https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Medical IT, health care

MSSPs with Health Care Clients: Act Now to Mitigate Cybercrime Attempts

  • Written by Kelly Teal
  • October 29, 2020
The U.S. government warns a group out of Eastern Europe is on the attack. At least five hospitals are victims so far.

Managed security service providers serving health care clients are on high alert on the heels of a warning from the federal government. The FBI, Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services said on Wednesday they have “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

The agencies said malicious groups based in Eastern Europe are targeting the U.S. health care system. They are seeking to steal data and disrupt services. They are using Trickbot malware and Ryuk ransomware. Trickbot transmits Ryuk. NBC reports that Microsoft and, reportedly, the U.S. Cyber Command, have both tried to disrupt Trickbot. However, those attempts appear not to have worked.

And as Associated Press noted, cybercrime stands to hurt medical efforts, and even risk lives, as cases of COVID-19 are again on the rise. To that point, independent security experts told AP the cyberattacks, which involve ransomware, already have hampered at least five hospitals so far this week. Reuters said the FBI is investigating incidents in California, New York and Oregon. NBC reported later on Thursday that a health care system in Vermont also has been hit.

One doctor told Reuters an entire facility was using paper because its systems were down and medical teams could not transfer patients.

“We can still watch vitals and get imaging done, but all results are being communicated via paper only,” the doctor told Reuters on condition of anonymity.

Take Steps to Prevent Cybercrime

Government officials are telling hospitals to do their utmost to prevent cybercrime. They need to have their backup systems in order, to disconnect systems from the internet wherever possible and not to use personal email accounts. MSSPs with health care clients should lead these efforts, and make sure to also do the following:

  • Patch operating systems, software, and firmware as soon as manufacturers release updates.
  • Check configurations for every operating system version for HPH organization-owned assets to prevent issues from arising that local users are unable to fix because local administration is disabled.
  • Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.
  • Use multi-factor authentication where possible.
  • Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs.
  • Implement application and remote access to only allow systems to execute programs known and permitted by the established security policy.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
  • Audit logs to ensure new accounts are legitimate.
  • Scan for open or listening ports and mediate those that are not needed.
  • Identify critical assets such as patient database servers, medical records, and telehealth and telework infrastructure; create backups of these systems and house the backups offline from the network.
  • Implement network segmentation. Sensitive data should not reside on the same server and network segment as the email environment.
  • Set antivirus and anti-malware solutions to automatically update; conduct regular scans.
Mandiant's Charles Carmakal

Mandiant’s Charles Carmakal

The feds say the cybercriminal group called Wizard Spider or UNC1878 is responsible for the attacks. Charles Carmakal, senior vice president for U.S. cyber incident response firm Mandiant, told Reuters UNC1878 is “one of the most brazen, heartless and disruptive threat actors I’ve observed over my career.”

And, he told AP, “We are experiencing the most significant cyber security threat we’ve ever seen in the United States.”

Increasing Cybercrime Comes as No Surprise

Earlier this year, Cybersecurity Ventures predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds. And the estimated cost to businesses will top $20 billion in 2021. Worldwide, cybercrime damages will reach $6 trillion, the cybersecurity firm found.

West Monroe's Sean Curran

West Monroe’s Sean Curran

Sean Curran, senior director of technology and cybersecurity lead at West Monroe, a national consulting firm, says it’s no shock the health care industry is attracting hackers’ attention.

“One of the main reasons prioritizing cybersecurity is an issue at health care organizations, especially at hospitals and health care providers, is that their stretched resources are always prioritized to provide the best care,” Curran said. “If an executive is faced with spending money to improve health outcomes or spend more on cybersecurity, the choice, understandably, errs towards patient care. In healthcare, unlike most other industries, it truly can be the difference between life and death.”

Kaseya's Mike Puglia

Kaseya’s Mike Puglia

Mike Puglia, chief strategy officer at IT management and security solutions provider Kaseya, agreed.

“There is also a continued lack of awareness of the need for SaaS backup in health care IT,” he said. “Health care organizations and their IT leaders need to recognize that platforms like G Suite, Microsoft Office 365 and Salesforce do not guarantee full restoration of lost data if an issue occurs on their end, either through an honest mistake or…

  • Page 1
  • Page 2
Tags: MSPs Business of Security Cloud and Edge Endpoint MSSP Insider Network Security Specialty Practices

Most Recent


  • Update
    Acronis Updates CyberFit Partner Program Amid Rapid Service Provider Growth
    The updates include several programs and promotions for all types of partners.
  • Cloud Roundup
    Cloud Computing News: Broadcom-VMware, Google-Anthropic, Red Hat, More
    A new week is kicking off with a slew of cloud updates.
  • Word new on fire
    Skyhigh Security Partners Get New Global Partner Program
    This is Skyhigh Security's first partner program since the company's launch last March.
  • the software patching problem - solved
    The Software Patching Problem - Solved
    Organizations are struggling to keep up with the pace of software security patches and updates, making automation essential.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Security Vulnerability
    Older Fortinet Vulnerabilities Lead to Attack on Local Government Office
  • Threats
    Cybersecurity and Threat Protection: MSSPs, Get Your Advice Here
  • DevSecOps
    ServiceNow, Microsoft Set to Deliver Broad SecOps Integration
  • Dunce Cap Businessman
    Tired of MSSPs ‘Failing,’ Nuspire Debuts Platform to Combat Cyberattacks

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Abundant IoT, Advisors Tackle the eIoT Opportunity

February 6, 2023

Top 20 Stories in January: Avaya, Microsoft, IBM, AWS, Datto, More Layoffs

February 6, 2023

Cloud Computing News: Broadcom-VMware, Google-Anthropic, Red Hat, More

February 6, 2023

Industry Perspectives

View all

The Software Patching Problem – Solved

February 3, 2023

How to Break Through the Growth Ceiling

February 1, 2023

5 Things to Look for in a UC Partner

January 31, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

The SMB Opportunity: How to Sell and Service the SMB Market, Capture Customers and Expand Your Business

February 23, 2023

How To Boost Your Business With White-Label UCaaS

February 28, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

.@AbundantIoT is putting more focus on the enterprise, CEO Vince Bradley tells Channel Futures.… twitter.com/i/web/status/1…

February 7, 2023
ChannelFutures

January's #topstories in channel include @Avaya @GTTComm @Broadcom @awscloud @citrix @Salesforce @Datto… twitter.com/i/web/status/1…

February 6, 2023
ChannelFutures

.@Acronis announces #CyberFit partner program updates. dlvr.it/Sj2FZQ https://t.co/z7lRdIRo9R

February 6, 2023
ChannelFutures

More #Avaya trouble: Lawsuit against company by bondholders claims "massive fraud." dlvr.it/Sj2DZT https://t.co/4Q1E7JAXXf

February 6, 2023
ChannelFutures

.@DellTech adds new #APEX delivery options for #delltechnologies partners. dlvr.it/Sj29c6 https://t.co/3qEEYpnOBX

February 6, 2023
ChannelFutures

There are some familiar names in @coxbusiness and @Rapid_Scales recent partner awards. dlvr.it/Sj1zm6 https://t.co/0BuGwBrnvM

February 6, 2023
ChannelFutures

RT @Channel_Expo: We know your mind is on the #BigGame this week, but don't take your eye off the ball! #EarlyBird rates for #CPExpo & #MSP…

February 6, 2023
ChannelFutures

Learn about @bluewavetg's latest deal. dlvr.it/Sj1wrV https://t.co/NCdmJ4OFkf

February 6, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X