Are You Having A Technology Emergency?

Datalyst Blog

Datalyst has been serving the Massachusetts area since 2010, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Boston Healthcare Facilities Targeted by Spear-Phishing Attack and Other Threats

Boston Healthcare Facilities Targeted by Spear-Phishing Attack and Other Threats

In 2021, FBI Director Christopher Wray spoke out about what he described as “one of the most despicable cyberattacks” he’d seen. It’s little wonder he used such choice words; he was talking about the attack that state-sponsored threat actors had waged against the Boston Children’s Hospital. While the attack was thwarted, it prompted the Cybersecurity Coordination Center of the Department of Homeland Services to release a white paper alert.

Let’s go over the situation, and see what we can learn from it.

In Summer 2021, a Planned Attack on Boston Children’s was Reported to the FBI

However, an existing relationship between the Bureau and Boston Children’s helped to expedite their response. The two had worked together previously in 2014 to stop a series of attacks that were the result of a protest.

This relationship allowed the hospital to successfully mitigate the threat—which was discovered to originate from Iran. According to the Cybersecurity Coordination Center, threat actors from Iran frequently attempt to spear phish their targets, researching them intensively and crafting their phishing messages for optimum efficacy, while also conducting DDoS attacks, stealing data, and messing with websites.

They’ve also been known to enter into agreements with countries including Russia and China to share information, making all three more dangerous as a result.

With the nature of these attacks, it’s not difficult for a bad actor to make minor adjustments and blanket them across a wider target, hitting businesses of all shapes and sizes with personalized attacks that have a very good success rate. This can blindside an organization that doesn’t provide ongoing cybersecurity training to its staff, as many workers just simply won’t see the signs of a threat.

How Can You Protect Your Business from Attacks Like These?

The first thing the Cybersecurity Coordination Center lists in their recommended mitigations is to train your users on how to spot attempted phishing and other forms of social engineering, and we have to say, we agree. Too many cybercriminals now actively choose to go after their targets by taking advantage of the user.

The Center also lists other defenses we’ve repeatedly gone on record about as well: network segmentation to limit the damage an intruder can do, comprehensive backups that are protected by both encryption and redundancy, the development of an incident response plan, and considerable access control standards where passwords and multi-factor authentication come into play.

Like We Said, We Agree with All of This…and Can Help You Implement It

Why wait until you have a cybersecurity issue severe enough to involve the FBI and the Department of Homeland Services when you can just turn to Datalyst? We’re here to help area businesses protect themselves and the data they need to operate. Give us a call at (774) 213-9701 to learn more about our services.

Does Your Business Spend Enough on Technology?
Boosting Employee Morale Isn’t as Hard as You Thin...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, December 22 2024

Captcha Image

Contact Us

Learn more about what Datalyst can do for your business.

Call Us Today
Call us today
(774) 213-9701

10 Riverside Drive
Suite 106

Lakeville, Massachusetts 02347

The United States Patent and Trademark Office reference number: 5,341,888

Latest Blog

Stuff happens, and this stuff can often be bad. That’s an inescapable part of life, especially if you’re trying to run a successful business. That said, the consequences of this bad stuff can usually be minimized—if not mitigated entirely—w...
 

Best IT Managed Service Providers in Providence

TOP