Current Trends in Impersonation Attacks and What to Do

In this interview, we discuss the current state of cybersecurity in health care with a specific focus on impersonation attacks, featuring Ryan Witt, Vice President, Industry Solutions at Proofpoint and Erik Decker, Vice President & Chief Information Security Officer at Intermountain Health.

Witt shares many of the learnings from Proofpoint’s healthcare customer advisory board where they learn about industry challenges and discuss solutions. He said that attackers particularly seek entry points through IT help desks, which the attackers contact while impersonating some doctor or other staff member. They can learn a lot about the person they’re impersonating on the web or from less legitimate sources and answer a lot of the typical questions IT staff ask to validate a caller.

Witt recommends looking through the organization chart to look for people that might be low-level and often forgotten, but who have access to sensitive information or systems and might be targetted or impersonated by attackers.

Decker mentioned some other tools to protect against help desk attacks and other types of social engineering. These tools include sending a code to a second device, scanning a government ID, and using third-party verification services. He advises learning an “adversarial mindset” in order to anticipate how attackers might get in.

AI comes up in the discussion, where both Witt and Decker point out that it can be valuable for designing security defenses. Witt goes so far as to say that AI may help defenders more than attackers. Decker mentioned the uses of AI to collect data and look for relationships, and to train people how to ask good queries of an AI chatbot.

Witt and Decker also talk about the tools designed by the HHS 405(d) program, with which Decker has worked on. As he describes it, their Cybersecurity Performance Goals (CPGs) cover the “basics” that everyone should start with. He calls the CPGs provide the “what to do” while the project’s Health Industry Cybersecurity Practices (HICP) provides the “how.”

Check out this interview to learn more from Decker from Intermountain Health and Witt from Proofpoint on the challenge that is impersonation attacks and some ideas on what can be done about them.

Learn more about Proofpoint: https://www.proofpoint.com/us

Learn more about Intermountain Health: https://intermountainhealthcare.org/

Listen and subscribe to the Healthcare IT Today Interviews Podcast to hear all the latest insights from experts in healthcare IT.

And for an exclusive look at our top stories, subscribe to our newsletter and YouTube.

Tell us what you think. Contact us here or on Twitter at @hcitoday. And if you’re interested in advertising with us, check out our various advertising packages and request our Media Kit.

 Proofpoint is a proud sponsor of Healthcare Scene.