CYBER SECURITY THREAT REPORT Q1

Similar documents
How To Find Out If You Were Hacked By An Employee Of Ancient.Com

10 Smart Ideas for. Keeping Data Safe. From Hackers

Internet threats: steps to security for your small business

Don t Fall Victim to Cybercrime:

2012 Bit9 Cyber Security Research Report

Open an attachment and bring down your network?

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY

NATIONAL CYBER SECURITY AWARENESS MONTH

Anti-exploit tools: The next wave of enterprise security

Unknown threats in Sweden. Study publication August 27, 2014

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Paul Nguyen CSG Interna0onal

Malware & Botnets. Botnets

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Applying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.

Spear Phishing Attacks Why They are Successful and How to Stop Them

September 20, 2013 Senior IT Examiner Gene Lilienthal

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Collateral Effects of Cyberwar

Network Security and the Small Business

Marble & MobileIron Mobile App Risk Mitigation

Reducing the Cost and Complexity of Web Vulnerability Management

CYBERSECURITY HOT TOPICS

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES

White Paper. Data Security. The Top Threat Facing Enterprises Today

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

Cybersecurity: Protecting Your Business. March 11, 2015

Conducting an Phishing Campaign

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Combating a new generation of cybercriminal with in-depth security monitoring

A Case for Managed Security

INDUSTRY OVERVIEW: HEALTHCARE

Defending Against Data Beaches: Internal Controls for Cybersecurity

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

I ve been breached! Now what?

Spyware: Securing gateway and endpoint against data theft

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark

WRITTEN TESTIMONY OF

MOBILE SECURITY: DON T FENCE ME IN

Understanding Layered Security and Defense in Depth

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Microsoft Windows XP Vulnerabilities and Prevention

Protecting your business from fraud

CYBERSECURITY IN HEALTHCARE: A TIME TO ACT

SPEAR PHISHING AN ENTRY POINT FOR APTS

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Medical Information Breaches: Are Your Records Safe?

IBM Security re-defines enterprise endpoint protection against advanced malware

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

Endpoint Threat Detection without the Pain

The Mile High Denver Chapter of ARMA welcomes you to our virtual meeting!

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Top five strategies for combating modern threats Is anti-virus dead?

OCIE Technology Controls Program

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

Surviving the Ever Changing Threat Landscape

Fighting Advanced Threats

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Your Customers Want Secure Access

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

Comprehensive Advanced Threat Defense

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Trends in Advanced Threat Protection

When attackers have reached this stage, it is not a big issue for them to transfer data out. Spencer Hsieh Trend Micro threat researcher

Defending Against. Phishing Attacks

Threat Landscape. Threat Landscape. Israel 2013

Cybersecurity Awareness. Part 1

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Information Security Addressing Your Advanced Threats

Emerging Trends in Malware - Antivirus and Beyond

Analytic and Predictive Modeling of Cyber Threat Entities J. Wesley Regian, Ph.D.

Technical Testing. Network Testing DATA SHEET

Targeted Intrusion Remediation: Lessons From The Front Lines. Jim Aldridge

Cyber-Threats and Financial Institutions: Assume all networks are infected...is this the new normal? October Sponsored by:

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

Software that provides secure access to technology, everywhere.

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

Threat Intelligence Pty Ltd Specialist Security Training Catalogue

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Protect Your Business and Customers from Online Fraud

Managed Security Services

Global Corporate IT Security Risks: 2013

Protecting Your Organisation from Targeted Cyber Intrusion

Malware. Stopping cyberattacks. Sponsored by

Corporate Spying An Overview

Feeling safe? Try attending Internet security conference 22 April 2015, by By Brandon Bailey

Tech Report. Targeted attack on. France s TV5Monde

SPEAR-PHISHING ATTACKS

How To Protect Your Online Banking From Fraud

Statement for the Record. Martin Casado, Senior Vice President. Networking and Security Business Unit. VMware, Inc. Before the

Transcription:

CYBER SECURITY THREAT REPORT Q1 Moving Forward Published by UMC IT Security April 2015 0

U.S. computer networks and databases are under daily cyber-attack by nation states, international crime organizations, subnational groups, and individual hackers. - John Brennan There are two kinds of people in America today: those who have experienced a foreign cyber-attack and know it, and those who have experienced a foreign cyber-attack and don't know it. - Frank Wolf Table of Contents Glossary of Terms 2 Introduction 3 National and Global Incidents 4 Analysis and Conclusions 5 1

Glossary of Terms Malware (MALicious SoftWARE) is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software Social Engineering - In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization's network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility. Phishing a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts. Spear Phishing is phishing that is targeted to a specific person or organization seeking unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information. 2

Introduction The UMC Health System Information Security team understands the risk of emerging cyber threats. Cyber threats are continually evolving, searching and finding new ways of infecting computers and attacking our networks to gather their data. Each and every day cybercriminals target a vast amount of electronic data, from breaches in the retail sector, to data leaks at various healthcare organizations. What are we doing at UMC Health System to help alleviate and prevent some of these serious issues? We are working diligently to ensure that all of our patient and employee data is secure and that all of our systems are up-to-date to match industry standards. We are also working to bring new systems online that will help detect any attempted breaches of our networks. We monitor our networks daily and ensure that we have the latest threat information available. The weakest link in any cyber security threat is always the end user. Knowledge is power and we are engaging both our leaders and users to help educate them on the latest threats and provide them with the capability to thwart these attacks both at UMC Health System and at home. We can build a multi-million dollar security system but if one user opens the door to the cyber threat by clicking malicious links in a phishing email or visiting infected sites they basically let the threat in through the backdoor. This report is published every quarter, provided to UMC Health System leadership in hopes of providing an overview of the real and current threat that exists both nationally, as reported by various cyber security organizations, and within the UMC Health System computing environment. 3

National and Global Incidents The following are some of the Incidents that happened across the globe. It was discovered at the end of January that healthcare.gov was leaking private data to some third party websites. * https://nakedsecurity.sophos.com/2015/01/23/how-the-obamacare-website-healthcare-gov-leaks-private-data/ Researches at a security company discovered that the Syrian Opposition Army was hacked through Social Engineering when young women sympathetic to the movement used Skype and PDF documents with remote access Trojans (RATS) to spy and steal information. * http://www.darkreading.com/mobile/syrian-opposition-forces-social-engineered-and-hacked/d/d-id/1318909 The first few days of February is when everybody learned that Anthem (the nation s second largest health insurer) was breach. According to an Anthem statement the following were impacted: 80 million records, Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare. The impacted customers have received two years paid for identify protection services, this according to a potential affected customer. * http://krebsonsecurity.com/2015/02/data-breach-at-health-insurer-anthem-could-impact-millions President Obama has launched the Cyberthreat Intel-Sharing Center and its primary purpose will be to analyze and integrate intelligence already collected. * http://www.darkreading.com/analytics/threat-intelligence/obama-launches-cyberthreat-intel-sharing-center-/d/d-id/1319061. It was reported in the middle of February that 100 targets, mostly banks, where hit and losses ranged from $2.5 million to $10 million dollars per institution, total losses could be as high as $1 billion dollars. The advance persistent threat (APT) used is being called carbanak. It is believed that spear phishing was the initial cause. * https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt/ * http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/carbanak_apt_eng.pdf FREAK is the name given to a recently found bug that effects TLS/SSL, for all the non-nerds out there that give HTTPS the S, you may notice the big padlock on your browser. FREAK allows give an individual the ability to listen and change the information between you and your destination server. This is known as a man in the middle attack. * https://nakedsecurity.sophos.com/2015/03/04/the-freak-bug-in-tlsssl-what-you-need-to-know/ At the end of the quarter it was reported that Microsoft will by going away from Internet Explorer (IE) and will be coming out with a new browser code named Project Spartan. This seems to be a very slow phase out and it is rumored that IE won t be the default browser on Windows 10. * https://nakedsecurity.sophos.com/2015/03/23/microsofts-project-spartan-browser-will-replace-internet-explorer-but-slowly/ 4

Analysis & Conclusion Given that cyber incidents are increasing nationally, the fact that analysis shows the medical field as a whole is behind in cyber security compared to other sectors, and that we are increasing network visibility we will see a lot more incidents at UMC Health System. We not only believe that the number of threats will increase, but the attacks will become more sophisticated. Given the growth of the organization and the well-deserved recognition that UMC receives for winning awards, like Most Wired, we feel that this could make us a target for some hackers both foreign and domestic. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information