Karsten Hahn who is a GData malware analyst discovered this ransomware called DynA-Crypt. Larry Abrams at Bleepingcomputer alerted the world about this new type of ransomware. Thanks to them, we know about this and must be diligent in protecting our information.
This new strain is even more dangerous and destructive than the others. This malware not only encrypts your data, but also takes screenshots of your active desktop, login commands that you type, and even records system sounds from your computer. It will even steal information from Skype and Chrome. While this vicious attack is encrypting your computer, stealing your information, it is also deleting your files.
This would be considered a major HIPAA data breach and not only will you lose everything, you will have to report this to your State and Federal authorities under the Breach Notification Laws.
Make sure your anti-virus and anti-malware is up to date and verify it is an enterprise version. Although this is not specifically stated under HIPAA, it is considered reasonable and appropriate. If you never have this happen to you, the HIPAA Police is not going to penalize you. However, if this does affect your practice or organization and you do not have reasonable and appropriate safeguards in place, you will be fined and penalized.
Everyone in your organization should be made aware of this new attack and remind them NOT open any file attachments OR click on any links in ANY email unless you are absolutely sure it is safe. Best practices is to open your browser and go directly to the company’s website to check on anything you receive in an email. Also be VERY careful trusting emails from friends. If YOUR email is hacked, they will spoof a name in your contact list and send an email back to YOU. They hope that since you know this person you will open the email. If you receive an email that asks you to click on a link or open a file, look carefully at the FULL email address, more than likely is NOT your friends email. Keep in mind, it still could come from their actual email address. Always call or text them and ask if they sent this to you.
For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting Patient Data call 877.659.2467 or click here to contact us.
“Protecting Organizations through Partnership, Education, and Support”
Home security cameras and baby monitors are making the news again about being hacked. This is nothing new, we have been telling people for years to change the default passwords on ALL your technology devices. Anyone can Google your device or IP address and they can get your default password. HIPAA requires that you have reasonable and appropriate safeguards in place to protect patient data. This includes updating and changing technology as needed.
For example all I had to type in Google was “Default password for Netgear”, and this is what I found:
For most NETGEAR devices (except ReadyNAS/ReadyDATA products and Fully Managed Switches), the default username and password are: Username (all models) = admin. Password (current models) = password. Password (very old models) = 1234. Aug 9, 2015
If you use any security cameras, Google “IP Camera Default Usernames Password and IP Addresses”. I found a website that lists ALL CAMERAS!
I highly recommend that you walk around your home and office and make a list of all your technology devices and Google them. If you can find a default password on the internet; so can everyone else. If you do not know how to change the password, we suggest hiring someone to do this for you. Otherwise you could simply remove the password all together!
For more information on how Aris Medical Solutions can help your organization with HIPAA Compliance and Protecting Patient Data call 877.659.2467 or click here to contact us.
“Protecting Organizations through Partnership, Education, and Support”
This annual campaign is to raise awareness about cyber security. We live in a world that is more connected than ever before. The Internet touches almost all aspects of everyone’s daily life, whether we realize it or not. National Cyber Security Awareness Month (NCSAM) is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cyber security, provide them with tools and resources needed to stay safe online, and increase the resiliency of the Nation in the event of a cyber incident.
Did you know… that 2 out of 3 people have experienced a tech scam within the last 12 months?
Did you know… nearly 1 in 10 people have paid money to a scam?
Do not let anyone you do not know gain access to your computer… Scammers call people and either offer them a free scan or tell them there is a new virus out and they are probably infected. These scammers almost always have the sense of urgency and try to pressure you to “Do-it-Now”.
Don’t do it! Most of us are the ones that allow the scammers in. Either by answering the phone or clicking on a link in an email. Social engineering is at an all time high and WE are the ones that are giving OUR money away!
Add security to your login… passwords are the most common authentication tools used today, and they are the easier to hack. Always use a two-step authentication process whenever it is offered. There are many solutions available. Biometrics, security keys, and one time use codes that are text to your cell phone.
Did you know… you can pick up malware by merely visiting a website? Covered Entities and Business Associates have to be especially diligent in keeping their network systems clean and protect patient data. HIPAA Compliance begins with solid HIPAA Policies and Procedures but it also includes Technical Safeguards that are needed.
Here are some suggestions to help keep your network clean and safe:
Limit administrative privileges to those who really need it and only sign in as the administrator when needed
Limit users to specific work hours and block after hours usage if possible
Perform a network security audit at a minimum annually
Perform routine physical inventory and ensure unauthorized devices are not connected to your network or computers
Keep anti-virus and anti-malware software up to date
Web surfing should not be permitted with any device that accesses or stores Protected Health Information (PHI)
Change default passwords on all technology devices
This excerpt was taken from the Office for Civil Rights (OCR):
Did you know that your file transfer protocols may be particularly vulnerable to cyber-attacks?
FTP (file transfer protocol) is a standard network protocol used to transfer computer files on a computer network. A type of data storage device, called a network-attached storage (NAS) device, started becoming victim to a serious type of malware which exploited the FTP service available on FTP servers, including FTP services available on NAS devices, beginning this year. NAS devices connect to a computer network and provide a way to access data for a group of persons or entities.
According to a recent report by Softpedia, Sophos, a computer security firm, gathered telemetry data that indicated 70 percent of a certain vendor’s NAS devices connected to the internet were infected with a malware variant called Mal/Miner-C (also known as PhotMiner). Sophos researchers claim that out of 7,000 of these NAS devices connected to the internet, 5,000 were infected with this malware by cybercriminals who also collected $86,000, in cryptocurrency like bitcoin and monero, from cryptocurrency mining related to this attack.
Allegedly, the malware variant appeared in the beginning of June 2016. A report revealed that the malware was targeting FTP services, such as those available on NAS devices, and spreading to new machines by attempting to conduct brute-force attacks using a list of default credentials. Also, the researchers claim that a design flaw regarding the use of public folders on certain NAS devices permitted the Miner-C malware to more easily copy itself to the public folders.
The Mine-C or PhotoMiner (the malware) tricks users by copying files to the public folders that resemble a standard Microsoft folder icon. Once the user clicks on the folder, s/he activates the malware variant, and it installs the malware on the victim’s laptop, desktop, or other computing device. The malware allows cybercriminals to generate cryptocurrency (i.e., bitcoins, monero) by “mining”. Cryptocurrency mining exploits computer processing power to solve difficult math problems. Essentially, attackers are rewarded with cryptocurrency for the amount of math problems they solve.
This type of malware can affect an information system’s performance by eating up a system’s computing power, and slowing down other system processes.
For more information on how Aris Medical Solutions can help your organization call 877.659.2467 or click here to contact us.
“Protecting Organizations through Partnership, Education, and Support”
The Omnibus Rule that became effective March 26, 2013 was a game changer in many ways. One area was requiring Covered Entities to ensure that Business Associate Agreements (BAA) were in place with all of their business partners by September 23, 2013. If a Covered Entity had agreements already in place, Covered Entities had until September 22, 2014 to replace them with new ones that had all of the required elements of the new Omnibus Rule.
Did you know that if a Covered Entity (Medical Practice) releases Protected Health Information (PHI) to person or an entity and the practice does not have a signed BAA in place, the Covered Entity can be fined? In the eyes of HIPAA, you have disclosed PHI to an unauthorized user. Yes, this is TRUE!
Did you know that if a medical practice’s software vendor has a data breach and you as the Covered Entity do not have a BA agreement in place you could be fined as well? I know what you are thinking… it’s THEIR responsibility, not yours. True, but it is YOUR responsibility to have an agreement in place. Have you reviewed your BA agreements to ensure the documents have all of the required elements and it protects YOU the Covered Entity? These are very important documents and since it is the responsibility of the medical practice to protect patient data, the practice dictates when this information can be shared. The practice also has the responsibility to have assurances that the entity understands how to protect the data before it is released.
The Office for Civil Rights (OCR) recently imposed a $750K fine for such an offense. A Raleigh Orthopedic practice released 17,300 x-rays films to a Business Associate (BA) that promised to transfer the images in exchange for the silver in films. Unfortunately the practice forgot to have the entity sign a Business Associate Agreement.
Make sure you do not make the same mistake…
Contact Aris Medical Solutions at 877.659.2467 or click here to find out how we can protect your organization.
“Protecting Organizations through Partnership, Education, and Support”
