Wednesday, July 13, 2016

FBI observes growing cyber threats to healthcare

The Federal Bureau of Investigation observes rising pressure from hackers attempting to access patient data from contributors.


Recent occasions recommend that the pressure might be rising, as offers to sell sufferer records with protected health data on the “Dark Web” market represent a new level of threat for healthcare agency trying to protect health data.


In the month of late June, a hacker called as “The Dark Overlord” reported the theft of almost 10 million sufferer medical records from contributors and a huge insurer and put them on the Dark Web market where hackers conduct buy and sell information taken from a variation of sources. As of this writing, the records haven’t been sold, and the seller might be having trouble selling the treasure trove of protected health data.


The extent of the data theft hasn’t been verified by outside sources. But the formulation of a new market for sufferer records will only expand, cybersecurity professionals believe.


Contacted for data regarding the Dark Overlord incident, the FBI refused to comment on any ongoing inquiries, but it did release guidance for contributors on steps they should take to make better their security profile.


The FBI’s guidance on best practices for securing healthcare data re-emphasizes some famous precautions, but also involving the others that might not be widely utilized by several contributors and payers.


The FBI recommends that healthcare agencies:




  • Patch the operating system, software and firmware on devices. Entire endpoints should be patched as vulnerabilities are founded. This precaution can be made convenient through a centralized patch management system.

  • Enhance worker awareness about malware risks and train suitable individuals on data security principles and techniques.



  • Handle the utilization of privileged accounts by executing the principle of least privilege. No users should be assigned administrative approach unless absolutely required.



  • Those with a requirement for administrator accounts should merely use them when necessary; they should operate with standard user accounts at all other times.

  • Make sure the anti-virus and anti-malware solutions are set to automatically update and that regular scans are conducted.



  • Configure access controls with least privilege in mind. If a user just requires reading particular files, he or she should not have “write” access to those files, directories or shares.



  • Disable macro scripts from office files transmitted through e-mail.



  • Regularly back up information and verify the integrity of those backups.

  • Execute software restriction plans or other controls to stop the execution of programs in common malware sites.



  • Protect backups and make sure that backups aren’t connected to the computers and networks they’re backing up. Instances might be securing backups in the cloud or physically storing them offline.



  • Utilize virtualized atmospheres to execute operating systems or particular programs.



  • Categorize information based on organizational value and implement physical/logical separation of networks and information for different agency units. For instance, sensitive research or business information should not reside on the similar server or network segment as an agency’s e-mail environment.

  • Execute application white listing. Only permit systems to execute programs known and allowed by security policy.



  • Need user interaction for end user applications communicating with Web sites uncategorized by the network proxy or firewall. Instances involve requiring users to type data or enter a password when their system interacts with an uncategorized Web site.


 

No comments:

Post a Comment