In light of recent surges in cyberattacks targeting hospitals and health care providers, the Cooper Information Security team is providing you with key concerns and protective measures to best assist our health system’s cybersecurity. We ask that you remain vigilant, especially regarding emails, links, multifactor authentication (MFA) requests, and text messages, which are common channels for current attacks.
Key Concerns:
- Phishing Attacks: There’s an increase in phishing emails designed to trick recipients into revealing sensitive information or installing malware. These emails often appear legitimate, making it challenging to distinguish them from genuine communications.
- Ransomware Threats: Cybercriminals are increasingly using ransomware to lock access to critical systems and data, demanding payment for their release. Health care systems are particularly targeted due to the critical nature of their services.
- Data Breaches: Unauthorized access to patient data can lead to significant privacy violations and legal repercussions, affecting both patients and the health system.
- MFA Fatigue: Occurs when users are overwhelmed with numerous MFA prompts, often because of a cyberattacker’s repeated attempts to access an account. The attacker hopes the user, tired of the constant notifications, will eventually approve an authentication request, thus granting them access.
Protective Measures:
- Email Vigilance: Be cautious with emails from unfamiliar sources. Avoid clicking on links or downloading attachments.
- Secure Communication: Ensure that HIPAA and PII information is properly secured, stored, and transmitted through approved Cooper channels.
- Strong Password Practices: Use strong, unique passwords and change them regularly. Do not share your passwords with anyone and use a different password for each application or website. Consider using password managers to store, generate, and prevent repeated use of passwords.
- Reporting Suspicious Activity: The Cooper Service Desk and Information Security team are available 24/7. If you encounter anything unusual, or receive suspicious messages or MFA requests, report them immediately to the Service Desk at 856.668.7166 and to Information Security at infosec@cooperhealth.edu.
- Regular Updates: Ensure devices and software are updated with the latest security patches and recommendations.
Thank you for your attention and for your continued dedication to Cooper’s safety and security. If you have any questions or concerns, do not hesitate to reach out to Information Security at infosec@cooperhealth.edu. Your cooperation and vigilance are invaluable in this effort.