Cyber Defense eMagazine June 2020 Edition
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine June Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
) Phishing<br />
On August 20, 2018, Portland, Oregon-based Legacy Health notified 38,000 patients that a phishing<br />
attack might have breached their data iii . Further their investigation revealed that unauthorized third party<br />
gained access to some of the email accounts of employees that may have contained some patient<br />
information e.g. patients’ name, dates of birth, health insurance information, billing information, medical<br />
information regarding care received at Legacy Health and, in some cases, social security numbers and<br />
driver’s license numbers.<br />
In a phishing campaign, an attacker poses as a legitimate person or entity in an email to get the target to<br />
provide valuable information, such as credentials, or click on a link that results in ransomware being<br />
downloaded on the victim’s machine. Employees who are not careful may click on the link or provide<br />
confidential details which may lead to fraud. According to the study conducted by Cofense “Payment<br />
Notification” emerged as the top healthcare phishing attack Subject iv .The 2018 Verizon data breach<br />
report revealed that phishing attacks are not only prominent, they’re also on the rise, with 43% of data<br />
breaches stemming from such incidents v .<br />
c) Insider threats<br />
On Jan 20, 2016, Wall street journal reported that five people, including two former research scientists of<br />
the pharmaceutical giant GlaxoSmithKline (GSK), were charged in the U.S. with scheming to steal trade<br />
secrets and sold them to the organizations operating in China vi . The stolen data included intellectual<br />
property such as information regarding the research development of multiple biopharmaceutical products.<br />
In 2018, both scientists pleaded guilty to committing intellectual property theft, but the exact amount of<br />
financial damage has yet to be calculated. Additionally, insider threats not only include employee stealing<br />
data but vary from incidents happening due to error or carelessness to theft of employee laptop containing<br />
confidential data vii .<br />
d) Technology management issues<br />
On Dec. 26, 2018, UW Medicine reported that misconfigured database lead to the exposer of patient data<br />
on the internet for several weeks. The exciting part is that breach was discovered by a patient looking for<br />
his own name on google and ended up finding the data related to UW medicine files containing patients’<br />
names, medical record numbers, and a description and purpose of the information viii . Other than<br />
misconfigured databases or servers, lack of appropriate IT security implementation in the organization or<br />
IT vendors who are providing or managing IT solution on your behalf may be the reason for a data breach.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> –<strong>June</strong> <strong>2020</strong> <strong>Edition</strong> 90<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.