Russian cyber criminals target LVHN with ransomware attack

Lehigh Valley Health Network is reporting that it was the victim of a ransomware attack. 

The attack came from a cybersecurity ransomware gang called BlackCat, which is associated with Russia. 

In a statement, health network President and CEO Brian Nester said that the attack has not impacted hospital operations to date. 

Based on an initial analysis, the attack was made against a network supporting a physician’s practice in Lackawanna County. 

According to LVHN, it detected unauthorized network activity on Feb. 6 and immediately launched an investigation and notified law enforcement. 

While the health network said the investigation is ongoing, at this point it is believed that it targeted patient images for clinical radiology oncology treatment and other sensitive information. 

BlackCat demanded the health network pay a ransom, but LVHN refused.  It said it is aware that the gang has targeted other institutions in the health care and education sectors. 

The health network said it is working with its cybersecurity experts to evaluate the information involved and will provide notice to any patients impacted by the attack. 

Is your company’s data safe? If you’re not sure, it’s time to check

Lehigh Valley Business’ Feb. 24 Cyber Technology Webinar featured Michael Hawkins of Netizen Corp., Clinton Eppleman of Morefield Communications, Anthony Cartolaro of Weidenhammer and Travis Lenker of BlackCSI.

It may be time to reevaluate your business’ cyber security protocols, but according to a panel of area experts, you could already have access to many of the tools to make your network that much safer.

This week, four IT experts joined the Central Penn Business Journal in its Cyber Technology Webinar to discuss the technology that helps Pennsylvania’s businesses operate effectively and what firms should be doing to protect their data in the age of remote working.

The abrupt move to working at home as a result of the COVID-19 pandemic led many businesses to shift to remote working within days, and while many firms may have invested in steps to protect their data, the risk of a data breach is higher than ever.

“The potential risk that a breach would bring to the business not only affects your customer, but the company’s reputation and, frankly, our society is becoming much more increasingly cyber aware,” said Anthony Cartolaro, vice president of digital platforms at Philadelphia-based digital strategies and technology solutions firm Weidenhammer.

Michael Hawkins, CEO of Allentown-based Netizen Corp., said that for small businesses that don’t have a big cyber security budget, the basics go a long way.

Educating staff on who they share their information with, making sure that technology in the office is configured properly and staying up to date on software updates across the network are all accessible ways to secure a firm’s network.

“We have embraced a culture of working anywhere at any time and having that access is an additional burden for organizations to secure,” said Cartolaro. “Oftentimes, what would have been a reasonably secure policy for working in the building became lax so employees could install what they needed on their laptops.”

Doing more to protect the data of your firm and its clients could be as simple as reviewing the software you already to see if there are security features built in that are not being used.

Companies like Microsoft and others offer features that can improve a company’s security but may not be activated. Fr example, Microsoft’s Office 365’s mobile device management, allows staff to access corporate data safely through a personal phone.

Clinton Eppleman, team lead and IT professional services and senior systems Engineer at Gettysburg-based Morefield Communications, said that the same can be said about the many communications platforms that businesses have adopted.

“If you look at the feature charts for tools, a lot of times these premium tools have security features to allow us to communicate and work remotely effectively,” he said, adding that some of those features may come with an upcharge.

While companies like Microsoft and Zoom offer the tools to secure a firm’s network, Cartolaro said the tools are not foolproof. It’s up to an organization to build a strategy around those tools, he said.

If a firm is unable to do that for themselves, it may be time to seek outside help, said Travis Lenker, director of managed services at BlackCSI in Mechanicsburg.

“All of these things we are talking about can be offered as a suite of services and provided to you on a monthly, budgetable basis,” Lenker said.

Even businesses with a dedicated IT staff may need to look into hiring a managed services provider to help with the influx of tickets coming from across the organization, he said.

In the work-at-home landscape, a strong cyber security plan won’t just help protect a firm against potential attacks and the legal fees that follow, but is also a great selling point to clients, said Cartolaro.

The panelists also stressed the importance of good cyber security insurance with Hawkins noting that someone shouldn’t wait until a fire happens to work with the fire company.

“I wouldn’t say your risks are so great that you should be scared in your boots that you need cyber insurance today, but you need to think about that cost and what it can do to your business,” said Lenker.

Netizen Corp. adds to its executive team

Akhil Handa


Allentown-based cybersecurity firm, Netizen Corp. has named Akhil Handa as its new chief operating officer.

Experienced as a senior executive in the federal and defense markets, Handa has had leadership roles and has worked in cybersecurity engineering and management.

He will oversee company operations, strategic relationships and solutions engineering based out of the firm’s Washington, D.C. office.

Other leadership changes at the firm include the promotion of Doug Ross to chief strategy officer. He was previously Netizen’s director of business development. Before joining the firm he was president and founder of SPARC LLC and Morgan6 LLC, where he earned more than $1 billion in federal contracts.

He will be based out of Netizen’s Charleston, South Carolina office.

Emily Dietrich Withmer has been promoted to director of human resources and legal affairs. Previously Netizen’s administration officer, Withmer has been an attorney since 2001. She will be based out of Netizen’s Allentown headquarters.

Penn State Lehigh Valley to offer degree in cybersecurity

In response to a growing demand for cybersecurity professionals, Penn State Lehigh Valley in Center Valley is launching a new four-year degree program in the field.

The school said that cybercrimes cost organizations an average of $13 million per year and the number of security breaches has grown by 11 percent over the last year.

A Bachelor of Science degree in cybersecurity analytics and operations (CYAOP) will be offered starting fall 2020.

“A degree in cybersecurity from Penn State Lehigh Valley will provide our students a desired skillset that is in high demand at the professional level. They’ll be able to take advantage of the numerous internship and job opportunities in the Lehigh Valley and Philadelphia areas,” said  Dan Jalosinski, information security and risk analysis analyst at Johnson and Johnson who is a 2020 PSU-LV alumnus with a degree in information sciences and technology.

The program is offered through a University College Statewide Consortium with Penn State Beaver, Brandywine, Greater Allegheny, Lehigh Valley, Schuylkill, Shenango and York. Six focus areas allow CYAOP students to create a custom application sequence for further study.

These focus areas include Application Development, Geopolitics, Law and Policy, Economics, Health Care and Custom Application.

“A degree in cybersecurity prepares students with hands-on technical cyber defense strategies, risk management and data-driven cybersecurity experience,” said Tina Q. Richardson, chancellor of Penn State Lehigh Valley. “Graduates of the program enter a profession with great salaries, flexibility and high levels of job satisfaction.”

Manufacturers face increasing potential for cybercrime, expert says

While cybersecurity is an issue of concern for all companies, manufacturers face a considerable challenge in potentially having their whole production operation shut down because of a hacker. (PHOTO/THINKSTOCK) –

While cybersecurity is an issue of concern for all companies, manufacturers face a considerable challenge in potentially having their whole production operation shut down because of a hacker.

That’s one major reason why manufacturers should take action to educate themselves and prevent threats from doing damage, according to a local expert.

“Industrial systems have become the focal point of cybercrime,” said Alex Greenzweig, lead SOC engineer and penetration tester Netizen Corp., a computer security firm in South Whitehall Township. “They can take down a whole production facility, like that, if they get in.”

On Wednesday, Greenzweig provided a presentation on “Cybersecurity and Industrial Control Systems” as part of the Manufacturers Resource Center’s breakfast and learn series.

With more sophisticated technology that manufacturers use to operate their facilities, that means more of these controls could be open to hackers.

The source of the break-ins could be state or nation-sponsored hackers, including those from any country looking to take down the U.S., including potentially Iran, Russia or China, or any malicious insider or whistleblower looking to do harm, he added.

Naturally, one of the barriers manufacturers face in having more secure operating systems is the cost.

Cybersecurity programs are expensive and the software could cost as high as $30,000 per year, he added.

However, the downside to not having a more secure system is the estimated $4 million to $10 million cost in damages that hackers do when breaking into the system and stealing data or shutting down operations, according to Greenzweig.

“Most companies pay that to overcome a cyber-security breach.”

And potentially, when companies get breached, particularly small ones, they’re out of business.

What leads to companies and manufacturers in particular to experience these attacks?

Two main elements are resource disparity and the outsourcing of more data to the cloud, he said.

Many of the devices manufacturers are using to power their facilities have open protocols, which makes them more vulnerable to attacks. Furthermore, smaller companies, in particular are unable to secure their infrastructure.

By next year, cyber security is estimated to cost the global economy up to 6 trillion, he added.

While no companies are 100 percent secure, there are ways to protect infrastructure, such as making sure to scan for open ports on devices and closing them. It also helps to run a vulnerability scanner and perform a penetration test, which involves hiring a third party to test the system so the company gets a true, honest report, he said.

Another strategy is to make sure computer numeric controlled (CNC) machines are separated from the corporate network so they are not directly connected to the internet.

“Build a culture of security,” Greenzweig said. “A lot of times you have to get everyone on board. Do workforce training campaigns.”

Companies should also perform monitoring and auditing of their systems and do a risk assessment, as well as have a backup server for data storage.

Planning for a breach is helpful as is collaborating with industry, academia and the government to gain new knowledge and insights on cybersecurity advances, he added.

“A hacker goes for the most easy target,” Greenzweig said.

Phishing emails, which are emails sent by a hacker disguised as legitimate emails, are often a way for hackers to get into a system to send malware or gain access to data, particularly for small to midsize companies.

A helpful hint is to always check the email address to ensure it’s accurate.

As a relatively new crime, cybercrime has also helped spark the emergence of cybersecurity insurance as a more prominent role in managing the loss of a data breach and helping with the recovery process.

Chip Buck, an insurance and risk management advisor for HMK Insurance, Hanover Township, Northampton County, gave a presentation on how cybersecurity can help manufacturers, while acknowledging its “Wild Wild West” nature for a sector of the insurance industry.

“The language they are using is not standardized, every carrier writes their own policy,” Buck said.

Many times, the language of the cybersecurity policy is outdated, he added.

“All of the policies out there are written by individual companies,” Buck said.

The catastrophic cost of a data breach is one reason to buy cybersecurity insurance, since a company has to tell the world it experienced a breach, and that will affect future business, he added.

The cost for this type of insurance starts at about $1,000 per year but depends on the type and size of the business.

Cybersecurity insurance is a classic case of “a new and breaking product,” he added.










A conversation with Michael Hawkins of Netizen Corp.

Michael Hawkins – Submitted

Michael Hawkins, 37, is CEO of Netizen Corp. in Allentown. He founded the company in 2013.

Hawkins, a U.S. Army veteran, previously worked for federal agencies including the Departments of Defense and Veterans Affairs, leading developers, testers and analysts in the engineering and security of health-related systems and applications across the nation.

He has a degree in computer science and business administration from the University of Maryland.

Outside of work he enjoys working with technology and cybersecurity, reading non-fiction novels, and creating and developing new software.

He also has a strong interest in aeronautics and astronautics. He participates in amateur rocketry.

LVB: What have been some of Netizen’s biggest challenges and opportunities? What are some of the perks of being a veteran-owned business?

Michael Hawkins: We’ve had great experiences with the Lehigh University SBDC/PTAC and LVEDC/AEDC organizations. Outside of that, it seems there is little real support in the area for businesses that aren’t developing apps or manufacturing products, for example. Companies that are predominantly service-based, though they are the chief engines of job creation in the country, are looked down upon even by state-funded venture organizations and incubators in the area whose primary mission is, ironically, to create more jobs. A lot of institutions in the area also don’t understand our primary market, the federal government, so it is hard to get places like banks to understand how we operate.

As far as opportunities, the biggest ones for us lie in our expansion into the commercial and defense sectors with products to help companies and federal agencies manage their cybersecurity risks more effectively.

One of the perks, if you will, of being a veteran-owned business, besides set-asides for government contracts, is the sense of camaraderie you get with other veteran-owned enterprises. We are a community that supports one another, generally, and like to see each other succeed. We understand the sacrifices each has made in their lives, and, as such, we give back to the community and fellow veterans as much as we possibly can.

LVB: What is your guiding philosophy as a business leader?

Hawkins: I have two – one is “give first” and the other is, simply, “proceed as if success is inevitable.” Give first, which I learned from a TechStars program called Patriot BootCamp I participated in life, promotes the free and open exchange of ideas, information, experience and advice with no expectation of anything in return. It has been one of our defining mantras at the company. The other philosophy, “proceed as if success is inevitable,” is one which has helped me through the lean times early in the company’s life – it is designed to motivate someone to push through the difficult parts of entrepreneurship, as too many people simply give up when the going gets tough.

LVB: What have been some of the most notable projects that you’ve completed on a local level?

Hawkins: We support a number of large customers in the region – ones that have been in business for decades or longer and are well known across the nation or world. We also support small and midsized companies across the area and beyond. Each project, in its own way, is “notable” to us. I will say, however, that supporting Lehigh Carbon Community College programs and scholarships has been one of the most rewarding and fruitful parts of our community outreach programs.