Security News

Although it's a warning that's tailored for the healthcare sector, the report is nevertheless relevant to all of us, and we can all learn from it. Sure, some of the items in the AA20-302A report are specific to healthcare, such as contact details for cybersecurity bodies in the healthcare sector, and specific advice about security "Hardening" on medical devices, which operate under a special regulatory mechanism.

The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that's already affected some hospitals. The healthcare industry continues to be a prime target for ransomware, so much so that the FBI and two other government agencies are now warning this sector of impending attacks using the infamous Ryuk ransomware.

The US Federal Bureau of Investigation, Departments of Homeland Security, and Health and Human Services issued a joint alert Wednesday warning of an "Imminent" increase in ransomware and other cyberattacks against hospitals and healthcare providers. "Malicious cyber actors are targeting the Sector with TrickBot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services," the Cybersecurity and Infrastructure Security Agency said in its advisory.

Healthcare delivery organizations have been busy increasing their network and systems security in the last year, though there is still much room for improvement, according to Forescout researchers. The bad news? Some network segmentation issues still crop up and HDOs still use insecure protocols for both medical and non-medical network communications, as well as for external communications.

Cloud-first security firm Wandera reports that malicious network traffic is the highest cybersecurity risk for hospitals and other healthcare providers and affects 72% of all organizations. The new report, "Cybersecurity in the Healthcare Industry," ranked phishing and outdated operating systems as the other top risks.

New research from RiskRecon and the Cyentia Institute pinpointed risk in third-party healthcare supply chain and showed that healthcare's high exposure rate indicates that managing a comparatively small Internet footprint is a big challenge for many organizations in that sector. There is a silver lining: gaining the visibility needed to pinpoint and rectify exposures in the healthcare risk surface is feasible.

Only 44% of healthcare providers, including hospital and health systems, conformed to protocols outlined by the NIST CSF - with scores in some cases trending backwards since 2017, CynergisTek reveals. The report also found that healthcare supply chain security is one of the lowest ranked areas for NIST CSF conformance.

This acquisition further enhances RLDatix's Applied Safety Intelligence framework by helping healthcare delivery organizations comply with global accreditation standards while ensuring the safe and effective use of medical equipment―a fundamental component of patient safety. "Proper usage of medical equipment is a critical component of patient safety and compliance," said Jeff Surges, CEO of RLDatix.

While COVID-19 has proven the healthcare industry's overall resilience, it has also increased its cybersecurity risk with new and emerging threats. The rapid adoption and onboarding of telehealth vendors led to a significantly increased digital footprint, attack surface, and cybersecurity risk for both provider and patient data, a new report released by SecurityScorecard and DarkOwl has shown.

As a result of the COVID-19 pandemic, healthcare professionals have increased their reliance on the internet to carry out their job. Healthcare under attack: What about cyber awareness?