April 2017 – Gregory M. Schmidt, CPP, PSP, CHPA

Violence Against Health Care Workers Captures Regulators’ Attention

From “Violence Against Health Care Workers Captures Regulators’ Attention”
Business Insurance (04/26/17) Gonzalez, Gloria. Reprinted by ASIS.

The U.S. Occupational Safety and Health Administration (OSHA) is “paying close attention” to workplace violence against health care workers, according to Safety National Casualty Corp.’s Mark Walls. In 2015, there were more than 11,000 violent incidents against employees in the health care and social assistance sector — a number that is nearly as high as all other industries combined. The California Division of Occupational Safety and Health Administration Standards Board unanimously adopted the first workplace violence prevention standard for health care workers in the United States last year, with the standard taking effect April 1. General acute care hospitals, acute psychiatric hospitals, and special hospitals must report incidents of workplace violence at their facilities to Cal/OSHA. The safety regulators are then required under Senate Bill 1299 to post a report each January on the total number of incidents reported, the names of the hospital facilities, the outcomes of inspections or investigations, the citations levied against a hospital based on a violent incident, and recommendations for the prevention of violent incidents in hospitals.

Cybersecurity Firm Warns That Hackers Can Take Control of Cars

From “Cybersecurity Firm Warns That Hackers Can Take Control of Cars”
Wall Street Journal (04/13/17) Dawson, Chester. Reprinted by ASIS International.

An Israeli cybersecurity firm is raising fresh concerns about hackers taking control of moving cars, remotely shutting down an engine with the help of a smartphone app, a Bluetooth connection, and a type of device commonly plugged into ports located under vehicle dashboards. On 13 April, Argus Cyber Security Ltd. said it was able to use a so-called dongle, a device often installed by insurance companies to monitor driving patterns or by owners wanting in-vehicle Wi-Fi, to crack into a vehicle’s internal communication system. The firm triggered a signal meant to disable the fuel pump, something that normally would happen only after a collision. Argus didn’t disclose the model of car it hacked, but the breach is the latest in a series of high-profile hacks, including an incident two years ago staged by two security researchers who controlled a Jeep Cherokee via a wireless internet connection.

IBM Report Details 2017 Tax Scams as IRS Filing Deadline Nears

From “IBM Report Details 2017 Tax Scams as IRS Filing Deadline Nears”
eWeek (04/05/17) Kerner, Sean Michael. Printed by ASIS International.

IBM Security is warning of an increase in tax-related spam email and related fraud scams that aim to exploit tax filers as the April 18 tax filing deadline nears. IBM’s “Cybercrime Riding Tax Season Tides: Trending Spam and Dark Web Findings” report, released on April 5, details how attackers are increasing their efforts ahead of the deadline. IBM X-Force security researchers have tracked a 6,000 percent increase in tax-related spam emails from December 2016 to February 2017. Limor Kessem, executive security advisor at IBM Security, says that this is the first year that IBM is seeing campaigns targeting businesses. “Last year, consumer tax fraud was the most common illicit activity linked with compromised taxpayer information,” she says. “This year, things are getting bigger and bolder.” She went on to say that attackers have several different ways to get taxpayer information, depending on their technical skill levels. “The more technically inclined may breach a company’s infrastructure to steal data directly from their internal servers,” she explains.

Homeland Security’s Terror Warning for NJ Hospitals and Hotels

From “Homeland Security’s Terror Warning for NJ Hospitals and Hotels”
New Jersey 101.5 (03/27/2017) Matthau, David. Reprinted by ASIS.

As authorities continue to investigate last week’s terror attack outside the British Parliament, homeland security officials in the United States are advising the public to be vigilant. The New Jersey Office of Homeland Security and Preparedness is calling on hospitals, hotels, and motels to keep an eye out for anything out of the ordinary. Eric Tysarczyk, the director of policy and planning for the New Jersey Office of Homeland Security and Preparedness, stressed no specific, credible threat has been made against any of these areas in New Jersey. However, hospitals are considered potential terror targets because they have open access and they are mass gathering sites. Tysarczyk notes some hospitals have chemicals and devices that could interest terrorist attackers, and hospitals play a prominent role in prevention and protection, which might also catch the attention of those planning an attack. He says the public should remain vigilant and report anomalies such as people wearing bulky coats inappropriately and congregating around delivery docks when they are not making deliveries. He says the first point of information should be either the security guard or the local police, adding that it is better to report a situation that does not pose a threat than to fail to report an actual threat.