Security News
Here are steps hospital IT admins can take to prevent ransomware and safeguard patient data. Health agencies, and medical facilities can be particularly exposed to ransomware as they hold sensitive research information and patient data that they can't afford to lose.
Hospital CIOs also can take steps to collaborate with healthcare providers and strengthen the technical infrastructure of their facilities. Chou recommended preparing the contact center since they are the first line of contact for appointment scheduling for patients.
The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.
The EU Agency for Cybersecurity published a cybersecurity procurement guide for hospitals. The Procurement Guidelines for Cybersecurity in Hospitals published by the Agency is designed to support the healthcare sector in taking informative decisions on cybersecurity when purchasing new hospital assets.
Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week. The proportion of Windows devices connected to a network that are vulnerable is far higher, at 45%, it adds.
A lawsuit seeking class action status has been filed against a New Jersey healthcare organization in the wake of a ransomware attack last December in which the entity paid attackers a ransom to unlock its systems. Because of the ransomware attack, patients had their medical care and treatment disrupted, the complaint alleges.
A collection of six cybersecurity vulnerabilities in a range of GE Healthcare devices for hospitals has been discovered. Dubbed "MDhex" by the researchers at CyberMDX who discovered them, the bugs would allow attackers to disable the devices, harvest personal health information, change alarm settings and alter device functionality.
In light of rising tensions between the U.S. and Iran, the Association of Executives in Healthcare Information Security recently issued new data security guidance to help the healthcare sector prepare for potential nation-state attacks, says Christopher Frenz, one of the document's authors. After an Iranian general was killed in a recent U.S. drone strike in Baghdad, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses.
A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images. As part of the police caution he agreed not to access any IT system within the hospital, not to enter the hospital unless he was ill or visiting a patient, and not to contact hospital staff unless asked to by the HR department.
To prepare for the transition into Windows 7 End of Life, Cynerio is offering hospitals a complementary risk assessment until February 14, 2020. Connected medical devices are the weakest link in healthcare security and the prevalence of devices running on the Windows 7 operating system puts hospitals at even greater risk of cyber attack.