Just one phished moron brings down multiple healthcare systems; ditto IMHO for the city of Baltimore. Burning question: Who's next?

"…the hacker gained access…when an employee fell for a phishing email…"

Just one moron is all it took to bring down multiple healthcare providers! Just one idiot (see the story here). You don't just need "foolproof" email phishing/impersonation protection. You need one that's "damned fool proof." Is there such a vendor? 25% of the residents of Idaho would like to know (read my previous story here).

If I were a betting man, I'd put money on there being one "Moron Zero" working for the city of Baltimore as the phishee that brought down the whole city. Either their security vendor MXToolbox bit off more than they could chew (DMARC enforcement is set to "p=none"), or just as likely, they were phished through Microsoft Office (SPF.protection.outlook.com).

Also, in my humble opioion, Baltimore is just a dry run for an entire state government. California and its major cities of Los Angeles and San Francisco are wide open to phishing attacks. But my bet is on New York State and/or New York City, neither of which have any DMARC protection. Stay tuned.

Et tu, Baltimore.

Mad Max

#saukprariehealthcare #tahoeforesthealthdistrict #spartacommunityhospital #idahodepartmentofhealth #spectrumhealthlakeland #mxtoolbox #microsoft #microsoftoffice #microsoftoutlook


Popular Posts