Types of Cyber Threat Actors That Threaten Healthcare
- Cybercriminals
- Hacktivists
- Nation State Actors
- Cyberterrorists
- Script Kiddies
- Insider Threats
Top Attacks
Social Engineering: The practice of obtaining sensitive information by manipulating
legitimate users, often using the telephone or Internet.
Phishing: Mainly conducted through email spoofing and text messages, a common method
by which threat actors disguise themselves as a trustworthy entity with the intent to lure
many recipients into providing information such as login credentials, banking information,
and other personally identifiable information. Phishing is an example of a social engineering
technique.
Business Email Compromise (BEC): Emails designed to trick an employee of the target organization
into directly providing PII, credentials, etc. to cyber threat actors.
Distributed Denial of Service (DDoS): A DoS attack that originates from numerous machines
at once; can be controlled by a group of threat actors working together or be part of a botnet
acting under the direction of a single threat actor.
Botnet: A group of compromised devices that are coordinated by a threat actor; can be used
for distributed denial of service (DDoS ), spreading ransomware and malware, sending
spam, diverting traffic, stealing data, and/or more.
Zero-day Vulnerability/Exploit
Zero-day Vulnerability: A vulnerability that is not yet known by the vendor, and therefore has not been
mitigated by a patch.
Zero-day Exploit: An attack directed at a zero-day vulnerability.
Person-in-the-Middle (PITM) (also known as Man-in-the-Middle): A technique by which a threat actor intercepts
a communication between two parties, such as a victim and a web server, without the victim’s knowledge.
The ‘wares
Malware: Short for malicious software; any software or code designed to infiltrate/damage a computer system.
Wipers: Malware designed to completely wipe the hard drive of infected devices.
Adware: Short for “advertising software”; browser-based and application-based adware tracks and gathers user and device information, including location data and browsing history; can lead to exploitation of security settings, users, and systems.
Ransomware: Malicious software that restricts access to or operation of a computer or device, restoring it
following payment.