March 29, 2017
An FBI alert issued this month warns the healthcare sector that cyber criminals have stepped up attacks targeting their file transfer protocol (FTP) servers.
According to the March 22 alert, “The FBI is aware of criminal actors who are actively targeting FTP servers operating in ‘anonymous’ mode and associated with medical and dental facilities to access protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass and blackmail business owners.”
While computer security researchers look for FTP servers in anonymous mode to conduct legitimate research, hackers are making connections to the unsecured servers that compromise PHI and PII and they configure the servers to store malicious tools or launch targeted cyber attacks.
The alert stated: “In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft and compromise by cyber criminals who can use the data for criminal purposes such as blackmail, identity theft, or financial fraud.”
This is the second time in six months that a government agency has warned the healthcare sector of cyber threats targeting FTP devices. In October 2016, the Department of Health and Human Services’ Office for Civil Rights issued a cyber awareness alert warning healthcare sector organizations about the importance of safeguarding network-attached storage devices and other gear that supports or enables FTP services.
At present, the FBI is recommending medical and dental healthcare entities request their respective IT services personnel to check networks for FTP servers running in anonymous mode. If businesses have a legitimate use for operating a FTP server in anonymous mode, administrators should ensure sensitive PHI or PII is not stored on the server.
Additionally, the HIPAA experts at PrivaPlan can provide a Risk Analysis as a remote or onsite project tailored to your needs. We handle the entire process and provide a detailed report of findings and Risk Analysis. Contact us at email@example.com or call 877-218-7707.