Healthcare providers are often targeted by threat actors. The UnitedHealth Group attack this year shows just how much damage can be done by such attacks. Four U.S. Senators have introduced a bipartisan bill to improve cybersecurity in the healthcare sector.
The bill provides grants to health entities to improve cyberattack prevention and response. It provides training to health entities on cybersecurity best practices. It provides support for rural health clinics on breach prevention and resilience in coordination with federal agencies. It modernizes current regulations to assist entities covered by HIPAA. And it requires the U.S. Health and Human Services (HHS) Secretary to develop and implement a cybersecurity incident response plan.
This sounds like a lot of opportunities for MSSPs, particularly those who specialize in healthcare already.
Got news or tips to share with us? Please send them to [email protected].
Today’s MSSP Update
1. Protecting against holiday cyberthreats - Fortinet’s FortiGuard Labs’ new report looks at threats that leverage the winter holidays, including deceptive domains and compromised e-commerce sites. These threats pose risks to both shoppers and businesses. The report includes a deeper dive into shopping-themed phishing lures that use generative AI and includes examples of cybercriminals using AI models like ChatGPT to create phishing emails that look like legitimate communications from retailers and banks.
2. Amazon S3 dataset backups - Commvault’s newest solution enabling enterprises to instantly recover Amazon S3 datasets of any size back to a precise point in time. The capability is the first from its acquisition of AWS data protection company Clumio. The company said it offers protection in case of accidental data deletion or ransomware attacks.
3. Threat actors bypass SEGs - A report from Cofense Intelligence reveals how threat actors bypass secure email gateways (SEGs) by hiding malware inside specific types of archives. This happens regardless of whether the organizations are using tools such as secure SEGs or EDR, enabling threat actors to exploit flaws and vulnerabilities. The research shows 15 different archive formats were used including .zip.
4. CyberVolk details - New research from SentinelLabs provides details about CyberVolk, a “hacktivist” collective with pro-India/pro-Russia leanings targeting multiple countries around the world. The research reports that the group originate in India and leverages geopolitical issues to launch and justify attacks on public and government entities, primarily in the service of Russian government interests.
5. Protecting AI infrastructure - SentinelOne has introduced AI Security Posture Management, a new solution designed to secure against evolving AI threats. It’s available as part of the company’s Cloud Native Security. It performs an automated inventory of AI infrastructure, detects misconfigurations and actively resolves potential issues, SentinelOne said in a blog post.
6. Distribution partnership - Keeper Security, a provider of cloud-based zero-trust and zero-knowledge cybersecurity software has forged strategic partnership with online channel marketplace company Sherweb, putting the company’s solutions in the online marketplace, adding a new distribution channel to reach MSPs.
7. MSSP 250 company partnership - Socura, an MSSP 250 company has strengthened its partnership with Google Cloud by joining Google Cloud Partner Advantage as an MSSP Initiative Partner.
8. Cybersecurity acquisition - Kingswood Capital Management has acquired Identity Theft Guard Solutions from ZeroFox. The company provides IDX, a cybersecurity breach response platform that provides end-to-end notification, remediation, and digital protection for customers and employees affected by cyber breaches.
