At the beginning of this year, I reached out to my son’s pulmonologist at Lurie Children’s Hospital to change his appointment, only to be greeted by a busy signal. I then tried sending a message through the MyChart app, but that service was down as well.
After conducting a Google search, I discovered that the hospital’s entire network, including phone, internet, email, and electronic health record systems, was inoperable, with no timeline for restoration. The following week, it was revealed that this disruption was the result of a cyberattack. The systems remained out of operation for over a month, and a ransomware group named Rhysida took responsibility for the incident, demanding a ransom of 60 bitcoins (approximately $3.4 million) for the stolen data on the dark web.
My son’s appointment was just a standard check-up. However, when my son, a micro preemie, was an infant, losing access to his healthcare providers could have had extremely serious consequences.
While cybercrime poses threats to major corporations, hospitals, and government agencies, small businesses are also impacted. A resource guide developed by McAfee and Dell in January 2024 highlighted a study revealing that 44% of small businesses had encountered a cyberattack, with most incidents occurring in the past two years.
Individuals are the most vulnerable
When considering cyberattacks, many envision a hacker in a hoodie typing away at a computer to penetrate a company’s systems with a few lines of code. However, that is rarely how breaches occur. More often, individuals unwittingly compromise information through social engineering methods such as phishing emails or malicious attachments.
“The human element remains the weakest link,” states Abhishek Karnik, director of threat research and response at McAfee. “Social engineering continues to be the most common way organizations get compromised.”
Prevention: It is essential to conduct regular mandatory training for employees, focusing on identifying and reporting potential threats to maintain strong cyber hygiene.
Internal threats
Internal threats present another human-related risk for organizations. An insider threat occurs when an employee with access to sensitive company data engages in a breach, either for personal gain or under coercion from an external entity.
“People often have a false sense of security regarding their employees,” comments Brian Abbondanza, an information security manager for the state of Florida. “We trust them because we perform background checks and paperwork, yet insiders can be just as harmful as external attackers.”
Prevention: Limit users’ access to only the information necessary for their roles. Utilizing privileged access management (PAM) can help establish access policies and monitor who accesses which systems.
Additional cybersecurity challenges
Beyond human factors, vulnerabilities within the network often stem from the applications being utilized. Malicious actors can exploit sensitive information or breach systems through various methods. While you may be aware of the importance of avoiding unsecured Wi-Fi networks and implementing robust authentication processes, several cybersecurity risks may be unfamiliar.
Employees and ChatGPT
“Organizations are increasingly realizing that information leaks occur when individuals use platforms like ChatGPT,” notes Karnik. “Revealing your source code or company details poses significant risks, as once such information is public, its future use remains uncertain.”
Malicious use of AI
“I believe that the availability of AI tools has lowered the entry barriers for many attackers, enabling them to perform actions they previously couldn’t, such as crafting persuasive emails in English or other target languages,” Karnik explains. “Numerous AI tools exist that can generate effective emails in a desired language with ease.”
QR codes
“During the COVID pandemic, we shifted from physical menus to QR codes on tables,” Abbondanza recalls. “However, I could easily manipulate a QR code to capture personal information, including passwords and usernames, before redirecting someone to a potentially harmful website.”
Engage with experts
The key lesson for leadership is to heed the advice of cybersecurity professionals and proactively develop contingency plans for potential scenarios.
“Organizations are eager to roll out new applications and services, and security often struggles to keep pace,” Abbondanza observes. “There is a significant gap between leadership and security specialists.”
Additionally, addressing threats requires a human touch. “Russia’s top attack team can breach systems within eight minutes,” Abbondanza highlights. “It takes me about 30 seconds to a minute to receive an alert, so without a cybersecurity team capable of responding in under seven minutes, we may be facing a breach.”
