Drex dives into the latest cybersecurity threats and risks targeting healthcare and critical infrastructure. We cover a new joint advisory from the US and Australian governments on Iranian cyber-attacks, how MFA push bombing is becoming a favored attack method, and the rising financial toll of ransomware on United Health Group. Plus, we discuss the US military's potential new program to enlist senior tech executives into the reserves.
Remember, Stay a Little Paranoid
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer
This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Hey everyone, I'm Drex. This is the Two Minute Drill, where I do three quick stories twice a week, all part of one great community, the 229 Cyber and Risk Community here at This Week Health. Today's Two Minute Drill is brought to you by ORDR, the Asset Inventory and Intelligence Company. Did you know that you can know everything about everything on your network?
Every vulnerability, every risk, every user. Everything in real time? Find out more at order. net slash healthcare. Thanks for joining me today. Here's some stuff you might want to know about. US and Australian authorities have issued a joint advisory about Iranian cyber thugs who've been using brute force to gain access to healthcare organizations and other critical infrastructure.
There's a lot of techniques for this. Thanks. One example is something called MFA push bombing, where the bad guys buy legit username and passwords from the dark web. And then they repeatedly try to log onto your system, hoping that the MFA requests to the end user, they just keep getting those notifications over and over and over.
that eventually it'll be enough to get them to approve one of those notifications, mostly just to shut their phone up. There's a lot of other techniques in use too. CISA makes lots of suggestions in the bulletin. You can find it at cisa. gov and you can read the story I've posted from TechTarget at thisweekhealth.
com slash news. The US military is looking for a few good tech execs. A new program under development would try to coax senior civilian tech and cyber execs into the reserves. If I'm reading the Wall Street Journal story right, the idea would replicate officer reserve programs like those used to pull surgeons and other senior physicians.
into every branch of the military's medical service as part time reservists by paying sign on and retention bonuses and giving them more senior officer rank right out of the gate. If it gets off the ground, it'll be an interesting experiment to watch, but the real question is, will you volunteer? And ransomware attack has gone up, again, United Health Group's Q3 earnings report says the estimated cost has risen from the Q1 estimate of 1.
6 billion to the new estimate of nearly 2. 9 billion, and there's still a lot of lawsuits pending. Today's Two Minute Drill was brought to you by Order. Do you really know who all your devices are talking to? You can. Bring some order to your enterprise. Find out more at order. net slash healthcare. That's it for today's two minute drill.
Thanks for being here. Stay a little paranoid. I'll see you around campus.