Latina Accent E Learning Narration - Informative - Knowledgeable for healthcare cyberattacks at a facility
Young Adult (18-35)
Spanish (Latin American - General)
Note: Transcripts are generated using speech recognition software and may contain errors.
In the world of cyber security. There's a saying that goes, you are the last line of defense when you work in health care. However, you are not the only last line of defense against cyber attacks. You can also be the last line of defense in life. You play a vital role in keeping people healthy, including awareness on the ongoing threats to privacy and security. Health care workers. Like you often have access to private health information, personally identifiable information, accounting data and other sensitive details, highly sought after by cyber criminals. That level of access is one of the reasons healthcare is one of the most targeted industries in the world. In fact, health care cyber attacks increased by nearly 75% over the last year globally. With that in mind, let's dive into how security awareness applies to you by working through a common example of how you might be targeted and why imagine you receive a phone call from someone claiming to be the company that manufactures the x-ray equipment at your facility. The caller states that the operating system needs a crucial update to protect it from being used as a back door by a cyber criminal. They also request that you provide them with the serial number for equipment and verify the current operating system. Pause. This scenario may not immediately raise your suspicions. The person on the phone is just asking for information. It's not like you're clicking on a fishing link. However, this is just as dangerous. Let's review what could happen if you provided the information. Cyber criminals use many forms of fishing scams which are common attack methods used to mislead people. In this case, you may have become a victim of voice fishing. A phishing attack conducted by telephone. This scam could allow the attacker to gain a back door into your facility's network by exploiting vulnerabilities in the equipment's operating system. Once inside the attacker will have access to private health information and personally identifiable information such as full names, addresses birth dates and national ID numbers with just a few pieces of sensitive data. They could compromise a patient's identity and open fraudulent accounts in their name. It might also set the stage for a ransomware attack. A type of malicious software that can completely disrupt the operation of an entire medical office or hospital ransomware encrypts networks including the data they store and holds them ransom until a large fee is paid. It is one of the most common and dangerous forms of malware in the world costing health care providers a staggering amount of money and in some cases, it can even be life threatening. Unfortunately, these examples are only a few of many fishing attacks. Cyber criminals have several effective methods in their toolkit to gain and abuse trust. They only need you to make a single mistake no matter the method you can avoid scams by slowing down and staying alert for common warning signs of phishing attacks such as threatening or urgent language, misspellings, suspicious links and unexpected attachments. Keep in mind these attacks are not limited to email or calls. Scammers leverage these same techniques via text messages and other platforms like social media. In all cases, skepticism is your friend. Of course, fishing isn't the only way you might be targeted. In fact, it's related to a much larger concept known as Social engineering. Social engineers attempt to exploit human psychology by convincing people to do something against their best interest. They accomplish this by creating elaborate stories designed to leverage emotions and human tendencies like natural helpfulness, reflective reactions and beer, which can shortcut rational thinking when successful people can be conned into things like downloading harmful software, sharing confidential information and providing access to secured areas. This is why it's so important to follow policies and utilize simple security awareness techniques. In both the physical and digital domains. You can do your part by locking computers and devices when not in use, never allowing someone else to use your credentials and by using strong unique passwords for all accounts. Additionally, never assume someone is who they claim to be and report anything suspicious immediately. The vast amount of information health care organizations collect and store means they will always be a valuable target for cyber criminals. Given the upward trend of ransomware and other attacks targeting those in this industry. It's vital to understand how security awareness applies to you and why you should prioritize it as a part of your daily routine.