Cyber Security Today: Ransomware hits college, phishing hits medical billing company and email security of politicians questioned

Ransomware hits college, phishing hits medical billing company and email security of politicians questioned

Welcome to Cyber Security Today. It’s Monday July 15th. I’m Howard Solomon, contributing reporter on cyber security for To hear the podcast click on the arrow below:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

New York City’s Monroe College is the latest organization to be publicly-identified as being a victim of a ransomware attack. According to news reports, the college faced a demand for the equivalent of $2 million in bitcoin to get back encrypted data. As of Friday morning, when I recorded this podcast, the the college’s main web site was still down. However, classes were still being held and ways of helping students who are taking online classes get and submit assignments were being worked out. Most experts recommend organizations shouldn’t pay ransoms, but if they aren’t prepared for an attack it’s hard to resist.

A U.S. company called Nemadji that provides billing and other services to hospitals and clinics in several states has acknowledged being the victim of a data breach in March. A company employee clicked on a link in an email and fell for a phishing scam. The good news is most of the information in the employee’s mail was encrypted. The bad news is that also in the mail were encryption keys for the employee. With that the attacker could read anything. Looking at files the company realized the attacker could have accessed names, dates of birth, social security numbers, insurance numbers and medial diagnostic codes. According to one news report personal information on over 14,500 patients could have been exposed. It isn’t clear how the encryption key was in the email, except perhaps this means the IT department emailed the employee his password or the equivalent. Whatever, it’s bad.

Electioneering is going full blast in Canada, where a federal election is scheduled for October, and in the U.S., where candidates are campaigning for party nominations for next year’s elections. But a report by an American security company is a warning that campaigns anywhere still aren’t buttoning down their email systems from being forged. There’s an email message authentication standard called DMARC that has to be properly implemented or an attacker can spoof an email address and fool message recipients. Research by security firm Agari suggests only four of 13 Democrats running for their party’s presidential nomination are properly using DMARC. Not only that, only one of 13 have implmented advanced email security protection for other email threats. It’s a warning for anyone running for elected office anywhere: Take email and web site security seriously. Hire someone experienced.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast