Ransomware attacks are causing hospitals to cancel surgeries, stalling essential financial services and putting student data at risk and it looks to be on the rise. Axios looks into the government initiatives set to help combat such attacks and the current progress being made.
Zero respect for bad player #hackers who do #ransomeware attacks. This one affected 5 hospitals -- which has super personal, information on thousands of patients.
Healthcare needs proper help when it comes to #Cybersecurity.
Think of the last time you had a medical visit -- would you really want the world to learn about it?
It appears that the ALPHV ransomware group is behind MGM Resorts' cyberattack on Monday. The way they reportedly gained initial access is by looking into the MGM employees on LinkedIn, picking one, and then calling the Help Desk.
The ALPHV group is said to be "extremely skilled at social engineering".
Yet finding information on an organization's employees on LinkedIn & and then using it in a vishing attack, often impersonating that individual, is a frequent and rather standard practice in #vishing attacks.
I have seen first-hand that there is a need to improve in a few areas:
🔹 Few organizations are prepared to handle phone-based social engineering. Most companies focus almost entirely on #phishing attack simulations.
That allows blind spots and a lack of processes/preparedness in too many other areas like vishing, social media and SMS-based attacks among other things.
🔹 Having a proper identity verification process in place and training your employees to stick with it often mitigates a lot of vishing/impersonation attacks.
Yet in most cases, there is either a lack of verification process or the employees are not aware of it (they sometimes get trained on it once during onboarding, and then forget all about it).
🔹 Understanding that social engineering is not limited to email attacks. It is a serious threat, and it requires working on a comprehensive social engineering prevention protocol.
We are still waiting for more information on the exact methodology. But it won't be the last time we hear of a similar attack scenario.
"Heads up: threat actors are now deploying a Go-language implementation of Cobalt Strike called Geacon that first surfaced on GitHub four years ago and had remained largely under the radar."