1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hospital helpdesks targeted by hackers US Health Department warn

    From TechnologyDaily@1337:1/100 to All on Mon Apr 8 16:45:05 2024
    Hospital helpdesks targeted by hackers US Health Department warns health services are under threat

    Date:
    Mon, 08 Apr 2024 16:30:11 +0000

    Description:
    Mystery hacker group tricks helpdesks into giving them employee account access, where they then steal money and data

    FULL STORY ======================================================================

    The US Department of Health and Human Services (HHS) has issued a warning
    that hackers are attempting to target the helpdesks of hospitals in order to gain access to critical hospital systems.

    The hackers have been observed contacting hospital IT help desks using local area code phone numbers and then pretending to be a hospital employee, providing the helpdesk with stolen identification.

    The hackers then request that their device be set up to use the employees multi-factor authentication . Once they have access to the hospital's
    internal systems, they are free to steal data and re-route transactions into their own bank accounts. Hospital data and finances a honeypot for hackers

    The Health Sector Cybersecurity Coordination Center (HC3) issued a warning
    for hospitals to be vigilant in the face of hackers using elaborate social engineering campaigns to gain access to hospital systems. The HC3 stated that the hackers specifically targeted login information related to payer
    websites, where they then submitted a form to make ACH changes for payer accounts in order to steal money.

    Once access has been gained to employee email accounts, they sent
    instructions to payment processors to divert legitimate payments to attacker-controlled U.S. bank accounts, HC3 continued. "The funds were then transferred to overseas accounts. During the malicious campaign, the threat actor also registered a domain with a single letter variation of the target organization and created an account impersonating the target organizations Chief Financial Officer (CFO).

    While no threat actor has been formally identified as responsible for these attacks, HC3 issued a number of guidance points to IT help desks in order to avoid succumbing to such an attack: ( PDF ) Require callbacks for employees requesting new device MFA enrollment or password resets using the number on file for the employee Monitor ACH changes for suspicious activity and frequently revalidate users who have access to payer websites Employees requesting MFA device enrollment, password resets, or ACH changes should report in person to the IT helpdesk Where this is not possible, contact the employee supervisor for verification Train helpdesk employees to identify social engineering techniques and spearphishing attempts

    Via BleepingComputer More from TechRadar Pro Here is our guide to the best identity theft protection Critical milestone: how new SEC rules affect business cybersecurity These are the best firewalls around



    ======================================================================
    Link to news story: https://www.techradar.com/pro/hospital-helpdesks-targeted-by-hackers-us-health -department-warns


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)