Shush Blog

This is a repost of the following article from TechCrunch

Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO

The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG).

The ransomware gang that hacked into U.S. health tech giant Change Healthcare used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication (MFA), according to the chief executive of its parent company, UnitedHealth Group (UHG).

Understanding Healthcare Ransomware Attacks

UnitedHealth CEO Andrew Witty provided the written testimony ahead of a House subcommittee hearing on Wednesday into the February ransomware attack that caused months of disruption across the U.S. healthcare system.

This is the first time the health insurance giant has given an assessment of how hackers broke into Change Healthcare’s systems, during which massive amounts of health data were exfiltrated from its systems. UnitedHealth said last week that the hackers stole health data on a “substantial proportion of people in America.”

Change Healthcare processes health insurance and billing claims for around half of all U.S. residents.

According to Witty’s testimony, the criminal hackers “used compromised credentials to remotely access a Change Healthcare Citrix portal.” Organizations like Change use Citrix software to let employees access their work computers remotely on their internal networks.

Witty did not elaborate on how the credentials were stolen. The Wall Street Journal first reported the hacker’s use of compromised credentials last week.

Importance of Multi-Factor Authentication in Healthcare

However, Witty did say the portal “did not have multifactor authentication,” which is a basic security feature that prevents the misuse of stolen passwords by requiring a second code sent to an employee’s trusted device, such as their phone. It’s not known why Change did not set up multifactor authentication on this system, but this will likely become a focus for investigators trying to understand potential deficiencies in the insurer’s systems.

“Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data,” said Witty.

Witty said the hackers deployed ransomware nine days later on February 21, prompting the health giant to shut down its network to contain the breach.

UnitedHealth confirmed last week that the company paid a ransom to the hackers who claimed responsibility for the cyberattack and the subsequent theft of terabytes of stolen data. The hackers, known as RansomHub, are the second gang to lay claim to the data theft after posting a portion of the stolen data to the dark web and demanding a ransom to not sell the information.

UnitedHealth earlier this month said the ransomware attack cost it more than $870 million in the first quarter, in which the company made close to $100 billion in revenue.

Discover the alarming trend of bank fraud where accounts are compromised through the use of mobile phone replacement SIM cards.

The Rise of Mobile Phone Replacement SIM Card Fraud

Mobile phone replacement SIM card fraud is a growing trend in the world of bank fraud. This method involves fraudsters obtaining a replacement SIM card for the victim's mobile phone without their knowledge or consent. With this new SIM card, the fraudsters gain access to the victim's phone number and can intercept any calls or messages intended for the victim.

The rise of this type of fraud can be attributed to the increasing reliance on mobile phones for various banking activities. Many banks now offer options for mobile banking, such as receiving transaction notifications and authorizing payments through SMS. This convenience also opens up opportunities for fraudsters to exploit vulnerabilities in the system.

Fraudsters use various tactics to obtain a replacement SIM card for the victim's phone. They may impersonate the victim and claim that their phone has been lost or stolen, or they may pose as a representative from the victim's mobile service provider and request a replacement SIM card for a different reason. In some cases, the fraudsters may even bribe or collude with employees of the mobile service provider to carry out the SIM card replacement.

Once the fraudsters have the replacement SIM card, they can effectively take control of the victim's phone number. They can receive any calls or messages intended for the victim, including one-time passwords or verification codes sent by banks for authentication purposes. With this information, the fraudsters can bypass security measures and gain unauthorized access to the victim's bank accounts.

ASB technology and operations executive general manager David Bullock explains how a common phishing scam works.

2 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

3 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

4 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

5 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

How Fraudsters Gain Access to Accounts

Fraudsters have developed various methods to gain access to bank accounts using mobile phone replacement SIM cards. One common technique is known as SIM swapping, where the fraudster contacts the victim's mobile service provider and requests a SIM card replacement. The fraudster may use social engineering tactics to convince the provider that they are the legitimate account holder.

Once the fraudster has control of the victim's phone number, they can carry out a range of fraudulent activities. They can intercept SMS messages containing one-time passwords or verification codes sent by banks and use them to access the victim's accounts. They can also make unauthorized transactions or transfer funds to their own accounts.

Another method used by fraudsters is phishing. They may send fake emails or messages to the victim, pretending to be from their bank or another trusted organization. These messages often contain links that lead to fraudulent websites designed to steal the victim's login credentials or other sensitive information. Once the fraudsters have this information, they can easily gain access to the victim's bank accounts.

Fraudsters may also exploit vulnerabilities in mobile banking apps or other banking systems. They may use malware or other malicious software to gain unauthorized access to the victim's device or intercept sensitive data. It is crucial for individuals to keep their mobile devices and banking apps updated with the latest security patches to minimize the risk of such attacks.

Impact on Victims and Banks

The impact of mobile phone replacement SIM card fraud can be devastating for both victims and banks. For victims, this type of fraud can result in financial loss, identity theft, and a significant amount of stress and inconvenience. They may find unauthorized transactions on their bank statements or receive notifications of changes to their accounts that they did not authorize.

Victims may also face challenges when trying to resolve the issue and recover their funds. They may need to contact their bank, provide evidence of the fraudulent activity, and go through a lengthy investigation process. In some cases, victims may not be able to recover their lost funds, especially if the fraudsters have already withdrawn or transferred the money to untraceable accounts.

For banks, mobile phone replacement SIM card fraud poses a risk to their reputation and customer trust. If customers feel that their accounts are not secure, they may choose to switch to a different bank or reduce their usage of mobile banking services. This can lead to financial losses for the banks and a decline in customer satisfaction.

Banks also incur costs associated with investigating and resolving fraud cases. They need to allocate resources to enhance security measures and educate their customers about the risks of mobile phone replacement SIM card fraud. This includes providing guidance on how to detect and report fraudulent activities, as well as implementing additional authentication methods to prevent unauthorized access to accounts.

Preventative Measures to Safeguard Your Account

To protect yourself from mobile phone replacement SIM card fraud and safeguard your bank accounts, it is important to take certain preventative measures. Here are some tips to consider:

- Keep your mobile device secure by setting a strong passcode or using biometric authentication.

- Enable two-factor authentication for your banking apps and services. This adds an extra layer of security by requiring a verification code in addition to your login credentials.

- Regularly monitor your bank accounts and review your transaction history. Report any suspicious activity to your bank immediately.

- Be cautious of unsolicited phone calls or messages asking for personal or financial information. Do not provide any sensitive information unless you have verified the legitimacy of the request.

- Avoid clicking on links or downloading attachments from unknown or suspicious sources. These could be phishing attempts.

- Keep your mobile service provider informed about any changes to your account, such as updating your contact information or requesting a SIM card replacement. This can help prevent unauthorized SIM swaps.

- Stay informed about the latest scams and fraud techniques. Educate yourself about the risks and how to protect against them.

Legal Actions and Consequences for Fraudsters

Mobile phone replacement SIM card fraud is a serious crime with legal consequences. If caught, fraudsters can face various charges, including identity theft, unauthorized access to computer systems, and financial fraud. The penalties for these crimes can range from fines to imprisonment, depending on the severity of the offense and the jurisdiction in which it is prosecuted.

In addition to legal actions, banks and law enforcement agencies work together to identify and track down fraudsters involved in mobile phone replacement SIM card fraud. They may conduct investigations, collect evidence, and collaborate with international authorities to dismantle criminal networks.

It is important for individuals to report any incidents of mobile phone replacement SIM card fraud to their local law enforcement agencies and their bank. By reporting these crimes, victims can help authorities gather information and build cases against the fraudsters. It is also crucial to cooperate with banks during the investigation process to increase the chances of recovering any lost funds.

By holding fraudsters accountable for their actions, society can send a strong message that mobile phone replacement SIM card fraud will not be tolerated. This can help deter potential fraudsters and protect individuals and banks from falling victim to these types of crimes.

Concerned about fraudsters impersonating banks over the phone? Tap into the potential of mobile network intelligence to combat fraud! 💪 Fraud continues to be a significant threat in the mobile landscape, siphoning off billions of dollars each year. But what if there's a secret weapon right at our fingertips? Adri Loloci, Senior Global Product Manager at Vodafone, and Dario Betti, CEO at MEF, delved into this topic at the Future of Mobile Summit. 🔹 Discover how real-time network data can put a stop to evolving fraud tactics, such as social engineering 🔹 Explore the effectiveness of APIs like Scam Signal in providing real-time protection for customers 🔹 Gain insights into establishing trust and enhancing security through collaborative innovation.

👉 Catch the recording: https://vdfn.biz/iEhX9w
👉 Learn more about Vodafone Identity Hub APIs: https://vdfn.biz/LtQAln

#MobileSecurity #FraudPrevention #NetworkIntelligence #VCS #Carrier #IdentityHub

2 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

3 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

4 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

5 An optional caption for the image that will be added to the gallery. Enter any descriptive text for this image that you would like visitors to be able to read.

Learn about the dangers of cell phone SIM card swaps and how to protect yourself from online threats.

Understanding Cell Phone SIM Card Swaps

WASHINGTON (7News) — 7News is asking a security question that deals with your cell phone. How did a Maryland woman lose $17,000 even though she had two-factor authentication on all her accounts?

We all know criminals have multiple ways to steal your identity, but 7News is sending out a warning. SIM card swapping almost cost Sharon Hussey of Bethesda, Md. thousands.

"It was absolutely stunning. My heart dropped to the floor,” said Sharon Hussey.

It all started when Hussey got an email thanking her for the purchase of a new phone at Verizon. Minutes later her contact information at Bank of America had changed.

The problem? She didn't do either transaction and had two-factor authentication on her accounts.

"And the bottom just kind of dropped out,” added Hussey.

She called Bank of America, but her cell phone was no longer active. An online attempt required a verification code her phone couldn't receive.

Within minutes, her $17,000 was gone.

 

 

"Initially, I didn't realize how big of a deal it was. I thought I had handled it on the first day by calling the bank, calling Verizon. Figuring things out,” said Hussey.

Hussey told 7News that Verizon said someone in California walked into one of its stores and purchased a new phone along with a new SIM card and used Hussey's current phone number to activate the new phone.

When the new phone was turned on Hussey's phone went dead.

 

Hussey used a landline to contact Bank of America, but it was too late. Her $17,000 was gone.

"And I have two-factor identification which ended up biting me in the face when it all came down to it. That was the thing that completely hijacked everything. They had complete control of my phone and there was nothing I could do about it,” said Hussey.

SIM card swapping has been around for the past four years, but security experts told 7News that the scale of this type of scam has recently skyrocketed.

"In 2021, roughly six times as many dollars were stolen through this as the years before,” said Alex Quilici, CEO of YouMail.

Quilici said the scam is simple.

"The bad guys convince the telephone company that they have the SIM for your phone number and the minute the phone company does the swap they are in control of your number,” said Quilici.

Scammers then use two-factor authentication through your cell phone to access your accounts.

"If you've been doing two-factor authentication everywhere to your mobile phone number, if someone else gets that mobile phone number they can authenticate as if they are you,” said Quilici.

Over the next three months, Bank of America denied her claim saying it can't be honored.

Eventually, the bank reversed its initial decision and refunded the $17,000.

Bank of America told 7News in an email:

"We take identity theft very seriously. We are always working to improve the experience knowing that resolving identity theft issues is a complicated process.

For future reference/stories, here’s the Zelle scam avoidance information I mentioned: Pay It Safe | Zelle (zellepay.com).

Naomi R. Patton

Media Relations, Bank of America"

Verizon said in an email:

"Verizon values the privacy and security of our customers. Whenever a case of potential fraud is brought to our attention, we work quickly to investigate and resolve the matter. Due to customer privacy laws, we cannot share specific information about this particular investigation.

You can learn more about sim swapping and other types of social engineering tactics employed by fraudsters here (plus tips on what folks can do to protect themselves): https://www.verizon.com/about/account-security/sim-swapping

Thanks,

Steve Van Dinter

Director, Local Area Communications"

 

Here are more ways you can better protect yourself from SIM card swapping.

"The number one thing is to make sure you get a PIN or a number porting PIN with your carrier. That requires a special code that hopefully only you have that needs to be given to the carrier before they do the SIM swap,” said Quilici.

Discover the details of the recent hacking incident involving Jack Dorsey's Twitter account and the implications it has for online security.

Background of the incident

In a recent hacking incident, Jack Dorsey's Twitter account was compromised. The incident took place on [date] and caused quite a stir in the online community. Jack Dorsey, the co-founder and CEO of Twitter, is a prominent figure in the tech industry, which added to the significance of the incident.

The hackers gained unauthorized access to Jack Dorsey's account and used it to send out a series of offensive and inappropriate tweets. These tweets were seen by millions of followers and caused a lot of confusion and concern. It was a clear violation of privacy and security, and it raised questions about the vulnerability of high-profile accounts on social media platforms.

Methods used in the hack

The exact methods used by the hackers to compromise Jack Dorsey's Twitter account have not been disclosed publicly. However, it is believed that they used a combination of social engineering techniques and exploiting security vulnerabilities in Twitter's systems.

Social engineering involves manipulating individuals to gain access to confidential information. It is possible that the hackers tricked someone close to Jack Dorsey or a Twitter employee into revealing sensitive account details or credentials. Additionally, they may have exploited a vulnerability in Twitter's systems to bypass security measures and gain unauthorized access to the account.

Reactions from Twitter and Jack Dorsey

Upon discovering the hack, Twitter took immediate action to secure Jack Dorsey's account and remove the offensive tweets. They also launched an investigation to determine the extent of the breach and identify the perpetrators. Twitter publicly condemned the incident and expressed their commitment to improving security measures to prevent similar incidents in the future.

Jack Dorsey himself acknowledged the hack and reassured his followers that steps were being taken to address the issue. He expressed concern over the incident and emphasized the importance of account security. Dorsey apologized for any confusion or distress caused by the offensive tweets and thanked his followers for their support during this challenging time.

Impact on online security

The hacking of Jack Dorsey's Twitter account has raised serious concerns about online security, especially for high-profile individuals and companies. It serves as a reminder that no one is immune to cyber attacks, regardless of their position or influence.

The incident highlights the need for individuals and organizations to prioritize security measures and take proactive steps to protect their accounts and sensitive information. It also underscores the importance of strong passwords, two-factor authentication, and regular security audits to identify and address vulnerabilities.

Furthermore, the incident has shaken public trust in the security of social media platforms. Users are now more cautious about the information they share online and are demanding better security measures from platform providers. This incident has prompted Twitter and other social media companies to reevaluate and enhance their security protocols to protect user accounts from similar attacks.

Tips for enhancing account security

In light of the recent hacking incident, it is crucial for individuals to take steps to enhance their account security. Here are some tips to consider:

- Use strong and unique passwords for all your online accounts. Avoid using easily guessable passwords or reusing the same password across multiple accounts.

- Enable two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a verification code in addition to your password.

- Be cautious of phishing attempts. Do not click on suspicious links or provide personal information to unknown sources.

- Regularly update your software and applications to ensure you have the latest security patches and bug fixes.

- Monitor your accounts for any suspicious activities and report them immediately to the platform provider.

By following these tips, you can significantly reduce the risk of your account being compromised and protect your personal information from unauthorized access.

Learn how to safeguard your valuable data from cyber threats with this comprehensive guide on cybersecurity.

Understanding Cybersecurity Threats

Understanding Cybersecurity Threats is crucial in today's digital landscape. Cyber threats are constantly evolving and becoming more sophisticated, making it important for individuals and businesses to stay informed and prepared. By understanding the different types of threats, such as malware, phishing, and ransomware, you can better protect yourself and your data.

One common cybersecurity threat is malware, which refers to malicious software designed to infiltrate and damage computer systems. Malware can be spread through infected email attachments, downloads from untrusted websites, or even malicious ads. It is important to have antivirus software installed and regularly updated to detect and remove malware.

Phishing is another prevalent cybersecurity threat. Phishing attacks involve tricking individuals into revealing sensitive information, such as passwords or credit card numbers, by posing as a trustworthy entity. These attacks often come in the form of deceptive emails or fake websites. It is important to be cautious when clicking on links or providing personal information online.

Ransomware is a type of malware that encrypts a victim's files and demands a ransom in exchange for the decryption key. This can result in the loss of important data and financial loss. It is crucial to regularly back up your data to prevent losing it to ransomware attacks.

By understanding these cybersecurity threats and staying informed about emerging threats, you can take proactive steps to protect your valuable data.

Implementing Strong Password Security Measures

Implementing strong password security measures is essential to protecting your data. Weak passwords can be easily cracked by attackers, compromising the security of your accounts and sensitive information. Follow these best practices to create strong passwords:

- Use a combination of uppercase and lowercase letters, numbers, and special characters.

- Avoid using common words or phrases that can be easily guessed.

- Use a unique password for each of your accounts.

- Regularly update your passwords to ensure maximum security.

In addition to strong passwords, consider enabling two-factor authentication (2FA) for an extra layer of security. 2FA requires users to provide a second form of verification, such as a code sent to their mobile device, in addition to their password.

By implementing strong password security measures and using 2FA, you can significantly reduce the risk of unauthorized access to your accounts and sensitive data.

Utilizing Secure Networks and VPNs

Utilizing secure networks and virtual private networks (VPNs) is crucial for protecting your data, especially when accessing the internet from public Wi-Fi networks or while traveling.

Public Wi-Fi networks are often insecure and can be easily intercepted by cybercriminals. Avoid accessing sensitive information, such as online banking or personal emails, while connected to public Wi-Fi. Instead, use a secure network or a VPN to encrypt your internet traffic and ensure your data remains private and secure.

A VPN creates a secure connection between your device and the internet by encrypting your data and routing it through a remote server. This helps protect your data from being intercepted or monitored by malicious actors. When using a VPN, choose a reputable provider and make sure to connect to trusted servers.

By utilizing secure networks and VPNs, you can significantly enhance the security of your online activities and protect your data from potential threats.

Educating Yourself and Your Team on Cybersecurity Best Practices

Educating yourself and your team on cybersecurity best practices is essential for maintaining a strong security posture.

Start by staying informed about the latest cybersecurity trends, threats, and best practices. Follow reputable sources, such as cybersecurity blogs, news websites, and industry reports, to keep up-to-date with the evolving landscape.

Regularly train yourself and your team on cybersecurity awareness. This can include topics such as recognizing phishing emails, creating strong passwords, and identifying suspicious online behavior. By empowering individuals with the knowledge and skills to identify and respond to potential threats, you can greatly reduce the risk of successful cyber attacks.

Consider conducting simulated phishing exercises to test the awareness and response of your team. These exercises can help identify areas for improvement and reinforce good cybersecurity practices.

By continuously educating yourself and your team on cybersecurity best practices, you can create a culture of security and minimize the risk of cyber attacks.

Backing Up Your Data Regularly

Backing up your data regularly is crucial for ensuring its availability and protection in the event of a cyber attack or hardware failure.

Choose a reliable backup solution that suits your needs, whether it's an external hard drive, cloud storage service, or a combination of both. Regularly schedule automatic backups to ensure that your data is consistently backed up without any manual effort.

It is recommended to follow the 3-2-1 backup rule: have at least three copies of your data, stored on two different storage media, with one copy stored offsite. This helps protect against data loss caused by hardware failures, natural disasters, or cyber attacks.

Regularly test your backups to ensure they are functioning correctly and can be restored when needed. Keep in mind that a backup is only effective if it can be successfully restored.

By backing up your data regularly and following best practices, you can minimize the impact of data loss and quickly recover from potential cyber incidents.

Discover the latest trends in fraud prevention and how the FTC is working to safeguard the public from significant financial losses.

Understanding the Impact of Fraud

Fraud is a serious issue that can have a significant impact on individuals and society as a whole. It involves deceit or dishonesty for personal gain, resulting in financial losses for victims. Understanding the impact of fraud is crucial in developing effective prevention and intervention strategies.

Fraud can affect individuals of all ages and backgrounds. It can lead to financial instability, loss of trust, and emotional distress. In some cases, victims may struggle to recover financially and may face long-term consequences. By understanding the impact of fraud, we can better protect ourselves and the public from falling victim to fraudulent schemes.

Common Types of Fraud Schemes

Fraud schemes can take many forms, each with its own methods and targets. Some common types of fraud schemes include:

- Identity theft: This occurs when someone steals another person's personal information, such as their Social Security number or credit card details, to commit fraud.

- Phishing scams: These scams involve tricking individuals into providing sensitive information, such as passwords or financial details, through fraudulent emails or websites.

- Investment fraud: This type of fraud involves misleading individuals about investment opportunities to steal their money.

- Impersonation scams: Scammers may pretend to be someone else, such as a government official or a family member, to deceive individuals into sending money or providing personal information.

By being aware of these common fraud schemes, individuals can better protect themselves and recognize potential warning signs.

FTC's Role in Combatting Fraud

The Federal Trade Commission (FTC) plays a crucial role in combatting fraud and protecting the public from financial losses. The FTC works to enforce consumer protection laws and regulations, investigate fraudulent activities, and educate the public about fraud prevention.

Through its various initiatives and enforcement actions, the FTC aims to hold fraudsters accountable and ensure that consumers are aware of their rights and protections. The FTC also provides resources and guidance to help individuals recognize and report fraud.

By actively engaging in combatting fraud, the FTC contributes to creating a safer and more secure environment for the public.

Effective Strategies for Fraud Prevention

Preventing fraud requires a proactive approach and the implementation of effective strategies. Some key strategies for fraud prevention include:

- Educating the public: Raising awareness about common fraud schemes and providing guidance on how to protect personal information can empower individuals to make informed decisions and avoid falling victim to fraud.

- Strengthening cybersecurity: Implementing strong passwords, regularly updating software, and being cautious about sharing personal information online can help prevent identity theft and other forms of cyber fraud.

- Verifying information: Before providing personal or financial information, individuals should verify the legitimacy of the request and the identity of the person or organization making the request.

- Using secure payment methods: Opting for secure payment methods, such as credit cards or payment platforms with fraud protection, can provide an additional layer of security when making online transactions.

By adopting these strategies and staying vigilant, individuals can significantly reduce their risk of becoming victims of fraud.

Collaborative Efforts to Safeguard the Public

Combatting fraud requires collaborative efforts from various stakeholders, including government agencies, law enforcement, financial institutions, and individuals. By working together, we can create a stronger defense against fraud and protect the public from financial losses.

Government agencies like the FTC collaborate with other organizations to share information, coordinate investigations, and develop policies and regulations that help prevent fraud. Financial institutions play a crucial role in detecting and reporting suspicious activities, while individuals can contribute by reporting fraud incidents and spreading awareness within their communities.

Through these collaborative efforts, we can build a united front against fraud and ensure a safer future for everyone.