Top Cloud Computing Security Risks for SMB

Small and medium-sized businesses (SMBs) are turning to the cloud for the mobility and affordability it provides. However, SMBs can fall victim to cloud security risks if they aren’t vigilant enough. According to Trend Micro, one of the biggest threats for SMBs when using the cloud is data breach which can be caused by either stolen or hacked devices. Data can be lost — or worse, leaked into the wrong hands — in this scenario. Fortunately, there is a way to combat this cloud security risk, and that’s to choose cloud service providers that offer remote wipe of data in case a device gets compromised.

Another cloud security risk is loss of control over one’s own data, as pointed out by IBM on their Security Intelligence portal. Transitioning to the cloud comes with standardization, but this doesn’t mean entrepreneurs should lose control over their SMBs‘ data. When entering a contract with cloud service providers, entrepreneurs should ensure the terms and conditions explicitly state who has access to which information, and to what level. Most importantly, data ownership should remain with the client, and not the third-party vendor. also weighs in with their input. The UK’s leading technology website warned SMBs of the use of different cloud storage services because it poses a cloud security risk. More and more people have been using Dropbox, Box, SharePoint, OneDrive and other similar services to store their personal and professional files, not realizing that these are popular targets for cyber attacks. Stopping employees from using such services is counterproductive (and maybe even impractical), but entrepreneurs can lessen the cloud security risk by applying fine-grained and role-based access control. This means only authorized staff can access specific sections of the cloud storage or use certain features of the cloud service the business is using.

The identification of major cloud security risks should not be a hindrance to SMBs‘ move to the cloud. Rather, these should serve as clear warnings for entrepreneurs to make the transition only when they have done the necessary preparations for it. The cloud is still a practical solution for SMBs with no budget for infrastructure or IT personnel, so it can’t be pushed aside as a less viable option compared to an on-premise solution. In the end, the good does outweigh the bad once the proper security measures are in place.

Is your Network REALLY Secure, why not know for sure, Get your FREE Vulnerability Assessment Today!!!

Get Your FREE Assessment Today!


Posted in: Uncategorized

Leave a Comment (0) →

A Single Spear Phishing Click Caused The Yahoo Data Breach

A single click was all it took to launch one of the biggest data breaches ever.

One mistaken click. That’s all it took for a Canadian hacker aligned with rogue Russian FSB spies to gain access to Yahoo’s network and potentially the email messages and private information of as many as 1.5 Billion people.

The U.S. Federal Bureau of Investigation has been investigating the intrusion for two years, but it was only in late 2016 that the full scale of the hack became apparent. On Wednesday, the FBI Russian major Dmitry Dokuchaevindicted four people for the attack, two of whom are rogue FSB spies who work for the division that is supposed to cooperate with America’s FBI on cybercrime investigations.  (The FSB is the successor to the KGB). 

Kremlin Intelligence Services Overlap With Russian Cybercrime Underworld

One of these two rogues, Dmitry Dokuchaev, was himself recently arrested on what the Moscow press calls “treason” charges for passing information to the CIA. In reality, Dokuchaev started out as a criminal hacker who moved to the FSB but never stopped his old tricks. He was just one of the many criminals working inside Russia’s intelligence bureaucracy, and for personal profit he sold information to intermediaries that ultimately found its way to the CIA.

The investigation exposed rivalries inside the Kremlin intelligence establishment as well as inside the Russian cybercrime underworld with which it overlaps. Dokuchaev was part of  the Shaltai-Boltai, a hacker group that exploits stolen data to embarrass and blackmail Russian politicians and business officials.

Here’s how the FBI says they did it:

The hack began with a spear-phishing email sent in early 2014 to a Yahoo company employee. It’s unclear how many employees were targeted and how many emails were sent, but it only takes one person to click on a link, and it happened. Unimaginable that Yahoo did not sufficiently step employees through new-school security awareness training to prevent disasters like this.

It was all over the press, but CSO had the best story about, with more detail, background and even video:


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

[ALERT] New Massive Wave Of CryptoLocker Ransomware Infections

We all thought that evil genius Evgeniy Bogachev had retired at the Black Sea with his tens of millions of ill-gotten gains after he became the FBI’s #1 Most Wanted cybercriminal. Well, perhaps he ran out of money.evgeniy-mikhailovich-bogachev.jpg

CryptoLocker is back big time. Researchers have spotted a sudden resurgence this year, specifically identifying clusters of attacks in Europe and the U.S.

For people new to the ransomware racket, Russian cybercrime gangs tend to test and debug their campaigns in Europe, and then attack America in full force. CryptoLocker is ransomware’s still very potent granddaddy, and pioneered this highly successful criminal business model in September 2013, hundreds of copycats followed

In a blog post our friend Larry Abrams from BleepingComputer wrote that the strain — also known as Torrentlocker and Teerac — started its comeback toward the end of January 2017, after being quiet the second half of 2016.

Larry pointed to stats from the ID-Ransomware website which show CryptoLocker infections jumped from a just handful to nearly 100 per day to more than 400 per day by February.


He also confirmed CryptoLocker’s recent tsunami with Microsoft’s Malware Protection Center, whose telemetry picked up on increased attacks against Europe, especially Italy. The phishing emails are designed to look secure and official because they are digitally signed, but it is all just social engineering to trick the recipient and get them to open attached .JS files that download and install CryptoLocker.idr-chart.jpg

Check Point Software Technologies confirmed with SC Media that its researchers also observed a sudden rise in CryptoLocker attacks. The phishing emails attempt to trick recipients into opening a zipped HTML file. “The HTML contains JS file, which pulls a second JS file from an Amazon server, which executes the first one on memory,” said Lotem
Finklesteen, threat intelligence researcher at Check Point.

“Then, after pulling two more JS files, CryptoLocker is served to the victim machine and being executed. The vast majority of the infections we observed this week were in the U.S. The second major target was Western Europe, especially Germany,” said Finklesteen.

Ransomware as a global threat

Microsoft’s Malware Protection Center blog stated: “Ransomware proved to be a truly global threat in 2016, having been observed in more than 200 territories. In the US alone, ransomware was encountered in more than 460,000 computers or 15% of global encounters. Italy and Russia follow with 252,000 and 192,000 ransomware encounters, respectively. Korea, Spain, Germany, Australia, and France all registered more than 100,000 encounters. Here is their geographic distribution chart. 




For help in stopping Ransomware in its tracks contact us today, 317-939-3282


See How Sentree Systems, Corp. can Help!!

Learn More!


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

CRYSIS Ransomware Is Back And Uses RDP Brute Force To Attack U.S. Healthcare Orgs

CRYSIS Ransomware Is Back And Uses RDP Brute Force To Attack U.S. Healthcare Orgs


rdp-attacks-2017.png Picture Courtesy Trend MicroRemember the CRYSIS ransomware? The attacks started up again, mostly targeting US healthcare orgs. using brute force attacks via Remote Desktop Protocol (RDP).

The number of attacks has more than doubled in volume in January 2017 over that same timeframe in 2016. This most recent wave included a wide variety of sectors worldwide, but the U.S. healthcare sector was hit the hardest.

Security researchers at Trend Micro observed that the same cyber mafia that perpetrated the 2016 CRYSIS attacks are behind this recent wave of ransomware attacks, evidenced by the very same file names and malware placement as were used earlier.

The problem: User accounts with weak credentials, open RDP ports

The bad guys try to log in to the system using common username and password combos, and once the system is accessed they return multiple times to quickly compromise the machine. Trend Micro found that these repeated attempts were generally successful in a matter of minutes.

A typical infection goes through the following steps. An attacker picks targets with RDP ports available online and identifies if the computer is assigned to an enterprise network. Alternatively, he can always buy access to previously hacked RDP servers, via marketplaces like xDedic.

Once he purchased or gained access to a computer by brute-forcing the RDP connection with basic username-password combos, the attacker downloads and then manually executes a version of the Crysis ransomware on each of the hacked computer.


In one case it was observed that CRYSIS was deployed six times, packed in different ways on a single endpoint within ten minutes. The attackers copied over several files and appeared to be experimenting with different payloads to find the best option.

Because there are no default restrictions on shared folders of clipboards, unless the network administrator applies controls, these features may be exposed to the internet and accessible by a malicious individual.

What To Do About It:

Best practice to protect a network from a brute force RDP attack is to apply strong RDP security settings, including limiting or disabling access to shared folders and clipboards from remote locations.

An RDP brute force approach opens the attacker’s information to the targeted network, so you should parse the Windows Event Viewer and find the compromised user account and the IP address of the attacker and block that.

Is your Network REALLY Secure, why not know for sure, Get your FREE Vulnerability Assessment Today!!!

Get Your FREE Assessment Today!


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

How Hacking Became Russia’s Weapon of Choice

A Study by the World Bank stated that Russia boasts more than 1 million software specialists involved in research and development.

Russian illegal cyber warriors are among the most proficient in the world with around 40 large criminal cyber rings operating within the country’s borders.Russia_Keboard_Flag.jpg

The Russian government has long been known to source its technology, world-class hacking talent and even some intelligence information from local cyber crime rings.

Hacking activities include the penetration of national infrastructure systems, and money markets, and the stealing of state secrets and intellectual property. All of these destabilizing attacks can be considered as preparation for any future conflict. Russian hackers made repeated attempts during 2016 to stage cyber break-ins into major US institutions, including the White House and the State Department.

Read more about this in an article at The Conversation by Professor of Electrical and Electronic Engineering and Director of Electronic Warfare Research, City, University of London

Very often, Russian hacking starts with a phishing attack.  As one of his last actions in office, President Obama expelled 35 Russian diplomats spies in retaliation for Russia interfering with the U.S. election process, after intelligence agencies lined up their stories and all pointed at Putin.

Bloomberg wrote: “The attack against U.S. democracy began in the summer of 2015 with a simple trick: Hackers working for Russia’s civilian intelligence service sent e-mails with hidden malware to more than 1,000 people working for the American government and political groups. U.S. intelligence agencies say that was the modest start of  ‘Grizzly Steppe,’ their name for what they say developed into a far-reaching Russian operation to interfere with this year’s presidential election.”


See How Sentree Systems, Corp. can Help!!

Learn More!




Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

Scam Of The Week Blends CEO Fraud And W-2 Phishing

[ALERT] The bad guys are starting their tax scams early this season! They are now combining two scams-in-one. First, they ask you to send them the W-2 forms of all employees, with the email looking like it comes from the CEO or a C-level executive. Next, they follow up with an urgent request to transfer a large sum of money to a bank account controlled by these cyber criminals.


Remember that when you receive sudden requests like this, they may be spoofed emails and that you should double check by picking up the phone and verify that this is a legit request coming from that executive. In these cases, it’s “OK to say NO to the CEO”.


This tax season, stay alert for scams like this, and Think Before You Click!


Is your Home Internet Connection Secure???

Are you worried about what your child is seeing or doing on the Internet? Well look no further the MDS Personal Internet Security device, from Sentree Systems, Corp., is what you need.

Secure Your Home Internet Today!!!


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

When are you going to die? Ubisoft tool uses Facebook data to tell you

When are you going to die? Ubisoft tool uses Facebook data to tell you

What can a powerful, all-seeing algorithm predict about you, based on your online footprint, publicly available information and Facebook Likes?

I, whom you can henceforth refer to as Human #1067494, have found out.

To do so, I’ve engaged with an online environment called Predictive World: an interface to process users’ data that was recently released by videogame publisher Ubisoft.

To partake, you either have to agree to let the program access your Facebook profile (for the most accurate profiling) or to hand over basic information on your own.

The game-maker developed Predictive World in collaboration with the Psychometrics Centre of the University of Cambridge.

Based on their research, the thinking goes, it can generate accurate predictions of who we are, how many pints we put away every week, how much we weigh, how tall we are, how much we smoke, and when we’re going to die, among many other variables.

The game-maker has delved into the dangers of big data and predictive algorithms as one of the themes of its action-adventure game Watch Dogs 2: a game in which hero Marcus Holloway is wrongly profiled as a main suspect for a crime he didn’t commit by a city-wide operating system that collects and analyzes data on all citizens.

Ubisoft assures us that this is where fiction meets reality. Predictive World is all about demonstrating how seemingly trivial data about us can be pulled together and processed into profiles and patterns:

Each day, we leave a trail of more than 5 billion gigabytes of data behind us. This information comes from billions of collection points: from online transactions of course, to GPS signals, social media likes, texts we exchange, or even parking tickets, soda dispensers, etc.

They are then sold, bought, and analysed through different touch points in order to create strong and accurate probabilities on who we are or what we’re most likely to do.

As we often write about on Naked Security, Big Data covers many categories.

It’s not necessarily the photos you snap of your cat, for example.

But the term most certainly includes a collection of a million different cats, organized by location as precise as street address, that you may have contributed to by making your photo APIs publicly available on sites like Flickr, Twitpic, Instagram or the like.

You can take that scenario and replicate it on all the sites where our data is amassed: Automatic Number Plate Recognition (ANPR) cameras are another good example of how we can be tracked, given that our plate numbers stay the same while our locations change.

In fact, the US Drug Enforcement Administration (DEA) has been building a national license plate reader (LPR) database over several years that it shares with federal and local authorities, with no clarity on whether the network is subject to court oversight.

Then too, there’s the giant database of Wi-Fi access points from Google’s StreetView cars that it was using to aid and abet its geolocation services.

Predictive World is far from the first online tool to crunch our online selves to show us how all those Big Data players come up with profiles. Those profiles can be used, for example, to pass us over for jobs, given that most recruiters nowadays pore over our social network profiles before they decide whether to call us in for an interview.

One example of the tools used to demonstrate the data trails we leave behind was a site called “We know what you’re doing”. It aggregated some of our choicer social media content for us, delivered courtesy of Facebook via its Graph API.

Another was Please Rob Me. When it launched in 2010, it was using check-in data from the location-based Foursquare social network that was subsequently posted to Twitter.

When the information becomes publicly available on Twitter, it makes it theoretically possible for a robber to know when you’re away from home.

Well, maybe it was theoretical when they launched the site, but it sure didn’t stay theoretical for long. One set of burglars put the theory to the test by breaking into the home of friends after reading their Facebook updates to find out when they’d be away.

But back to Predictive World. After you sign in (I allowed it access to my Facebook profile to see how well it would do when spoon-fed), it collects data such as your gender, age, and pages you’ve liked, and combines them with local demographics to generate a profile of who you are.

How did it do?

Wow, the details that can be gleaned about you from Facebook!

Wow, how wrong they can be!

Predictive World believes that I’m tall, fat, have a 12.8% chance of smoking pot, make about double the minimum wage, have a conscientiousness factor of something like 43%, and will die at the age of 84.9 years.

Wrong, wrong, wrong, wrong.

So let’s reframe the initial question: what can a powerful algorithm that corporations or police may well consider to be all-seeing but is in actuality peering through cracked glasses with severe myopia guess about you based on your online footprint?

In my case, it guessed that I’m 4″ taller than I am, that I weigh 49 lbs. more than I do, that I make 31% of what I actually earn, that I drink two pints of beer a week (are you kidding?! I’m gluten intolerant!), and that my “risk” of smoking marijuana is 12.8%

How much do those, and myriad other inaccuracies, affect predictive analytics?

A lot, if Predictive World is indicative: my life expectancy shot up from 84.9 years to 95.1 when I corrected those variables.

While it’s easy to see where big data can siphon concrete personal information such as our age or our location from Facebook (if we’ve made such data public and haven’t lied about it), it’s worth asking how it guesses at more subjective things, such as our level of satisfaction with life.

Predictive World is happy to tell you. You can click on each one of a series of rays that emanates from a throbbing circular graphic to get details on how a particular variable is derived.

For instance, people who like the same things as I do on Facebook tend to describe themselves as loving life. It can’t be all about the likes, though: my 94.13% satisfaction level shot up from 63% after I told the tool I wasn’t as poor as it initially assumed.


It isn’t, in fact, all about the likes. Predictive World is based on an algorithm developed by the Psychometrics Centre using a wide range of data sources, such as psychological and social media data from more than 6 million research participants, along with a bespoke infrastructure designed for the project that contains 6.3 billion data points.

That enables Predictive World to visualize the relationships between gender and salary, location and crime risk, personality and longevity, and much more.

Collecting and processing users’ digital footprints and combining predictions with open data, the system is able to make 70 data-driven predictions about an individual, from personality traits and intelligence to life expectancy and even financial risk propensity.

But does it really matter if it’s accurate or not?

What’s worth noting is that this kind of information can be, and is being, used to build up detailed profiles of us. Not necessarily accurate, mind you, but highly detailed nonetheless.

Earlier in the month, for example, before Facebook called off the plan, a UK car insurer was going to use young drivers’ data to analyze their personalities and offer quotes based on their profiles.

Predictive World posed this question: do I want my insurance company to have this type of information about me?

No, I can’t say that I do.

I don’t know which would be worse: having insurance companies think I’m going to die at 85 so they can offer me long-term care and not go broke; have them find out I’m diabetic (Predictive World doesn’t seem to know that; if it did, it would probably have guessed, based on average life expectancy of diabetics, that I had already kicked the bucket); or having insurers construct a more accurate profile of me so they can drop me like a hot potato when they find out that diabetes thing.

I don’t know whether I want to sharpen the accuracy of Predictive World’s, or insurance companies’ or banks’, vision of who I am. I’m leaning toward keeping my Facebook profile nice and fuzzy.

What’s your plan?


Article by:





Get Your Security Audit Today, Tomorrow Could be Too Late!!!

Did you know that the average breach goes undetected for more than 200 days?

Get Your Data Security Audit


Posted in: Newsletter Topics, Tech News, Uncategorized

Leave a Comment (0) →

The 1 Billion Yahoo Hack

The 1 Billion Yahoo Hack

yahboohoo-580x314.pngThis is getting old. It’s all over the press… again. Here is a Reuters article where I am quoted, which covers the most recent billion-record Yahoo hack.

Some people asked me after our Flash announcement last week: “Stu, really, these hacks happened a few years ago, closing down my whole Yahoo account, or blocking Yahoo at the firewall… aren’t you going a bit overboard here?”

Good question. Here is my take:
Well, that whole 1B database was sold on the dark web by a group of professional blackhats from Eastern Europe for 300K, (and is still for sale at a much lower price right now) which means that a ton of bad guys now have these credentials, but worse, they have answers to security questions like “your mother’s maiden name” which do not change like passwords, and and backup email addresses that could help with resetting forgotten passwords.

Bloomberg reported that 150,000 U.S. government and military employees are among the victims in the latest breach.

My position is that all Yahoo accounts need to be considered compromised. They are sitting ducks for spam, phishing and malware attacks. If employees check their Yahoo account on their lunch break, do you want to expose your company network to that?

It looks like Yahoo has not learned their lessons, so new hacks can happen any time. There has been an exodus of qualified Yahoo staff and they seem to be unable to apply best security practices. They are now forcing all users (link to WSJ article) to change their password, but that’s too little, too late. I simply have lost trust.

So, I recommend you warn your users, friends and family… again. We have been here before on September 23rd when the 500 million record hack was first announced.

In September, Yahoo did not force people to change passwords, but now they are forcing a password change, and the bad guys are (again) all over this — the ones that own the Yahoo database but also the ones that do not, because news like this is a phishing paradise.

This is a phishing paradise with significant fallout

Phishing attacks likely will be the number one possible fallout, with Yahoo user accounts being used for social engineering attacks. However, since many people use the same username and passwords across multiple sites, the other thing that will continue to happen is called “credential-stuffing”, a brute-force attack where attackers inject stolen usernames, passwords and possibly the answers to security questions into a website until they find a match using the stolen Yahoo username and passwords.

The bad guys will continue to exploit this, so remind your users

Remind your users, friends and family. They will be likely be confronted with Yahoo-related scams in their inbox. The bad guys are going to leverage this in a variety of ways, starting with bogus password reset phishing attacks, but also with masked links so that if you click on it you wind up on a compromised site which could steal personal information and/or infect the computer. The variations are infinite, but the defense against it is relatively simple.

I suggest you send them the following reminder – feel free to copy/paste/edit:

“Yahoo announced that 1 billion of their accounts were hacked. These accounts are now sold by internet criminals to other bad guys which are going to use this information in a variety of ways. For instance, they will send phishing emails claiming you need to change your Yahoo account, looking just like the real ones. Here is what I suggest you do right away.

  • If you do not use your Yahoo account a lot. Close it down because it’s a risk. If you use it every day:
  • Open your browser and go to Yahoo. Do not use a link in any email. Reset your password and make it a strong, complex password or rather a pass-phrase.
  • If you were using that same password on multiple websites, you need to stop that right now. Using the same password all over the place is an invitation to get hacked. If you did use your Yahoo passwords on other sites, go to those sites and change the password there too. Also change the security questions and make the answer something non-obvious.
  • At the house, use a free password manager that can generate hard-to-hack passwords, keep and remember them for you.
  • Watch out for any phishing emails that relate to Yahoo in any way and ask for information.
  • Now would also be a good time to use Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.

Yahoo Breach Phishing TemplateIf you are a KnowBe4 customer, we have a template in the Current Events Campaign which I suggest you send to all your users immediately as a reminder.

This is the largest hack ever, below is a graph fresh from an article in the Wall Street Journal that puts it in perspective. I suggest you send this to your management.

This is exactly the kind of thing that they want to prevent from happening and security awareness training is the number one thing that makes your organization more hack-resistant since your users are your weakest IT security link.




Get Your Security Audit Today, Tomorrow Could be Too Late!!!

Did you know that the average breach goes undetected for more than 200 days?

Get Your Data Security Audit


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

Expect Malicious Machine Learning In 2017, making social engineering more effective

Intel Security’s McAfee Threat Predictions for 2017 (PDF) observes that advances in technology are essentially neutral and that developments like machine learning should be welcomed, but they will also become available to cybercriminals. Machine learning in particular is something that can be misused.

Intel Security’s Eric Peterson cites CEO Fraud (The FBI calls it Business Email Compromise) – where individuals in companies are targeted through social engineering, and manipulated to fraudulently transfer money to criminal-controlled bank accounts.

There have been instances where the attacks have coincided with business travel dates for executives to increase the chances of the attack’s success, Peterson says. Combine petabytes of publicly available data with open source analysis tools and it is entirely possible, the company warns, that criminals could build malicious machine learning algorithms to pick targets more precisely and with greater levels of success.

“Looking to 2017 and beyond, we might even see purveyors of data theft offering ‘Target Acquisition as a Service’ built on machine learning algorithms,” Peterson says. “We expect that the accessibility of machine learning will accelerate and sharpen social engineering attacks in 2017.”

Something to watch out for.

Fortunately, KnowBe4 is working on heading off the bad guys at the pass with our AIDA project.

Meet AIDA – your smart sidekick that trains your employees to make smarter security decisions.

AIDA_Logo.jpgAIDA stands for Artificial Intelligence Driven Agent and uses artificial intelligence to dynamically create integrated campaigns that send emails, text and voicemail to an employee, simulating a multi-vector social engineering attack.  It attempts to have the employee either click on a phishing link, tap on a link in a text message, or respond to a voice mail – any of which could compromise your network.  In short, AIDA uses Artificial Intelligence to inoculate your employees against social engineering.

Tired of always being in reactive mode?

AIDA is a dramatic step in the race to get ahead of the bad guys. AIDA’s interface is deceptively simple. You just name the campaign and choose the group of employees. That is all. AIDA does the rest, and you will see the reports of who clicked, tapped and/or responded to a voicemail.

We feel this is an incredibly exciting development and finally allows you to get proactive!

At the time of this writing (1/2/2017) AIDA is in Beta, but limited to existing KnowBe4 customers because you need a full account to enable AIDA. The AIDA Beta has been opened up to all users of the KnowBe4 console. You can enable participation in this beta program by going into the Account Settings portion of your console, scrolling down to the Phishing settings, checking the “Enable AIDA Beta” checkbox, and saving the settings.

See How Sentree Systems, Corp. can Help!!

Learn More!


Posted in: Newsletter Topics, Security Awareness Training, Tech News

Leave a Comment (0) →

L.A. County Phishing Attack: 750,000 record data breach

L.A. County Phishing Attack: 750,000 record data breach



Confidential health data or personal information of more than 750,000 people may have been accessed in a cyberattack on Los Angeles County employees in May that led to charges this week against a Nigerian national, officials have disclosed.

The May 13 attack targeted 1,000 county employees from several departments with a phishing email. The email tricked 108 employees into providing usernames and passwords to their accounts, some of which contained confidential patient or client information, officials said.

Most of the 756,000 people whose information may have been accessed had contact with the Department of Health Services, according to the county. A smaller amount of confidential information from more than a dozen other county departments also was compromised.
“These kinds of phishing attacks are on the rise throughout society — and the county has not been immune from that trend,” county spokesman Joel Sappell said in a statement.

Among the data potentially accessed were names, addresses, dates of birth, Social Security numbers, financial information and medical records — including diagnoses and treatment history — of clients, patients or others who received services from county departments.

In February, officials disclosed that the Department of Health Services had been targeted in ransomware attack, a type of malware that cuts off users’ access to files or threatens to destroy them unless a ransom is paid.

The county is offering a year of free credit and identity-theft monitoring for people affected by the May phishing attack and has set up a website and call center for those seeking information: (855) 330-6368.

Ransomware attacks very often succeed through a phishing attack with a spoofed ‘From’ address. These types of attacks are hard to spot and employees tend to fall for them.

Is your Network REALLY Secure, why not know for sure, Get your FREE Vulnerability Assessment Today!!!

Get Your FREE Assessment Today!


Posted in: Monthly Security Brief, Newsletter Topics, Security Awareness Training

Leave a Comment (0) →
Page 4 of 26 «...23456...»
Real Time Web Analytics