2 Minute Drill: Iranian Hackers, VPN Scams, and CrowdStrike Congressional Testimony with Drex DeFord
Episode 595th September 2024 • This Week Health: Newsroom • This Week Health
00:00:00 00:03:59

Transcripts

This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

  Hey everyone, I'm Drex, and this is the 2 Minute Drill, where I do three quick stories twice a week, all part of one great community, the 229 Cyber and RISC community here at This Week Health. Today's drill is brought to you by Fortified Health Security. No matter where you're at in your security journey, Fortified can help you improve your security posture, through their 24 7 threat defense services or advisory solutions delivered through Central Command, a first of its kind platform that simplifies cybersecurity management and provides the visibility you need to mature your program.

Learn more at FortifiedHealthSecurity. com. Thanks for joining me today. Here's some stuff you might want to know about. The FBI, CISA, and Department of Defense have come together on a new joint advisory document warning the healthcare industry that a specific group of Iranian state backed cyber thugs have been directly responsible for attacks on hospitals and other healthcare organizations as recently as August.

And as a result, they're telling security folks to be especially vigilant. The Iranian hackers go by a variety of names, including Broker and XPL Finder, and there's evidence they work with other ransomware thugs, like Al V and RansomHouse, both of those I've talked about recently as the perpetrators of major healthcare breaches.

There's a lot of good technical detail in the advisory for your teams. Dirtbags are focusing a lot of their time looking for vulnerabilities on externally facing or internet facing devices. That's the kind of stuff you should be constantly monitoring anyhow, but it's always a good reminder. Researchers from Unit 42, the security research arm of Palo Alto Networks have reported a new scam.

If you search for virtual private network software on Google, you may very well wind up with a link that's not A link you want. The link in the underlying page might say Palo Alto, and the page that follows might look a lot like a Palo Alto business page, but in reality, it's bad guys trying to trick users into downloading malware so they can do nasty things on your computer.

and your network. This technique, which is generally known as SEO poisoning, works because bad guys acting like legitimate businesses purchase advertising or they're doing other things to improve their fake page rankings on Google so that their fake page links appear at the top of the list when a user searches on a word or a phrase, in this case something like searching for virtual private network software.

So if you're thinking about downloading free software from the internet, or if you're trying to create some kind of a shortcut around your IT department to get a piece of software that you want, but maybe they don't provide that software as part of the inventory, just don't do that. Also, ask the applications team for the currently approved and tested version of the software that you want.

And for your home machines, just be really careful that you're on a legitimate site. And you're downloading legitimate software. And it looks like September 24th is the day CrowdStrike is set to testify to Congress about the July 19th outage that took down computers around the world. Senior Vice President of Counter Adversary Operations, Adam Myers, will take the mic to represent CrowdStrike.

All the details on that story and all the other stories are at thisweekhealth. com slash news. Thanks again to our Two Minute Drill sponsor, Healthcare Cyber Partner, Fortified Health Security. With a 98 percent client retention rate and three consecutive best in class awards, Fortified's exclusive focus on healthcare cybersecurity makes them the go to partner for healthcare organizations wanting to strengthen their cybersecurity posture.

Find out more at fortifiedhealthsecurity. com. That's it for today's Two Minute Drill. Thanks for being here. Stay a little paranoid. I'll see you around campus.

Chapters

Video

More from YouTube