Boston Healthcare Facilities Targeted by Spear-Phishing Attack and Other Threats

In 2021, FBI Director Christopher Wray spoke out about what he described as “one of the most despicable cyberattacks” he’d seen. It’s little wonder he used such choice words; he was talking about the attack that state-sponsored threat actors had waged against the Boston Children’s Hospital. While the attack was thwarted, it prompted the Cybersecurity Coordination Center of the Department of Homeland Services to release a white paper alert.

Let’s go over the situation, and see what we can learn from it.

In Summer 2021, a Planned Attack on Boston Children’s was Reported to the FBI

However, an existing relationship between the Bureau and Boston Children’s helped to expedite their response. The two had worked together previously in 2014 to stop a series of attacks that were the result of a protest.

This relationship allowed the hospital to successfully mitigate the threat—which was discovered to originate from Iran. According to the Cybersecurity Coordination Center, threat actors from Iran frequently attempt to spear phish their targets, researching them intensively and crafting their phishing messages for optimum efficacy, while also conducting DDoS attacks, stealing data, and messing with websites.

They’ve also been known to enter into agreements with countries including Russia and China to share information, making all three more dangerous as a result.

With the nature of these attacks, it’s not difficult for a bad actor to make minor adjustments and blanket them across a wider target, hitting businesses of all shapes and sizes with personalized attacks that have a very good success rate. This can blindside an organization that doesn’t provide ongoing cybersecurity training to its staff, as many workers just simply won’t see the signs of a threat.

How Can You Protect Your Business from Attacks Like These?

The first thing the Cybersecurity Coordination Center lists in their recommended mitigations is to train your users on how to spot attempted phishing and other forms of social engineering, and we have to say, we agree. Too many cybercriminals now actively choose to go after their targets by taking advantage of the user.

The Center also lists other defenses we’ve repeatedly gone on record about as well: network segmentation to limit the damage an intruder can do, comprehensive backups that are protected by both encryption and redundancy, the development of an incident response plan, and considerable access control standards where passwords and multi-factor authentication come into play.

Like We Said, We Agree with All of This…and Can Help You Implement It

Why wait until you have a cybersecurity issue severe enough to involve the FBI and the Department of Homeland Services when you can just turn to Datalyst? We’re here to help area businesses protect themselves and the data they need to operate. Give us a call at (774) 213-9701 to learn more about our services.