submitted to the UN since 2016.

How it Could Affect Your Customer’s Business: The exposure of resumes for 2 years would deal a serious blow to an organization of any size: the amount of time the data was exposed, and the type of data included in resumes makes this breach score severe on our risk score scale.

Risk Levels: 1 – 1.5 = Extreme Risk 1.51 – 2.49 = Severe Risk 2.5 – 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

POSTSCRIPT:


The Cost of Healthcare on The Dark Web. We all know that compromised health records and other medical information is highly valuable and sought after on the Dark Web. A new study by JAMA helps us conceptualise the volume of medical information for sale, and how much your health records go for on the Dark Web. The annual data breach tally has increased every year since 2010 (except for 2015). The median number of records accessed per breach: 2,300. The mean number of records accessed per breach: 84,456. With patient records selling on the Dark Web for US$300 - US$500, hackers could make close to US$700,000 ($690,000) by breaching an organization that stores medical information.

Who in the healthcare sector was hit the hardest?

  • Healthcare providers: 1,503 data breaches or 37.1 million records

  • Health Care plans: 278 data breaches or 110.4 million records

Be careful where you allow your medical records to be stored!



Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING


* Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication to the reader for general information only and has compiled the content from a number of sources in the USA and up to 56 other countries who provide cyber breach information to us in real time.  Given their international focus and experience in the cyberspace arena we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the contents accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Want The Information  Cyber Criminal's  Don't Want You To Know?

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.