Joan works at a small, local manufacturing company; her company makes highly specialized chemical testing sensors used in various applications all over the world. Joan’s job is to process orders and make sure that the products are shipped out to the customers on time. She loves her job and would never do anything to jeopardize losing it.

Bob runs a company working on a very large and competitive government services bid. After combing through the numbers and settling in on a rather aggressive proposal, he feels good about winning the business and starting a relationship with the government facility being built in his area. He’s fine with breaking even on this deal, knowing there will be more business in the future. The bidding process requires physically sealed bids that are certified and opened at the same time, so he’s confident that his strategy won’t be known by the competition. Four weeks later, Bob is notified that the business was awarded to a competitor with a bid very similar to his own but lower by fifty bucks. Since it was a government bid, Bob goes out to the site to review the winning proposal and to learn from the near miss. The winning bid had identical language from his proposal, with only a few words and numbers changed here and there. How is that possible? Somebody would need to have seen the classified proposal.

It is a warm summer day and the ice cream shop down the block sends out a coupon link for 50% off a pint of your choice to your office. The coupon link comes from the reception desk email from your office building. To receive the offer, you click the link and pull it up on your phone’s mobile browser to show it at the register. How many of your staff are going to question whether it’s legitimate? How long until the ice cream shop clerk says it’s not legitimate? By the time word spreads of the scam, employees have opened a malicious link that can lead to a network breach.

In this series, CCI Systems (Blue Team), and partners FRSecure (Red Team), will uncover the top five most common ways the healthcare industry and other organizations are being attacked by hackers and what you can do to help stop attacks before they mitigate. Our partners FRSecure will discuss what the attack vector is, what specifically attackers do within that vector to achieve a compromise, and some examples of those attacks and stories within the healthcare industry. CCI Systems will explain how to avoid being compromised using that vector—how to protect yourself and mitigate the risk of falling under the same trap.