May 2017

Ransomware Attack & Gmail Hack…Is Your Medical Email Next?

By Karl Muhlbach

email hacksAll the buzz around the Cyber Space watering hole lately is about the Ransomware Attack & Google Gmail Hack (See NBC Gmail News Story). Millions of people were victimized by this attack and it started off looking “oh so innocent”…or so it seemed. It started out as a phishing email that looked like the “Real Deal”. It arrived in users inboxes posing as an email from a trusted contact and asked users to check out an attached "Google Docs," or GDocs, file. Clicking on the link took them to a real Google security page, where users were asked to give permission for the fake app, posing as GDocs, to manage users' email account. To add pain to misery the worm propagated itself to all the contacts of all the infected victims; reaching millions of people. It’s a potential catastrophe for the ill prepared because with control of your Gmail account, scammers can gather any personal data, generate password-reset requests or other nefarious exploits giving access to Facebook accounts, online bank accounts, Patient Portal access, and Medical records. For all those that think they‘re safe because they host their EMR solution with a HIPAA compliant provider, think again.


Other recent examples of Ransomware Greenway & WannaCry hacks... https://www.healthdatamanagement.com/news/greenway-health-still-struggling-with-ransomware-attack)

Why Health Care Is Especially Vulnerable to Ransomware Attacks

This is why it is so important for people to stop relying on commodity based anti-virus solutions such as Kaspersky, Norton, Symantec, etc. These antiquated solutions sell well because of name recognition and tons of marketing dollars behind them but they simply don’t work on the new threats we face. Even your Windows Defender can't defend everything. These systems rely on electronic signatures that they must know about threats beforehand in order to adequately protect you; hence the barrage of updates you better be up to date on.

Next Generation Endpoint protection systems, such as SentinelOne, use an Artificial Intelligence or Machine Learning approach. They can examine the code execution and detect, isolate, and remediate nefarious zero-day threats. SentinelOne takes it one step further by providing the necessary forensic information to determine if your data had been compromised or not.

next generation security

Those that fell victim of this phishing attack would not have had a concern with SentinelOne or a Next Generation Endpoint Protection system like it in place.


Update to this article in light of the May 2017 Ransomware attacks that plagued the world Karl Muhlbach did an interview with Fox News as an expert on the topic and to use additional protection to stop attacks.
 
Karl Muhlback - Fox News

CLICK HERE for the News Report
.
 
Karl Muhlbach is the owner of Eukairos Technologies Corp and a Compliance IT Coordinator for the resource group, Medical Office Resources of Florida, LLP. He can be reached at kmuhlbach@eukairostech.com