Federal Agencies Warn of Cyberattacks on U.S. Hospitals

October 29, 2020July 15, 2021 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security, Electronic Health Records, Health Information Technology cybercrime, FBI HHS CISA Joint Cybersecurity Advisory, hospital data security, Remote Desktop Protocol (RDP), Ryuk ransomware, TrickBot

By Margaret Young Levi and Kathie McDonald-McClure

On October 28, 2020, the Federal Bureau of Investigation (FBI), the U.S. Department of Health and Human Services (HHS), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a Joint Cybersecurity Advisory warning hospitals and the health care community about coordinated ransomware attacks on hospitals designed to steal data and freeze hospital information systems for financial gain.

Six U.S. hospitals fell victim to this attack on October 27^th and the FBI, HHS, and CISA have credible information that more hospitals will be targeted in this attack. The ransomware behind these attacks is known as Ryuk, which utilizes TrickBot malware and other malware to execute the attack. The Ryuk ransomware is designed to allow the cybercriminals to stealthily access, map and move laterally across the victim’s network before encrypting critical data files and deleting connected backups.

Continue reading →

Massive malicious email campaign spoofs Google Docs to hijack Gmail accounts

May 3, 2017May 3, 2017 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security, Privacy & Security cybercrime, Gmail security, Google Docs phishing email scam, malicious email scams, social engineering

A massive email phishing campaign started Wednesday afternoon. The email attacks target Google accounts but have spread to other email accounts as people have been tricked into clicking on the link in the email and have unwittingly supplied their Google account access credentials and access to their contacts.

The reports of the malicious emails are coming from people across a range of industries. The emails contain what looks like a link to a Google Docs and appears to come from someone you know. These emails, however, are malicious and are designed to trick the recipient in a way that allows the cybercriminal to hijack email accounts or infect the user’s computer.

If you receive an email with a link to Google Docs, BEWARE! These emails are designed to look like they come from a trusted or known source. Do not click on any links in emails that you were not expecting.

A screen shot of one of the Google Docs phishing emails is shown below. If you receive one of these emails, delete it ASAP. If you use Gmail or Google Inbox, consider activating the 2-factor authentication feature to secure your account.

Several major news organizations and cable networks are reporting on this story. For the most up-to-date news on this developing story, use your favorite internet search engine to search for “google phishing email scam”.

A sample Google Docs phishing email. The form and style of the email may vary from this sample.

To read Google’s Gmail Help on phishing emails, use your preferred internet search engine and search for: “Google Help and how to avoid and report phishing emails”.

If you are attacked by malware or a phishing email that compromises your organization’s privacy and security, Wyatt’s experienced Data Security Incident Response Team is ready to help.

FTC study identifies email tools businesses can use to screen out spoof email

March 24, 2017March 24, 2017 Kathie McDonald-McClure Cyber Security and Cyber Crime, Data Privacy & Security, FTC Enforcement, Privacy & Security beware of phishing emails, cybercrime, domain level email authentication, domain message authentication reporting and conformance DMARC, identity theft, spoof email, tax fraud

phishing scams The Federal Trade Commission (FTC) Bureau of Consumer Protection released a study this month (March 2017) indicating that business entities could be doing more to stop malicious emails from hitting the inboxes of employees. The goal behind many malicious emails is to trick individuals into turning over either their own confidential, personal information or confidential business information to which the individual has access due to his or her job responsibilities. Cyber criminals use social media sites such as LinkedIn, an entity’s own website, Internet search engines and other public resources to identify individuals with likely access to valuable information. The attacker uses such information to compose an email that spoofs an otherwise legitimate sender, such as a bank, mortgage company, Internet service provider (e.g., AT&T, Verizon, Spectrum, etc.), a business partner or even another employee. These malicious emails are commonly referred to as “phishing email” or “spoof email”.

The FTC’s report, titled Businesses Can Help Stop Phishing and Protect their Brands Using Email Authentication (Report), states that many businesses are not taking advantage of Continue reading →

Wyatt HiTech Law Blog

A legal blog about consumer and business data privacy and security in a high tech world

cybercrime

Federal Agencies Warn of Cyberattacks on U.S. Hospitals

FTC study identifies email tools businesses can use to screen out spoof email