About

TechNation is the primary monthly magazine and ultimate resource guide for over 12,000 medical equipment service professionals. Its diverse editorial and information helps biomedical, HTM, imaging and I.T. professionals keep their finger on the pulse of the healthcare technology community, helping advance their careers and further their profession.

Cut, Coag, and Compliance: A Practical Guide to Electrosurgery Testing | April 29
TechNation.TV | HTM Jobs | Right to Repair | Advertise
Subscribe

Cybersecurity: Virus vs. Virus

4 Mins Read

By Joseph E. Fishel, CBET, MBA

Growing up I read Mad magazine. One of my favorite cartoons was Spy vs. Spy. It was a wordless comic strip. One Spy was dressed in white and the other Spy wore black. One was supposedly good and the other evil. It was easy to identify which Spy was which. Sometimes one Spy won and the other lost. For the past year and a half, I have been writing about viruses in the network and computer world. I have been trying to help identify the good from the bad. The good is what you can do to limit your exposure. The bad is what they can do to your systems should they get in.

In recent months, we have had a different virus to deal – COVID-19. I hope that by the time this is published, we will be coming out of this pandemic. This biological virus has pulled assets, finances and visibility away from the electronic world, but attacks haven’t stopped. It opened the way for cyberattacks to increase with everyone’s attention drawn away. In the news, we heard that several hospitals had their networks/servers held ransom during this critical time of treating and diagnosing patients. Being unable to see patient results, they could not treat patients. This put lives at risk and ransoms were probably paid.

Many ask how could this happen? Some say this can’t or couldn’t happen to us, we have firewalls, virus protection, access control lists and so on. Many working remotely found out their computers and files all of a sudden were being held ransom as well. In desperation, hospitals were looking for equipment to meet the threat. Hospitals were hit with emails about ventilators, monitors and IV pumps for sale as well as COVID-19 reports with information about the virus. Many of these were Phishing emails. During this time, they increased and amid an atmosphere of urgency many were accepted because they looked legitimate.

Some even looked like they were from within one’s own organization. An example of this was one I saw that stated since you have been so busy treating patients we went out and arranged a Mother’s Day special discount with XYZ Florist. Another was an advertisement for medical equipment from companies I had never heard of before.

These fake emails are called Phishing emails. So, how can you tell if they are real or fake?

  1. The message is sent from a public email domain. No major legitimate organization will contact you from an address that ends in “gmail.com, hotmail.com or YAHOO.com.” When I received emails offering ventilators at fire sale prices from companies, I searched the companies to see if they had an Internet presence. A very primitive website or only a paragraph saying what they do is a sign to use caution.
  2. The domain name is misspelled. Often this is the addition of a letter or substituting a letter such as an N for an M. Quite often people are confused by the .IRS suffix because it looks legitimate, but it should be IRS.gov. Hackers can buy a domain name and try to have it similar to a legitimate business.
  3. The subject line often has a sense of urgency. This is your Last Notification, Urgent, Final Notice. Limited supply of COVID-19 ventilators. Sound familiar? It’s to get your attention away from being focused and rattle you into thinking you are in trouble.
  4. How is the sentence structure in the email? Are words misspelled? Does it use wrong words such as “their” for “there” or “are” for “our”? Often the wording doesn’t contain the words we normally use. This is a clue that the email probably isn’t legitimate.
  5. Does it contain attachments or links? Phishing emails contain attachments. When opened, they take you to a site where the hacker has malware or a virus waiting to infect your machine and take control. Remember you chose to go there. The computer follows instructions. Virus protection may stop you with a message suchs as “Are you sure you want to open this site?” and when you select “Yes” it acknowledges that you know what you are doing.

When receiving an email from an unknown source, look it over for any of these signs. If you have a SPAM detection department at your organization you should send it to them to see if it is a legitimate email.

Joseph E. Fishel, CBET, MBA, is a Healthcare Technology Systems Manager for Sutter Health eQuip Services.

Share.

Related Posts

Add A Comment

Leave A Reply

X