Security News

While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels, according to Critical Insight. Notably, the report revealed a decrease in total breaches but an increase in the number of individuals affected; the focus of attacks on the supply chain and third-party associates; and, particularly noteworthy, the shift in some attackers' strategies from encryption to extortion.

While some ransomware operations claim not to target hospitals, one relatively new ransomware gang named Rhysida doesn't seem to care. We also saw additional reports on ransomware about TargetCompany, code leaks impacting the RaaS ecosystem, and a new threat actor using a customized version of Yashma ransomware.

After nearly two decades of my career leading a cybersecurity office, people, vendors, stakeholders and budgets in public health administration as well as in the private healthcare sector, I find that the industry is particularly vulnerable to cyberattacks. Healthcare organizations have experienced a spike in attacks often due to inadequate security, the high likelihood to quickly consort to attackers' payout demand, and sheer value of patient records that they possess.

The Rhysida ransomware operation is making a name for itself after a wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations. While some ransomware operations claim not to intentionally target healthcare organizations and even provide free decryption keys if done by mistake, Rhysida does not appear to follow the same policy.

We will explore what the Internet of Medical Things is and will investigate how healthcare organizations should best assess the security of their networks. We will then reveal why and how HIPAA plays a role in securing sensitive medical data and how attack surface management can secure the IoMT for healthcare organizations.

Staff at NHS Lanarkshire - which serves over half a million Scottish residents - used WhatsApp to swap photos and personal info about patients, including children's names and addresses. This, the watchdog said, "Demonstrates that information governance expectations regarding WhatsApp were not understood by staff involved in the WhatsApp Group."

With the average price tag for a healthcare data breach at an all-time high, the overall financial damage to an organization is high regarding economic loss and reputation repair. According to the...

In this Help Net Security video, Chris Westphal, Head of Product Marketing at Ordr, discusses how healthcare organizations should measure their device security success and where they should be...

Here's why data travel is the next big cybersecurity challenge - and what healthcare organizations can do to keep their data safe. Data travel is the journey your data takes once it leaves the direct control of your organization.

In an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave. "Protecting the supply chain and maintaining business continuity are critical considerations across most industries, but healthcare cyber leaders encounter distinct challenges in safeguarding patient well-being, maintaining quality of care, and enabling healthcare professionals to leverage cutting-edge digital technologies to perform at the highest level," said Trustwave CISO Kory Daniels.