Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyberhacks. Show all posts
UnitedHealth
Cyberattacks CyberCrime Cyberhacks Cybersecurity Data Breach Healthcare Personal Data UnitedHealth

Cyberattack Fallout: UnitedHealth Reveals Personal Data Breach Impact

 


As part of its ongoing data breach response, UnitedHealth Group has informed its subsidiaries, Change Healthcare, that they have recently experienced a data breach. Following the February cyberattack on its subsidiary Change Healthcare, UnitedHealth Group revealed on Monday that it had paid ransom to cyber threat actors to protect patient data. 

Additionally, the company confirmed that there was a breach of files with personal information that had been compromised. In the aftermath of the attack, Change Healthcare's payment processing service was affected, and other vital services such as prescription writing, payment processing, and insurance claims were adversely affected, affecting healthcare providers and pharmacies across the United States. 

It was reported that $872 million worth of financial damage had been sustained as a result of the cyberattack. On Monday, UnitedHealth Group announced that it had published an update about the status of its monitoring of the internet and dark web to determine if data had been leaked. The update was published along with leading external industry experts. 

There are many tools provided by Change Healthcare for managing the payment and revenue cycle. This company facilitates more than 15 billion transactions each year, and one in three patient records pass through the company's systems each year. 

UnitedHealth has revealed that 22 screenshots of compromised files, allegedly taken from the compromised files, had been uploaded to the dark web, which means even patients who are not UnitedHealth customers may have been affected by the attack. There has been no publication of any additional data by the company, and they have not seen any evidence that doctor's charts or full medical histories have been accessed in the breach. 

As part of its earlier ransomware attack on its subsidiary, Change Healthcare, UnitedHealth Group has revealed that the company has suffered a significant breach that has exposed private healthcare data from "substantially a quarter" of Americans. The Change Healthcare Group manages the insurance and billing for hospitals, pharmacies, and medical practices in the U.S. healthcare industry, which offers extensive health data on approximately half of all Americans, as well as providing insurance services to numerous hospitals, pharmacies, and medical practices. 

Considering the complexity and ongoing nature of the data review, it is likely to take several months to be able to identify and notify individuals and customers who have been affected by the situation. Rather than waiting until the completion of the data analysis process for the company to provide support and robust protections, the company is immediately providing support and robust protections as part of its ongoing collaboration with leading industry experts to analyze the data involved in this cyberattack. 

In May, The Record reported that UnitedHealth Group's CEO Andrew Witty will be expected to testify before a House panel regarding the ransomware attack. Two representatives of the House Subcommittee on Health testified at the hearing last week about the cyberattack. UnitedHealth Group failed to make anyone available during the hearing. 

UnitedHealth Group reported in March that it had spent $22 million on recovering data and systems encrypted by the Blackcat ransomware gang after paying the ransom. As a result of their attack on UnitedHealth in 2008, BlackCat was accused by a member of the gang known as "Notchy" of cheating them out of their ransom payment because they had UnitedHealth data. After all, they had conducted the attack and BlackCat had fallen into their trap. 

It was confirmed by researchers that the transaction was visible on the Bitcoin blockchain and that it had reached a wallet used by BlackCat hackers at the time the transaction was reported. The U.S. government launched an investigation about a week after the ransomware attack on Optum, investigating whether or not any health data had been stolen. 

On February 21, 2018, a cyberattack hit Change Healthcare, a subsidiary of UnitedHealth Group that is owned by Optum, a company that is a subsidiary of Optum. Due to this downtime, hospitals and physician groups across the country were unable to receive their claims payments from the company. Change has been working to restore connectivity to the provider network; however, delays in the submission and receipt of payments continue to affect provider revenue, despite the improvement in connectivity. 

There was "strong progress" being made by UnitedHealth in the restoration of its Change services during its status update on Monday. After the cyberattack on Change Healthcare, UnitedHealth Group has been vigilantly monitoring the internet and dark web to ensure that any sensitive data has not been exposed further on the internet and dark web. 

There has been an increase in external cybersecurity experts that the company has enlisted to enhance its monitoring capabilities. The company has also developed a group of advanced monitoring tools that search continuously for evidence of data misuse on the Internet and dark web, which allows it to identify and take action quickly when there is any evidence. 

UnitedHealth Group has developed expert cybersecurity partnerships which are intended to mitigate data breaches by collaborating with cybersecurity professionals. Furthermore, UnitedHealth Group's law enforcement and regulatory agencies, as well as other regulatory bodies, are constantly communicating with and cooperating with UnitedHealth Group.
Read more »
malware
Cyberattacks CyberCrime Cyberhacks Cybersecurity CyberThreat GDP Mac malware

Counting the Cost: $9.2 Trillion Annual Impact of Cybercrime Looms

 


According to a new Statista Market Insights report, cybercrime is rising at an unprecedented pace. Approximately one-third of the United States' GDP or about 24 times Apple's annual revenue in 2023 will be incurred as a result of cyberattacks, according to a new survey from Statista Market Insights. A similar study from Statista Market Insights found that cybercrime costs have risen by 245% between 2018 and 2020, increasing from $860 billion to $2.95 trillion. 

With the spread of the pandemic, the cost of health care has more than doubled to $5.49 trillion in 2021 and is expected to increase by $1 trillion annually in 2023 to $8.15 trillion. In addition to impacting businesses and governments, cybercrime has become one of the world's largest illegal economies, as well as the everyday people of the world. Cyberattacks are known for causing financial losses such as ransom payments, loss of productivity, system downtime and data theft, among others. 

Contributing factors In terms of attack surfaces, IoT devices are providing cybercriminals with an increasingly large attack surface, increasing the number of potential victims and supplying them with a more relevant attack surface over time. There is no reason for Mac users to be excluded from this. There was an increase of 50% in new Mac malware families in 2023 in Jamf's report. 

The number of instances of malware that can be found within each of these families could be hundreds. With the growing number of users of Macs, cybercriminals are more and more interested in targeting it as an easy target. It is important to keep in mind that geopolitics plays a significant role in cyberattacks as many countries use them for strategic advantage, disruption of critical infrastructure, and intelligence gathering.

A heightened escalation in the number of state-sponsored attacks is taking place as a result of the conflict between Ukraine and Israel. A significant number of cybersecurity jobs have gone unfilled as a result of the skills shortage we're going through today. Due to this shortage, many cybersecurity positions have gone unfilled. It will therefore be more difficult to monitor and defend against specific threats as there will be fewer professionals. 

Moreover, the shortage of skilled professionals can also increase the workload for employees who are already working, so that productivity can be negatively impacted. Further to this, employees are burned out as a result of their jobs. Threat actors count on this. In the world of ransomware-as-a-service (RaaS), there are very few barriers to entry, and this has made it very popular thanks to a combination of tough economic factors, swift financial gains, and little technical knowledge. 

Operators develop the software under this model and affiliates pay to use pre-built tools and packages to launch attacks on the network. Each affiliate pays a fee for each attack they launch. A ransomware attack can be carried out by non-programmers lacking the skills to develop and deploy their ransomware. 

There is no shortage of RaaS kits available on the dark web, but they aren't always the best. Due to a simple lack of awareness, the risks and consequences associated with cyberattacks remain undetected by many individuals and organizations, making them vulnerable to cybercrime. It was found that 40% of Jamf's mobile users and 39% of the organizations in their annual trends report are running on a device that is known to have vulnerabilities, according to the report.

In light of recent incidents regarding a popular Apple device management platform, it has become evident that there remains a notable lack of awareness concerning the security measures necessary to protect Mac devices. Ensuring the security of the Mac is imperative in safeguarding against potential threats such as malware and phishing attacks. Here are some essential steps to bolster the security of the Mac: 

1. Keep the device up-to-date: It is crucial to regularly update the Mac's operating system to incorporate the latest security patches. By staying current with updates, users can effectively address known vulnerabilities that may be exploited by malware.

2. Utilize antivirus software: Despite common misconceptions, Macs are not impervious to malware. Therefore, employing reputable antivirus software is highly recommended. Tools such as Malwarebytes offer free applications for individual users, capable of detecting and removing potential threats. Additionally, MacPaw’s CleanMyMac X now features a malware removal tool powered by MoonLock, enhancing protection against malicious software. 

3. Exercise caution when clicking: Email remains a primary vector for malware distribution, with phishing attacks experiencing a significant rise in success rates. According to recent reports, phishing success rates increased from 1% in 2022 to 9% in 2023. Hence, exercising caution and scepticism when interacting with email links and attachments is essential to mitigate the risk of falling victim to such attacks. 

4. Enable a firewall: Enabling the built-in firewall on the Mac is an effective measure to prevent the acceptance of unauthorized connections and services. By managing both incoming and outgoing connections, the firewall helps fortify the device's defences against potential threats. 

5. Use strong, unique passwords: Employing robust and distinctive passwords is imperative for bolstering the security of the Mac. Avoid using easily guessable passwords, such as common phrases or pet names followed by predictable characters. Instead, opt for complex combinations of letters, numbers, and symbols to enhance password strength and resilience against unauthorized access. 

6. Enable disk encryption: Leveraging features such as FileVault, which encrypts all user data stored on the disk in real-time, enhances the security of sensitive information on the Mac. In the event of device loss or theft, disk encryption ensures that the data remains inaccessible to unauthorized individuals, thereby safeguarding privacy and confidentiality. 

7. Limit user privileges: Restricting user privileges is crucial in preventing unauthorized software installations and minimizing the potential impact of malware infections. By limiting user permissions, users can effectively mitigate the risks associated with malicious activities and enhance overall device security. 

In summary, prioritizing the implementation of robust security measures is paramount in safeguarding the Mac against evolving threats. By adopting proactive strategies such as keeping the device updated, utilizing antivirus software, exercising caution when interacting with emails, enabling firewalls, employing strong passwords, enabling disk encryption, and limiting user privileges, users can significantly enhance the security posture of the Mac and protect against potential vulnerabilities and cyber threats.
Read more »
Subscribe to: Posts (Atom)