Security News
Much of the US healthcare system is running on outdated software and unsupported operating systems, such as Windows 7, leaving devices vulnerable to hackers actively exploiting the coronavirus. Atlas based part of its findings on a Palo Alto Networks survey of 1.2 million Internet of Things devices used in thousands of healthcare organizations across the US. Palo's survey found that 56% of devices were still running on the Windows 7 operating system, which Microsoft stopped supporting in January of this year.
Patients might end up bearing the brunt of successful cyber attacks but, Covid-19 or no Covid-19, the danger for healthcare organizations has effectively remained the same - only the stakes got higher. It is crucial for healthcare organizations and agencies not to ignore cybersecurity and data protection at this moment.
In many cases, it has been determined that threat actors were inside a healthcare organization's network for months or even years before setting their malicious code loose. They're low on the priority list until someone clicks on a malicious link that the spam filter didn't catch thus unleashing ransomware on the network, after which all hell breaks loose.
Everbridge, the global leader in critical event management, announced that the company has unveiled new CEM capabilities across the Internet of Things for corporate, government and healthcare organizations to protect their people, assets, operations, supply chain and brand from critical events such as coronavirus. With the number of IoT devices expected to approach 75 billion by 2025, the Everbridge CEM platform enables organizations to utilize vast amounts of electronic data, including IoT sensors, to digitally transform how they manage the safety and security of their employees, customers, patients, first responders, residents, and visitors, as well as the resiliency of their operations and supply chain.
How can the use of "Smart contracts" based on distributed ledger technology help improve the overall security picture for evolving healthcare sector supply chains? Mitch Parker, CISO of Indiana University Health, explains. "Smart contracts are pieces of executable code that can run as part of a distributed ledge technology system, and they're relevant to healthcare supply chain because a lot of the [newer] enterprise planning resource systems we're putting in actually support those as a way of doing data interchange," says Parker in an interview with Information Security Media Group.
More than half of all healthcare vendors have experienced a data breach that exposed protected health information, and it's a costly problem that points to broken third-party risk assessment processes, according to data released by the Ponemon Institute and Censinet. The report shows that 54 percent of healthcare vendors have experienced at least one data breach of protected health information belonging to patients of the healthcare providers they serve.
SAN FRANCISCO - Cybercriminals are pushing boundaries in looking for new ways to cash in on the healthcare space - whether it is persuading desperate patients to download health information apps that actually infect their devices with malware, attacking hospitals with ransomware attacks or even selling patients fraudulent insurance or medicine on illicit online markets. Not only is the medical space a treasure trove of personal identifiable information collected from patients, but medical device manufacturers and hospitals lack basic security hygiene, experts say.
The leak came from an S3 bucket that was left unsecured. The unsecured S3 bucket appeared to be powering Rotherwood's internal system, a CRM-style software suite that looks to be used to capture and store essential data about staff and patients alike.
The leak came from an S3 bucket that was left unsecured. The unsecured S3 bucket appeared to be powering Rotherwood's internal system, a CRM-style software suite that looks to be used to capture and store essential data about staff and patients alike.