April 6, 2024 at 12:04PM
The U.S. Department of Health and Human Services warns of hackers using social engineering to target IT help desks in the Healthcare and Public Health sector. They gain access by enrolling their own MFA devices and using AI voice cloning. Similar tactics are used by the Scattered Spider threat group. Organizations are advised to implement security measures to counter these attacks.
Key takeaways from the meeting notes:
1. The U.S. Department of Health and Human Services (HHS) has issued a warning regarding hackers using social engineering tactics to target IT help desks in the Healthcare and Public Health (HPH) sector.
2. Attackers have gained access to organizations’ systems by enrolling their own multi-factor authentication (MFA) devices after tricking IT helpdesk staff.
3. The attackers use local area codes to impersonate employees in the financial department and provide stolen ID verification details, convincing helpdesk to enroll a new device under the attacker’s control.
4. Upon gaining access, they redirect bank transactions and initiate business email compromise attacks targeting login information related to payer websites.
5. The attackers may also use AI voice cloning tools to deceive targets, making identity verification harder.
6. The tactics employed in these attacks are similar to those used by the Scattered Spider threat group, which has targeted high-profile organizations and has been highlighted by the FBI and CISA.
7. To mitigate these attacks, organizations in the health sector are advised to implement callback verifications, monitor for suspicious ACH changes, revalidate users with access to payer websites, consider in-person requests for sensitive matters, require supervisor verifications for requests, and train help desk staff to identify and report social engineering techniques.
8. It’s noteworthy that although similar incidents have been reported, they have yet to be attributed to a specific threat group.
Let me know if you need further details or have any other questions.