Technology Advisor Blog

A new NIST (National Institute of Standards and Technology) guidebook says Cybersecurity is everyone's job.  While many people may believe that cyber threats are a technology problem looking for a technology solution, the data shows otherwise:  people are the weakest link.  Whether your organization is large or small, a mindset of security and ongoing user education will help keep your data safe.  Sometimes all it takes is ONE user clicking on the wrong link to cause a lot of damage.  

Recently there have been many reports on a clever twist on an old scam that's made more believable with your hacked password.  The email purports to be from a hacker who has compromised your computer and recorded you watching porn and will release the information to all your contacts if you don't pay the ransom (payable to a crypto currency account so it's not traceable).   

Have you experienced an increase in the number of "local" junk calls to your cell phone?  You're not alone.  Scammers have yet another tactic to get through to you by "spoofing" a phone number.  When your phone rings and you see a local number, you're more likely to pick up.  After you pick up, your number is proven to be a "real" number which is more valuable to scammers and the number of calls increases.  

The FBI has issued an important warning about certain consumer-class routers after a massive malware attack was detected.  Turning the router off, then on again is a simple and important step to help stop the malware.  Additionally, it's recommended that you update the password and make sure the firmware is up to date.  The malware is capable of blocking traffic,  collecting information that's transmitted through the device, and disabling devices entirely.

We've all seen the headlines of the major cybersecurity incidents:  Target, Yahoo, Equifax, Sony, etc... Cybersecurity is a topic that affects everyone, and we view it as a public safety issue.  With all the headlines over the past years, at this point, most people "get it" that cybersecurity is a big problem, but the education can't stop there.   

Ekaru Offers Monitoring and Alerting of Stolen Digital Credentials, Increasingly Valuable Asset on Dark Web

In case you missed it... here's a review of our latest webinar on cybersecurity from earlier today.

This past week a Massachusetts school district paid $10,000 ransom to unlock its files after a cyber attack.  The Police Chief commented that there is no further investigation of this crime because solving this crime is "impossible". This is unfortunately a sign of the times.

Facebook is in the news recently for some not so good reasons.  In case you missed it, a research firm called Cambridge Analytica harvested the personal information of 50 million Facebook users, and used this to "influence" the Presidential election.  After days of silence, Facebook executives have finally come forward and would like users to think that this was an isolated case by some bad actors, but the real problem here is that this actually hits at the core of the Facebook business model.  

At the HIMSS Healthcare IT Conference last week in Las Vegas, Roger Severino, Director of the US Department of Health and Human Services Office for Civil Rights (OCR), the HIPAA enforcement agency, made some news when he said that health care providers may share Protected Health Information (PHI) with patients through standard text messages. Providers must first warn their patients that texting is not secure, gain the patients’ authorization, and document the patients’ consent.  Note that this only applies to communications with patients.