recommended reading

Threatwatch

FBI Warns Doctors, Dentists Their FTP Servers Are Targets

Network intrusion

Health care organizations that use anonymous file transfer protocol servers need to be on guard, according to a recent FBI cyber bulletin.

Attackers are trying to access files on anonymous FTP servers to find sensitive information—personal or health oriented—to “intimidate, harass and blackmail business owners,” the bulletin said. Not only could attackers mine the servers for data, they could plant malware for future schemes.

Anonymous FTP servers allow people access to files without authentication or by using generic user names and passwords. Generally, sensitive data shouldn’t be stored in them anyway, but security isn’t always a business’ primary concern. Smaller medical and dental companies often run older, and potentially poorly secured, technology, Dark Reading reported.

The bureau recommends organizations’ IT staffs identify any anonymous FTP servers on their networks and determine whether they should still be used. If so, the staffs should make sure no sensitive information is housed within them.

sector

Healthcare and Public Health

reported

March 27, 2017

reported by

Dark Reading

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

2017/03/22