Industry News

Our industry news section covers a broad range of news items of particular relevance to the cybersecurity industry and managed service providers (MSPs).

This section also included details of the latest white papers and research studies relating to malware, ransomware, phishing and data breaches. These articles provide some insight into the general state of cybersecurity, the industries currently most heavily targeted by cybercriminals, and figures and statistics for your own reports.

Hackers and scammers conduct massive spam campaigns designed to infect as many computers as possible. These attacks are random, using email addresses stolen in large data breaches such as the cyberattacks on LinkedIn, MySpace, Twitter and Yahoo. However, highly targeted attacks are increasing in frequency, with campaigns geared to specific industries. These industry-specific cyberattacks and spam and malware campaigns are detailed in this section, along with possible mitigations for reducing the risk of a successful attack.

This category is therefore of relevance to organizations in the education, healthcare, and financial services industries – the most common attacked industries according to recent security reports.

The articles contain information about current campaigns, spam email identifiers and details of the social engineering tactics used to fool end users and gain access to business networks. By following the advice in these articles, it may be possible to prevent similar attacks on your organization.

Best Antivirus Software Solution for 2015 Awards Announced

What was the best antivirus software solution for 2015 for the enterprise?

Protecting against the ever increasing number of cyberthreats is a full time job. The attack surface is now broader than ever before and hackers are developing increasingly sophisticated methods of obtaining data. The measures that must now be implemented to keep cyberattackers at bay have also increased in diversity and complexity.

Once of the core protections required by all organizations and individuals is an anti-virus software solution, and there is certainly no shortage of choice. But what was the best antivirus software solution for 2015?

The best AV software engines rated by AV-Comparatives

What AV engine detects and removes the most malware? What product offers the best real world protection? Which boasts the best file detection rates? These are all important considerations if you want to keep your organization protected. These and other factors were assessed over the course of the year by AV-comparatives.

AV-Comparatives is an independent testing lab based in Innsbruck, Austria. Each year the company publishes a report detailing the results of the AV tests the company conducted over the course of the year. The report is an excellent indicator of performance.

The company tested 21 of the top AV products on the market, subjecting each to a wide range of rigorous tests to determine the potential of each to protect users against malicious attacks.

The test results clearly show that not all antivirus products are the same. While all AV engines under test offered an acceptable level of performance, “acceptable” may not be good enough for enterprise installations.

The best antivirus software solution of 2015

AC-Comparatives rated performance and issued a number of awards to companies that excelled in specific areas of antivirus and antimalware protection. Gold, Silver and Bronze awards were awarded along with an overall best antivirus software solution for 2015 award.

Antivirus award categories:

  • Real-world detection
  • File detection
  • False positives
  • Overall performance
  • Proactive protection
  • Malware removal

Contenders for the ‘Best Antivirus Software Solution for 2015 Awards’

The Antivirus protects tested and considered for the awards were:

  • Avast Free Antivirus
  • AVG Internet Security
  • Avira Antivirus Pro
  • Baidu Antivirus
  • Bitdefender Internet Security
  • BullGuard Internet Security
  • Emsisoft Anti-Malware
  • eScan Internet Security Suite
  • ESET Smart Security
  • F-Secure Internet Security
  • Fortinet FortiClient (with FortiGate)
  • Kaspersky Internet Security
  • Lavasoft Ad-Aware Free Antivirus+
  • McAfee Internet Security
  • Microsoft Windows Defender for Windows 10
  • Panda Free Antivirus
  • Quick Heal Total Security
  • Sophos Endpoint Security and Control
  • Tencent PC Manager
  • ThreatTrack VIPRE Internet Security
  • Trend Micro Internet Security

The Best Antivirus Software Solution for 2015 Award

After assessing all categories of anti-virus protection there were two AV products that excelled in all categories and received an Advanced+ rating: Bitdefender and Kaspersky Lab, with Kaspersky Lab bestowed the best antivirus software solution for 2015. Kaspersky Lab is one of the two AV engines at the core of SpamTitan anti-spam solutions.

The Russian antivirus company also received a Gold Award for “Real-World” protection, file detection, and malware removal, as well as a Silver Award for proactive (Heuristic/Behavioral) protection, and a Bronze Award for overall low system impact performance.

Cet article est disponible en anglais.

McAfee SaaS Email Protection Products Dropped by Intel Security

Following the recent news that Intel Security will be discontinuing McAfee SaaS Email Protection products, SpamTitan is preparing for 2016 when business customers start looking for a new email security vendor to ensure continued protection.

McAfee SaaS Email Protection to Come to an End

Intel Security, the new company name for McAfee, has taken the decision to exit the email security business. The company will be dropping McAfee SaaS Email Protection products and will be concentrating on other areas of business.

From January 11, 2016, McAfee SaaS Email Protection and Archiving and McAfee SaaS Endpoint will stop being sold by Intel Security. The news is not expected to trigger a mass exodus in early 2016, as Intel Security has announced that it will continue to provide support for the products for a further 3 years. Support for both McAfee SaaS Email Protection and Archiving and SaaS Endpoint will stop after January 11, 2019. However, many customers are expected to make the switch to a new email security provider in the new year.

SpamTitan Technologies Anti-Spam Solutions

SpamTitan Technologies offers a range of cost effective business email security appliances which keep networks protected from malware, malicious software, and email spam. Users benefit from dual AV engines from Bitdefender and Clam Anti-Virus, offering excellent protection from email spam, phishing emails, and inbox-swamping bulk mail.

SpamTitan is a highly effective anti-spam solution that was first launched as an image solution. Following an agreement with VMware, SpamTitan was developed into a virtual appliance. The range of anti-spam products has since been developed to include SpamTitan OnDemand in 2011 and SpamTitan Cloud in 2013. In August 2015, SpamTitan blocked 2,341 billion emails and has helped keep business networks free from malware and viruses.

SpamTitan was the first Anti-Spam Appliance to be awarded with two Virus Bulletin VBSPAM+ awards and has also received 22 consecutive VBSpam Virus Bulletin certifications. Additionally, SpamTitan was awarded the Best Anti-Spam Solution prize at the Computing Security Awards in 2012.

Companies in over 100 countries around the world have chosen SpamTitan as their anti-email spam partner. The email security appliance stops 99.98% of email spam from being delivered.

WebTitan Web Filtering Solutions from SpamTitan Technologies

WebTitan Gateway offers small to medium businesses a cost effective method of blocking malware and malicious websites, with highly granular controls allowing individual, group, and organization-wide privileges to be set. Delivered as a software appliance that can be seamlessly integrated into existing networks, it is an essential tool to protect all business users and allow the Internet to be viewed securely.

WebTitan Cloud is a cloud-based web filtering solution requiring no software installations. Create your own web usership policies and block malware-infected websites, objectionable websites, and restrict Internet access to work-related content with ease. Benefit from a comprehensive set of reporting tools which allow the browsing activity of every end user in the organization to be easily monitored.

WebTitan Wi-Fi has been developed for Wi-Fi providers and MSPs to allow easy control of Internet access. WebTitan Wi-Fi allows users to easily block objectionable content and malicious websites, with controls able to be applied by location. The cloud solution requires no software installations. All that is required to start protecting your business is a simple DNS redirect to WebTitan cloud servers.

WebTitan web filtering solutions blocked 7,414 malware-infected webpages in August 2015, and have helped keep businesses better protected from malicious website content, phishing campaigns, and drive-by malware downloads.

Healthcare Industry Phishing Report: Greater Email Security Required

In the United States, healthcare industry phishing campaigns have been responsible for exposing the protected health records of well over 90 million Americans over the course of the past 12 months. That’s over 28% of the population of the United States.

This week, another case of healthcare industry phishing has come to light with the announcement of Connecticut’s Middlesex Hospital data breach. The hospital discovered four of its employees responded to a phishing email, resulting in their email account logins being sent to a hacker’s command and control center. In this case the damage caused by the phishing attack was limited, and only 946 patients had their data exposed. Other healthcare organizations have not been nearly so lucky.

Largest ever healthcare industry phishing attack suffered in 2015

In February, Anthem Inc., the second largest health insurance company in the United States, discovered it had suffered the mother of all healthcare data breaches. Approximately 78.8 million health insurance subscriber records were obtained by criminals in the attack. The breach did not occur in February, but months previously, with the hackers being allowed plenty of time to exfiltrate data.

Another U.S. health insurance company discovered it too had been hacked just a couple of weeks later. Premera Blue Cross similarly found out that hackers had gained access to its systems many months previously and had potentially obtained the records of over 11 million insurance subscribers.

Both security breaches were highly sophisticated in nature, but were discovered to have their roots in healthcare industry phishing campaigns. Employees had responded to phishing emails which ultimately allowed hackers to gain access to huge volumes of highly confidential healthcare data.

In 2014, Community Health Systems suffered a data breach that exposed the PHI of 4.5 million individuals in what was then the second largest healthcare data breach reported. That data breach had its roots in a phishing campaign sent to its employees.

Healthcare industry phishing attacks occurring with alarming frequency

In just 12 months, many healthcare providers and health plans have suffered at the hands of phishers. Some of the healthcare industry phishing attacks have been summarized in the table below:

Successful U.S. Healthcare Industry Phishing Attacks in 2015

Company Records Exposed
Anthem Inc. 78,800,000
Premera Blue Cross 11,000,000
CareFirst Blue Shield 1,100,000
Seton Healthcare 39,000
Saint Agnes HealthCare 25,000
Partners Healthcare 3,300
Middlesex Hospital 946
St. Vincent Medical Group 760

 

Cybercriminals attracted by easy targets and big rewards

In the United States, healthcare organizations and their business associates are covered by legislation which requires robust protections to be put in place to keep computer networks secure and patient health data safeguarded from attack. The Health Insurance Portability and Accountability Act (HIPAA) requires administrative, technical, and physical controls to be used to keep the Protected Health Information (PHI) of patients secure at all times.

Even though the industry is heavily regulated, the industry lags behind others when it comes to data security. Hackers often see healthcare organizations as an easy target. Their networks are complex and difficult to protect, and IT security budgets are insufficient to ensure that all of the appropriate protections are put in place to keep data secure.

On top of that, healthcare providers and health insurers store an extraordinary volume of highly sensitive data on patients and subscribers. Those data are much more valuable to thieves than credit card numbers. Health data, Social Security numbers, and personal information can be used to commit identity theft, medical fraud, insurance fraud, credit card fraud, and tax fraud. One set of patient data can allow criminals to fraudulently obtain tens of thousands of dollars, and the data can typically be used for much longer than credit card numbers before fraud is detected.

It is therefore no surprise that healthcare providers are such a big target. There are potentially big rewards to be gained and little effort is required. Healthcare industry phishing is therefore rife, and spear phishing campaigns are now increasingly being used to get busy healthcare employees to reveal their login credentials. Many of those campaigns are proving to be successful.

Industry reports suggest that the healthcare industry in the United States does not have sufficient controls in place to prevent against phishing attacks. A KMPG study conducted earlier this year showed that 81% of U.S. healthcare organizations had suffered cyberattacks, botnet, and malware infections. Other research conducted by Raytheon/Websense suggested that the healthcare industry in the United States suffered 340% more data breaches than other industries.

Healthcare industry phishing emails are not always easy to identify

Just a few years ago, a phishing email could be identified from a mile away. They contained numerous spelling mistakes and grammatical errors. Nigerian 419 scams were commonly seen and easily spotted. Malicious email attachments were sent, yet they could be easily identified as they were rarely masked. It is easy to train staff never to open an executable file sent via email.

Today, it’s a different story. Healthcare industry phishing emails are not always easy to identify. Malicious emails are crafted with a high level of skill, spell checks are used, subjects are researched, as are the targets. Links are sent to phishing websites that cybercriminals have spent a lot of time, money, and resources developing. Even a trained eye can have trouble identifying a fake site from a real one. The threat landscape has changed considerably in just a few years.

Sometimes healthcare industry phishing emails are so convincing that many members of staff are fooled into responding. Franciscan Health System is a good example. In 2014, a phishing campaign was sent to the healthcare provider via email. The scam was straightforward. Workers were sent an email containing a link and a good reason to click it. They clicked through to a website which required them to enter their login credentials. 19 workers reportedly fell for the campaign and revealed their email account login names and passwords. Contained in their email accounts were patient data. As many as 12,000 patients were affected.

What can be done to reduce the risk of phishing attacks?

There are a number of controls and safeguards that can be implemented to reduce the risk of healthcare industry phishing campaigns being successful, and multi-layered defenses are key to reducing risk.

Conduct Regular Staff Training

All members of staff should be trained on email and internet security, and told how to identify phishing emails and phishing websites. They must be issued with a list of best practices, and their knowledge should be tested. The sending of dummy phishing emails is a good way to check to see if they have taken onboard the information provided in training sessions.

Use Powerful Anti-Virus and Anti-Malware Software

Separate anti-virus and anti-malware solutions should be used and virus/malware definitions updated automatically. Regular scans of the network and individual devices should be scheduled at times of low network activity.

Employ Spam Filtering Software

Spam filtering solutions are essential. One of the best ways of preventing end users from falling for phishing emails is to make sure they never receive them. Powerful anti-spam solutions will block and quarantine malicious email attachments and prevent phishing emails from being delivered to end users.

Implement Web Filtering Solutions

Not all phishing campaigns come via email. Social media websites are often used as an attack vector and malicious website adverts can direct users to phishing websites. Implementing a web filter to limit the types of websites that users are permitted to visit can significantly reduce the risk of users falling for a phishing campaign. Web filtering solutions will also block access to known phishing websites.