Corporate Responsibility, Phishing, and Ransomware
August 25, 2020 | 8 minutes read
Magellan Health Care Suffers Breach
Magellan Health Care, based in Arizona, has notified a number of its employees regarding a data breach. For both employees and patients, there was an incident that compromised their personal data. Magellan Health is a Fortune 500 company that provides several health plans, pharmaceutical benefits, and other forms of managed health care. On April 11, 2020, the company realized that it had been a victim of a ransomware attack. Upon discovery, it was noted that the breach had occurred five days previously. The system was invaded through a social engineering phishing scheme that presented to them as a valid Magellan client.
Once the discovery was made, the company initiated an investigation of the breach. They hired a third-party cybersecurity forensics company with talented professionals to determine the details of the hack. These officials had determined that cybercriminals had accessed and exfiltrated data from a single server, which included personal data from both employees and patients.
Phishing
What is phishing, and how does it work? Phishing is a cybercrime in which criminals use lures to get individuals to provide sensitive information, like credit card numbers. Contact can be made to the victim in a variety of ways, email, telephone, or text message.
Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details and passwords.
The first person convicted of ‘phishing’ was a 14-year-old boy in California. The teenager had created a replica of America Online. Through his fake website, he accessed sensitive account information, including credit card details, that he then used to obtain cash.
Here are some common traits to look for from phishing types of communications.
- Unknown Sender – Always look at the details of the sender. If you receive communications from someone you do not know and trust, delete it immediately. If anything about an email or message seems uncharacteristic from a sender, you know, or is unexpected, suspicious, or any other thing that feels out of the ordinary, don’t click it.
- Too Good to be True – Many phishing lures contain lucrative offers. The sender will use attention-grabbing details and eye-catching photos; some may even mirror real web sites. These are designed intentionally to attract your attention or lead you into a false sense of security. If you receive notification that you have won a prize for a competition you have not even entered – remember that if it seems too good to be true, it probably is.
- Sense of Urgency – Cybercriminals will often present a sense of urgency in their approach. They may ask you to ‘act fast’ or offer a great deal only for a limited time. Another urgent-presenting method is threatening with an account suspension or other means that will require you to update your personal details. Remember that most businesses and other organizations no longer send emails or phone calls where they ask for personal information. If you are concerned, do not click the link, go directly to the company website through your browser, or even call it directly. Anytime you get these types of communications, it is better not to click on them but simply ignore them.
- Hyperlinks – If you are unsure of the source, don’t click on the links. These links may not be what they appear. If you hover over the link, it can show you the actual URL that you will be directed to, so use this to verify the site where you will be taken to. Be sure to check spelling as well; an example is that the link may appear legitimate, but perhaps an ‘n’ is replaced by an ‘r’ so that you may miss the detail that it had been misspelled. If in doubt, you can always reach the site directly without using the link.
- Attachments – Did you know that the only file that is always safe to click on is a .txt file? If you receive an attachment in an email that you are unsure of, don’t open it. Many times, these types of attachments will contain a virus or other payloads like ransomware. You always have the opportunity to check with the sender regarding the validity of any attachments.
- Unusual Details – It is easy to educate yourself on the different details included in an email. You can learn to identify the sender; an example would be if the sender presents you an email from Microsoft, and when you check the sending address, and it is not a Microsoft corporate account, don’t click!
Ransomware is a type of malware and a form of cryptovirology. Cryptovirology encompasses the field of study in which encryption or cryptography is used to design malicious software. These types of malware use a ‘public key’ contained within the malware, which gives access to the contents of the device or computer system. This public key allows for a one-way trap door to enter and control the contents of a system. This hack means that only the hacker can undo certain operations on the victim’s computer.
There are different types of ransomware. Some are quite simple, and when an expert reviews the system, it can be reversed. These types of ransomware lock up the system, which can be unlocked with knowledge of how these types of malware work. The second type of ransomware uses an encryption key, and without the key, it can be impossible to unlock the data to retrieve it. Advanced malware uses the victim’s extortion to take their money as payment to give them the key to their data. Many ransomware victims are expected to pay these funds in digital currencies or cryptocurrencies such as Ukash or bitcoin. In doing this, the payment and the perpetrator of the cybercrime are difficult for authorities to trace.
Privacy Legislation
Businesses across the globe are now required to follow some types of privacy legislation. The General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are two examples. Privacy legislation is critical as it requires businesses and enterprises to take responsibility for the personally identifiable information (PII) that their consumers entrust to them. These regulations require companies to be pro-active in their approach to cybersecurity and protecting personal data.
Even in the case of being hacked or breached by a cybercriminal, the company is still liable for any lost data. In California, the penalties for violating consumers’ privacy can consist of substantial financial penalties to the state and settlements for every citizen whose information has been victimized. Under the CCPA, penalties for loss of data through cybercriminal activity can carry class action lawsuits and up to $750 statutory damages for every Californian resident impacted. Knowing that these privacy regulations affect the bottom line and reputation of every business and enterprise, it is well worth the investment to find solutions to protecting consumer data. The answer is where redaction can be a solution to compliance.
Redaction and Data Privacy
Sanitization is a data process that removes sensitive data, such as PII, from documents or other forms of files. Redaction is one form of sanitization. Redaction is blacking out or deletion of text or data. Sanitization is a form of taking a classified document, removing any sensitive data, and leaving a lower classification record so that more individuals can access the remaining data.
Redaction allows for selective release of information by removing the identifying data. The redaction process means that some data is completely removed, leaving the remainder of the document to be handled or processed by employees or others who need to work with materials. Redaction can be the removal of data from records, pdfs, audio, or video. The process allows the remain data to be released to employees without certain access levels or even the public through the Freedom of Information Act (FOIA) requests. The purpose of redaction is to protect sensitive data from cybercriminals, breaches, or other malicious attacks. If the data stored in the system has been sanitized and PII is removed, then the loss of such data will significantly reduce the risk to those impacted.
CaseGuard has become a global leader in the redaction and privacy industries. Using CaseGuard redaction software is one way to protect a company’s reputation. A company that loses its reputation realizes that this can mean a loss of consumer trust and impact its bottom line. CaseGuard redaction software allows companies to defend themselves on a proactive basis.
Intelligent automated redaction software protects sensitive data from exposure and artificial intelligence, and machine learning techniques become more accurate with use. The automation features also save time by reducing employee staff-hours of handling redaction manually. Using a quality redaction software program designed to meet the needs of all forms of data within a business also saves money. By reducing the risk to reputation, consumer trust, and any penalties for violations, the company remains in compliance with privacy legislation.
Some of the additional features of the CaseGuard system allows for using the data, audio, or video better to expand the reach of the company’s message. With redaction software that can be used through an iPhone, a company can live stream events or company information through video on social media platforms. The software’s additional features extend the reach of the company’s message while protecting the privacy of individuals within the videos. The software application can also translate data into 28 different languages, expanding the company platform’s reach to more consumers. Captioning, transcription, and other video editing features are also included. Caseguard offers an all-in-one software system that can redact and edit video, audio, images, and documents in minutes.