Last week, a cyberattack interrupted insurance procedures at pharmacies across the US. Specifically, from Maryland to New York, healthcare professionals say that the infiltration continues to disrupt their business processes, threatening revenue and patient security. CNN originally reported on the story, but unfortunately, this isn’t a new issue. And even more alarming, the hacking doesn’t seem to be slowing down.
All medical practices are facing the threat of cyber attack right now. Especially those who may not have bulked up their online security measures or implemented safe digital business practices. For example and unluckily, a recent client was victimized by a digital insurance hacker who was able to monitor online traffic, create a new website domain, and ultimately steal $30,000 via wireless transfer. The intricacy of the scam involved creating and mimicking website domains and then communicating with both parties separately through fake email addresses that looked identical to the real ones. Even worse, the hackers obtained exact signatures for everything, enabling them to fraudulently provide incorrect routing and account numbers that eventually lead to the substantial loss. With this in mind, it has been ‘crunch-mode’ in my business. We’re working hard to prioritize cyber security, ensuring a higher function, and mitigating these threats at healthcare facilities.
As a healthcare consulting firm, there’s plenty CLC can do to help. Firstly, that’s just to bring awareness and share knowledge on this rampant problem. Not only do healthcare professionals have a duty to protect their patient’s and business information, but it’s also our duty as a consulting firm to help them stay safe as well.
Luckily there are a few ways to try to thwart hackers and cyber criminals from stealing vital information or financial information.
Here are just a few protective measures that can be taken:
Use Multi-Factor Authentication (MFA) to Protect Login Information:
an MFA is a multi-step account login process that requires users to enter more information than just a password. For example, along with a password, users may be asked to use a special code sent to their email or phone, answer a set of security questions, or scan their face or fingerprint.
Add Additional Security to Laptops and Mobile Devices:
strengthen passwords and passcodes by using random sequences of numbers, special characters, and upper and lowercase letters. Install malware, and work off a Virtual Private Network (VPN). This is a simple option, but does really help keep your information safe.
Avoid Connecting to Public Wi-Fi Networks:
if at all possible, try to avoid connecting to wi-fi networks that are public or unsecure. For example, when working from a laptop at an airport, cafe or coffee shops, it is imperative that users avoid connecting to these types of public networks. Hackers lie in wait for users to connect, and then hack into these networks and monitor website traffic patterns, hack into computer servers, and find domains they can infiltrate.
Verify Email Activity and Do Not Open Unknown Links:
double check that email correspondence is always with the correct recipient. It is quite simple for hackers to infiltrate unsecure WiFi connections and then replicate domains and emails that look almost identical to the real ones. When this happened to my client, they thought their email was compromised on the recipient’s end. When in actuality, nobody’s email was compromised. It was the unsafe network connection. See, what happened was the hacker gained access to an unsecure WiFi network and began monitoring traffic going through that WiFi router. From there, they gained access to the domain names and information on the client’s computer.
Another important point to remember is to never open unknown links from email addresses you do not recognize, or even if you do. Sometimes hackers try to gain access to your network by sending phishing emails with links that contain viruses. These viruses allow them to take over your computer’s network and activity. If you’re unsure of a link being sent, the best choice is not to open it. Verify the sender or the link by making contact with the sender via phone, or direct email.
Hopefully with this insight, CLC can bring more awareness to such a prominent issue in the healthcare sector. Still, and just last week, the American Hospital Association (AHA) was receiving reports regarding cyber attacks on insurance claims. With this type of interference still ongoing, it is important to bulk up security measures and enlist the help of a professional. With a few added measures and a vigilant mindset, the healthcare industry can be better protected and prepared for any future obtrusion. If you’re interested in learning more about we can help your business stay safe online, contact us today.
