Security Central: Quest Diagnostics Suffers Breach, It’s Time to Disengage with “Security Deniers”

Healthcare is one of the largest industries out there, and it is still growing at an incredibly fast rate. It also happens to be the number one most targeted industry for cyber-attacks, with cybercriminals developing increasingly crafty ways of sneaking past security systems and compromising sensitive data. This is not news, especially for channel folks, but it’s important to keep in mind with this week’s first story. On Monday, New Jersey-based medical laboratory company Quest Diagnostics announced that they had experienced a data breach, affecting approximately 34,000 people. In a press release, the company stated that the hackers broke in and made off with sensitive medical information such as names, dates of birth, lab results and telephone numbers. Thankfully, no financial information such as payment card numbers were stolen. 

Attackers were able to gain access to the data via a mobile app called MyQuest by Care360, which allows patients to share and store electronic health records. The app, it turns out, was not secured properly. Quest pointed out that they were quick to leap into action as soon as the intrusion was detected. “When Quest Diagnostics discovered the intrusion, it immediately addressed the vulnerability,” stated Quest in the press release. “Quest is taking steps to prevent similar incidents from happening in the future, and is working with a leading cybersecurity firm to assist in investigating and further evaluating the company’s systems. The investigation is ongoing and the unauthorized intrusion has been reported to law enforcement.”

Related

Security Central: Top Cybersecurity Priorities for Our 45th President, Global Cybersecurity Confidence Gets a Bad Grade

The Holidays Mean Stealing Deals… and Data, Phishing Still Reeling in Suckers

It has been a rough year for the healthcare industry, and with the Quest Diagnostics breach, the compromise of healthcare networks has been rather violently resurfaced. “For hackers, developing a targeted attack is a significant effort, so it’s no surprise that they focus on healthcare organizations that store highly valuable patient data (significantly more valuable than credit cards on the Dark Web!),” said Israel Levy, the CEO of security company BUFFERZONE, in an email to FoxNews.com. “[The Quest Diagnostics] breach is yet another indication that despite regulations like HIPAA, healthcare organizations still aren’t doing enough to protect themselves.”

Data released in early 2016 by security researcher Ponemon Institute stated that breaches could be costing the healthcare industry $6.2 billion annually. There are quite a few reasons behind the onslaught of successful attacks and breaches that happen within the industry, but many experts point to good old fashioned negligence and lack of risk monitoring. 

Our second story takes a look at the roles that the end customer and the service provider play in inadequate cybersecurity. Think back over some of the biggest hacks and security breaches that have occurred over the year. Over and over again, companies big and small across almost every industry inevitably fall victim to a cyber-attack. This begs the obvious question, “How does this keep happening?” Or, in plainer, more blunt terms, who is falling down on the job?  According to author T.C. Doyle in an article on our sister site MSPmentor, the hacks aren’t happening because security consultants and service providers aren’t screwing up, but because customers are. “No matter their market, size or savvy, customers have to believe that somehow, somewhere, someone will compromise their ICT systems,” states Doyle. It has become an inevitability, but despite that, most businesses will “willfully downplay if not ignore security risks.”

So, it’s not really a question of ignorance, it’s more of a “sweep it under the rug” type problem. There are many examples of this, with the data to back it up. This week for example, developer of a cyber security data analytics platform RedSeal released the results of a new survey on CEO confidence. The big finding: “more than 80 percent of CEOs are very confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged 66 percent year-over-year since 2009.”

Why is this? There are a number of things that could be to blame, but RedSeal found CEOs “still prioritize keeping hackers out of the network.” This, as most of us know by now, is an extremely outdated approach. Here’s where the talk of security deniers comes in. Doyle’s advice? “To help your customers in 2017, you’re going to have to persuade CEOs, even stubborn ones, that two immutable truths prevail today: bad actors won’t stop until they have compromised every organization’s data, systems and applications, and that employees are some of their most vulnerable assets—far more than the security cameras, Dropbox accounts and personal devices attached to their digital networks.”

Our last story takes a look at AWS Shield, a tool just released by Amazon Web Services. The new technology was created in the wake of the massive online attack that took out large sites such as Reddit, Netflix and Twitter to protect such sites against these types of distributed denial of service (DDoS) attacks. The technology comes in two levels, one called AWS Shield Standard with basic integrated DDoS protection, which will be default for AWS customers, and a premium version called AWS Shield Advanced, which is meant for more sophisticated and targeted online attacks.

“I think this will really help you protect yourselves even against the largest and most sophisticated attacks that we’ve seen out there,” said Werner Vogels, the Amazon chief technology officer, when announcing the product at a recent event. “We certainly hope so. It would be nice to see a security pivot work effectively.” The attacks back in October targeted Dynamic Network Services Inc., better known as Dyn, which is among several providers of domain-name services to AWS. Shortly after the attacks started Friday morning, AWS discontinued its use of Dyn’s DNS services and rerouted traffic to other providers, restoring full service.