HJAR Jul/Aug 2021

entity that is the victim of a cyberattack to immediately notify the FBI through one of our 56 field offices. That being said, we don’t wait ‘til we’re done with an investigation to launch a disruption operation or hand off informa- tion to partners. The imperative is action, while we continue to work toward attri- bution and a full picture of the threat. The disruption operation we ran against the Microsoft Exchange hackers is a great example. We surged to quickly investigate the intrusions and develop the predication to allow a judge to order a nationwide operation to remove mali- cious web shells from hundreds of victim networks. It wasn’t an endpoint for that investigation, just one step among many. Editor Some potentially dangerous emails are easy to spot, others not so much, and hackers are getting more sophisticated all the time. How can someone tell if an email is a pandora’s box? What do you do if you or one of your employees clicks through one? Cyber Task Force Below is an example of some steps that can be taken and does not include all IT best practices. We rec- ommend that if anyone receives an email that looks suspicious that they do the following steps: • Confirm authenticity before act- ing on a request to send money or sensitive information. • Verbally confirm emailed instruc- tions from vendor/supplier to change payment methods using verified contact number. • Carefully check sender’s email ac- count. • Require two-party sign-off on payments. • Train staff on BEC [business email compromise] and phishing threats and how to spot these attempts. • Save all emails/other evidence in case of BEC. In the event that someone does click on a link, we recommend you follow your company’s IT policy, contact your finan- cial institution immediately and file com- plaint with the FBI via www.ic3.gov . Editor How about phones — what are you seeing happening on these impor- tant devices? Are you seeing a differ- ence in security between iPhone and Android platforms? Cyber Task Force Due to FBI policies regarding endorsements, we don’t speak about private companies and their products. Editor Backups are important in the IT world, but we are told these, too, can be hacked and ransomware inflicted. What is the “gold standard” in back- ing up? Cyber Task Force Backups are key in resto- ration from most cybersecurity attacks, including ransomware attacks. The best defense against ransomware is schedul- ing regular data backups on drives not connected to the network. Off-site back- ups are ideal. You should routinely verify the integrity and security of these back- ups. Data backups can be used to restore a system without paying the ransom. Editor Working remotely and telehealth have introduced us to the “Zoom call” world. Are these calls safe from an IT perspective? How can you tell if you are being recorded, and what, if anything, should we be wary about with Zoom or similar calls? Cyber Task Force Again, due to FBI poli- cies regarding endorsements, we don’t speak about private companies and their products. Editor I hear there is a “code among thieves” where the healthcare indus- try, or some elements of it, are “off lim- its” in some hackers’ minds. How is this bearing out? Cyber Task Force We have observed that cybercriminals continue to exploit the COVID-19 pandemic. Threats observed include: • Ransomware. • Phishing, using the subject of coronavirus or COVID-19 as a lure. • Malware distribution, using coronavirus- or COVID-19-themed lures. • Registration of new domain names containing wording related to coronavirus or COVID-19. • Attacks against newly — and often rapidly — deployed remote access and teleworking infrastructure. • These actors are taking advantage of human traits such as curiosity and concern around the pandem- ic. We encourage everyone to fol- low best security IT practices. If you receive an email or a link that looks suspicious do not click on it. If you have been the victim of a cybercrime or have observed suspicious cyber activity, please report it to the FBI via www.ic3.gov . Editor What keeps FBI cyber task force members up at night? Cyber Task Force We are most concerned about threats to our nation’s critical infrastructure, which threaten public health and safety as well as our eco- nomic and national security. FBI Little Rock’s Cyber Task Force (CTF) is passionate about providing outreach to the Arkansas community in the form of cybersecurity outreach, interviews, presentations and giving best practice information to keep Arkansans informed and safe from cyberattacks. Our CTF also works tirelessly to iden- tify, pursue and defeat cyber adversaries domestically and abroad. We are proud do this with the help of our partners in the private sector, citizens in the com- munity and law enforcement (local, state and federal). Editor Thank you and the entire cyber task force team for what you do to protect us. Cyber Task Force Thank you for your time in covering this important topic. n 12 JUL / AUG 2021 I  HEALTHCARE JOURNAL OF ARKANSAS   DIALOGUE