Security News

How hospitals can be proactive to prevent ransomware attacks
2020-03-26 21:30

Here are steps hospital IT admins can take to prevent ransomware and safeguard patient data. Health agencies, and medical facilities can be particularly exposed to ransomware as they hold sensitive research information and patient data that they can't afford to lose.

How hospital CIOs can prepare for the onslaught of coronavirus patients
2020-03-13 22:00

Hospital CIOs also can take steps to collaborate with healthcare providers and strengthen the technical infrastructure of their facilities. Chou recommended preparing the contact center since they are the first line of contact for appointment scheduling for patients.

Live Webinar | Four Identity Management Best Practices for Improving Patient Care as Learned from Top US Children's Hospitals
2020-03-09 17:48

The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.

ENISA publishes procurement guidelines for cybersecurity in hospitals
2020-02-25 06:30

The EU Agency for Cybersecurity published a cybersecurity procurement guide for hospitals. The Procurement Guidelines for Cybersecurity in Hospitals published by the Agency is designed to support the healthcare sector in taking informative decisions on cybersecurity when purchasing new hospital assets.

Nearly half of hospital Windows systems still vulnerable to RDP bugs
2020-02-20 13:58

Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week. The proportion of Windows devices connected to a network that are vulnerable is far higher, at 45%, it adds.

Hacked Off: Patients Sue Ransom-Paying Hospital Group
2020-02-19 10:18

A lawsuit seeking class action status has been filed against a New Jersey healthcare organization in the wake of a ransomware attack last December in which the entity paid attackers a ransom to unlock its systems. Because of the ransomware attack, patients had their medical care and treatment disrupted, the complaint alleges.

Critical, Unpatched ‘MDhex’ Bugs Threaten Hospital Devices
2020-01-23 20:02

A collection of six cybersecurity vulnerabilities in a range of GE Healthcare devices for hospitals has been discovered. Dubbed "MDhex" by the researchers at CyberMDX who discovered them, the bugs would allow attackers to disable the devices, harvest personal health information, change alarm settings and alter device functionality.

Tips on Protecting Hospitals From Nation-State Attacks
2020-01-22 20:18

In light of rising tensions between the U.S. and Iran, the Association of Executives in Healthcare Information Security recently issued new data security guidance to help the healthcare sector prepare for potential nation-state attacks, says Christopher Frenz, one of the document's authors. After an Iranian general was killed in a recent U.S. drone strike in Baghdad, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses.

Hospital hacker spared prison after plod find almost 9,000 cardiac images at his home
2020-01-20 11:30

A Stoke-on-Trent hospital administrator has avoided prison after hacking his NHS trust and helping himself to almost 9,000 heart scan images. As part of the police caution he agreed not to access any IT system within the hospital, not to enter the hospital unless he was ill or visiting a patient, and not to contact hospital staff unless asked to by the HR department.

Cynerio offers hospitals free Windows 7 risk assessment
2020-01-15 04:00

To prepare for the transition into Windows 7 End of Life, Cynerio is offering hospitals a complementary risk assessment until February 14, 2020. Connected medical devices are the weakest link in healthcare security and the prevalence of devices running on the Windows 7 operating system puts hospitals at even greater risk of cyber attack.