In July, GTIC researchers took a deeper look into several topics which seem to take aim at matters involving the inherent trust in systems on which we, globally, rely: healthcare data privacy and the internet, itself. This also includes theft of that data, and the money cyber criminals make from its exploitation.
It's no wonder. These trust systems could be exploited in numerous ways. And the data is so highly-targeted because it is so lucrative to cyber criminals — and readily sold on the dark web.
For instance, when it comes to healthcare information, it’s not just about your health! Valuable data includes information like insurance, credit card numbers, and bank account numbers. It also includes your private information like social security and driver’s license numbers, name and date of birth — essentially ‘who you are.’
The dark web, ransomware, attacks on healthcare organizations, along with all the valuable data held therein, and attacks on the Domain Name System (DNS) all combine to create this month’s GTIC Monthly Threat Report. In addition, this report looks further into recent attacks against the healthcare industry, and gives insight into why patient data is so valuable to attackers.
Ironically, given the value of the available healthcare information, it may be a surprise that the healthcare industry is not consistently ranked as one of the most highly attacked industries, despite the fact that healthcare organizations accounted for over 15% of all incident response engagements — the second most common industry globally, behind only finance.
The increase in attacks has been felt globally, and NTT Security researchers anticipate a continued uptick in attacks against this industry.
And it’s not just industry trends which give us pause when attackers focus on the DNS which affect our trust in what should be basic internet functions. In this report, we take a look into attacks on what is really a foundational part of the internet – the DNS.
GTIC researchers also look into ransomware and malware campaigns prevalent during July, which include activity by AgentTesla, NanoCore, Sodinikobi, and Revenge. Some are new, while some are old, but NTT Security has been observing a steady level of activity from these specific families over the past month or so.
We also introduce an interesting and insightful new blog series focusing on the dark web. In this edition, GTIC researchers give a very high-level overview of how to begin to access the far-reaching corners of the internet —and several pointers on how to keep yourself safe there.
The May 2019 edition of the GTIC Monthly Threat Report provides insight and a few recommendations for several topics which easily disrupt the inherent trust we have — though probably shouldn’t — in many aspects of our daily internet usage. Check out the July 2019 Monthly Threat Report here for more insight.