PROCIRCULAR BLOG

Educating your business on the importance of cybersecurity

Staying Vigilant Against Cyber Threats in Healthcare

Posted by ProCircular Team on Aug 2, 2024 12:12:52 PM

Recently, the American Hospital Association warned that Black Basta, a known ransomware group, would be accelerating attacks within the healthcare sector. The group gained notoriety for their sophisticated attack methods and high-profile targets and typically operates by infiltrating a network, exfiltrating sensitive data, and then encrypting the victim's files.

Healthcare organizations can stay vigilant against threat actors by adopting a comprehensive cybersecurity strategy that incorporates regular testing and 24/7 monitoring. ProCircular also recommends the following:

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Network Security, Data Breach, Information Security, Data Security, Data Protection, Security Awareness Training, healthcare, hacking, Passwords, risk, Ransomware

Cybersecurity Challenges for Trucking in 2024: Mitigating Risks on the Road

Posted by Aaron R. Warner on May 8, 2024 12:43:45 PM

Buckle up, truckers! Trucking is the industry that keeps America rolling, and it's in the middle of a digital revolution. From high-tech ELDs to AI-powered cameras and internet-connected trailers, the way we haul goods is evolving at breakneck speed. In the interest of safety (and profit) most trucks now have or will soon get AI cameras for things like distracted driver, cell phone detection, gyro events, etc. But alongside these advancements lurks a hidden adversary – hackers.

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Incident Response, Security Awareness Training, Ransomware, Transportation, Trucking, MFA

Top 5 Business Roles Targeted by Cyber Attacks and How to Mitigate Risks

Posted by Aaron R. Warner on May 8, 2024 11:55:45 AM

Cybercriminals in today's digital landscape employ sophisticated tactics to infiltrate organizations and steal valuable data. Specific business roles within companies often become targets of cyber attacks due to their access to sensitive information or ability to influence decision-making. These roles are also usually visible and known individuals in the public, and harvesting information can be used against them. It is much easier than going after the paranoid I.T. Guy!

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Data Breach, Data Security, Data Protection, cybersecurity plan, Ransomware

Rolling the Dice on Cybersecurity: Lessons from the MGM Breach

Posted by Jake McGreevy on Oct 18, 2023 11:17:58 AM

You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.

What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?

Read More
0 Comments Click here to read/write comments

Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering

Legality of Ransom Payments

Posted by Aaron R. Warner on Feb 1, 2022 3:44:30 PM

As clients begin to recognize and prepare against the threat of ransomware attacks, one tricky question keeps coming up. Is paying a ransom “illegal yet?”. No company is champing at the bit to make unplanned payments, especially not to potential terrorists on the OFAC list, but the legality of the matter depends on a few factors. *Please note that ProCircular does not provide legal advice, rather, we disseminate guidance from the top legal authorities.

As a cybersecurity professional and business owner, I keep a close eye on the everchanging recommendations surrounding ransomware attacks and incident management. I found the following document to be one of the more up-to-date (at least by government standards) and straightforward pieces available on the topic. Here's the short version:

“In the context of hostage-taking, for example, DOJ clarified in 2015 that it “has never used the material support statute to prosecute a hostage’s family or friends for paying a ransom for the safe return of their loved one.”67

Basically, there is a low likelihood of prosecution for making ransom payments, even when it is paid to a known threat actor on the OFAC denied persons list. I would only expect to see legal action taken if a very large company went through with the payment while it was expressly illegal. Even then, the punishment would be intended to make an example rather than punish the victim.

Read More
0 Comments Click here to read/write comments

Topics: Incident Response, Ransomware

All posts
  • There are no suggestions because the search field is empty.

ProCircular is a Full-Service Information Security Firm

We are passionate about helping businesses navigate the complex world of information security, and our blog is another great source of inforamtion. We can assist you no matter where you are in your security maturity journey:

  • Breached or hit with ransomware?
  • Don't know where to start? 
  • Looking to confirm your security with a third party?

Secure your future with ProCircular.

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates