On November 16, the FBI and Cybersecurity and Infrastructure Security Agency announced that they used social engineering techniques and legitimate remote access tools to compromise victims’ networks and collect ransoms against healthcare and other critical infrastructure. We recommended that you take steps to protect your network from Scattered Spider groups that extort and steal data. .
“Scattered Spider’s highly technical cyber attack begins with a sophisticated psychological attack,” said John Riggi, AHA National Advisor on Cybersecurity and Risk. “Scattered Spider uses social engineering techniques to trick the end user into providing credentials, authentication codes, or downloading ‘help desk’ tools on the computer, allowing the attacker to Persistent access to your network. Staff should be informed about the help desk’s verification protocols, and help desk personnel should not ask staff to disclose credentials or multi-factor authentication codes. Conversely, help desks have strengthened their verification protocols to ensure that staff credentials are not inappropriately reset, and to ensure that staff can distinguish between valid help desk interactions and social engineering attempts. Must be a challenge. ”
For more information on this or other cyber and risk issues, please contact Riggi.jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.