Earlier this year, I contacted my son’s pulmonologist at Lurie Children’s Hospital to reschedule his appointment and was met with a busy tone. Then I went to the MyChart medical app to send a message, and that was down as well.
A Google search later, I discovered the entire hospital system’s phone, internet, email, and electronic health records system were down and that it was uncertain when access would be restored. The following week, it was confirmed that the outage was caused by a cyberattack. The systems remained offline for over a month, and a ransomware group named Rhysida claimed responsibility for the attack, demanding 60 bitcoins (approximately $3.4 million) in compensation for the data on the dark web.
My son’s appointment was just a routine appointment. However, when my son, a micro preemie, was an infant, losing access to his medical team could have had serious consequences.
Cybercrime is a worry for large corporations, hospitals, governments, and small businesses as well. In January 2024, McAfee and Dell released a resource guide for small businesses based on a study they conducted that revealed 44% of small businesses had been targeted by a cyberattack, with the majority of these attacks occurring within the past two years.
Humans are the weakest link
When most individuals think of cyberattacks, they envision a hacker in a hoodie sitting in front of a computer and infiltrating a company’s technology infrastructure with a few lines of code. However, that’s not typically how it happens. In many cases, individuals unknowingly disclose information through social engineering tactics like phishing links or email attachments containing malware.
“The weakest link is the human,” states Abhishek Karnik, director of threat research and response at McAfee. “The most common way organizations are breached is still through social engineering.”
Prevention: Regular mandatory employee training on identifying and reporting threats should be conducted to prioritize cyber hygiene.
Insider threats
Insider threats pose another human-related risk to organizations. An insider threat occurs when an employee with access to company information commits a breach. This individual may act independently for financial gain or be influenced by an external party.
“There’s this false sense of security when it comes to insiders, that they’re much less likely to impact an organization than some form of external attack,” says Brian Abbondanza, an information security manager for the state of Florida. “We trust that they’re not engaging in such activities, but we’ve had them complete all this paperwork, run background checks, and so forth.”
Prevention: Users should only have access to the information they require. Privileged access management (PAM) can be utilized to establish policies and user permissions, as well as generate reports on system access.
Other cybersecurity pitfalls
Beyond humans, your network vulnerabilities lie in the applications you utilize. Bad actors can gain access to confidential data or infiltrate systems in various ways. While you likely already know to avoid public Wi-Fi networks and implement strong authentication methods, there are some cybersecurity pitfalls that may be unfamiliar to you.
Employees and ChatGPT
“Organizations are becoming more aware of the information leaving the organization because individuals are posting to ChatGPT,” Karnik remarks. “You don’t want to expose your source code or company information there. Once it’s out there, you can’t control how it will be used.”
AI use by bad actors
“AI tools have made it easier for many attackers to engage in activities they couldn’t do before, such as crafting effective emails in English or another target language of choice,” Karnik points out. “Finding AI tools that can create a convincing email in the target language is simple.”
QR codes
“During COVID, we shifted from physical menus to using QR codes on tables,” Abbondanza notes. “I could easily embed a redirect on that QR code to first gather all necessary information about you, including scraping passwords and usernames from your browser, and then swiftly direct you to an unfamiliar site.”
Involve the experts
The key takeaway is for leadership to heed the advice of cybersecurity experts and proactively plan for potential issues.
“We want to introduce new applications, offer new services, and security needs to keep pace,” Abbondanza explains. “There’s often a significant gap between organization leadership and security professionals.”
In addition, addressing threats proactively with human resources is crucial. “Russia’s top attacking group can cause damage within eight minutes, but it takes me about 30 seconds to a minute to receive an alert,” Abbondanza emphasizes. “If our cybersecurity team can’t respond in seven minutes, we likely have a breach on our hands.”
