The Cybersecurity and Infrastructure Security Agency, FBI, Multi-State Information Sharing and Analysis Center (MS-ISAC) and international partners June 14 recommended health care and other critical infrastructure organizations take certain actions to defend their networks against LockBit ransomware based on observed incidents.
Cybersecurity News
Latest
The FBI and Cybersecurity & Infrastructure Security Agency this week advised all organizations to implement certain recommendations to defend their networks from the latest tactics by the CLOP ransomware gang, which include using a SQL injection vulnerability in Progress Software's managed file transfer solution to steal data.
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect health information but are not covered by HIPAA’s privacy and security requirements.
U.S. and international cybersecurity authorities released an advisory to help health care and other critical infrastructure organizations identify and protect their networks from a People’s Republic of China state-sponsored group known as Volt Typhoon that uses built-in network administration tools to avoid detection.
An interagency task force chaired by the Cybersecurity and Infrastructure Security Agency and FBI yesterday released an updated guide offering best practices and a checklist to help critical infrastructure organizations such as hospitals and health systems prevent and respond to ransomware and data extortion attacks.
During a month-long ransomware attack on four hospitals in 2021, two neighboring hospital emergency departments experienced increased patient volumes, wait times and stroke patients, among other impacts, according to a study reported this month in JAMA Network Open.
The FBI, Cybersecurity and Infrastructure Security Agency, and Australian Cyber Security Centre issued recommendations to help critical infrastructure organizations protect their networks from ransomware attacks and data extortion by a cybercriminal group known as BianLian.
Health sector organizations should immediately patch a vulnerability in Veeam software used to back up, replicate and restore data on virtual machines, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Centers (HC3) said in an alert May 10.
The Food and Drug Administration last week alerted health care providers and laboratory personnel to a cybersecurity vulnerability affecting the Universal Copy Service software in certain Illumina medical devices used to sequence DNA for clinical diagnostic use or research.
FBI Director Christopher Wray detailed how the U.S. health care system has become a valuable target for cyberattacks from nation-states and independent cybercriminals, and how hospitals can team up with the FBI to defend against and, ideally, prevent such attacks.
The Centers for Medicare & Medicaid Services is rethinking its payment policy, rules and overall structure as it works to present a better reimbursement landscape for health care providers, Jonathan Blum, CMS principal deputy administrator and chief operating officer, said during a fireside chat with Ashley Thompson, AHA’s senior vice president of public policy.
Health care cybersecurity has too often been an afterthought, with protections added after an internal review or external attack discover a vulnerability, Sen. Mark Warner, D-Va., told moderator former CNN Washington bureau chief Frank Sesno at today’s federal plenary session.
Agencies in the U.S. and United Kingdom this week released an advisory detailing tactics used to exploit a known vulnerability in Cisco routers to deploy malware and recommendations to protect vulnerable Cisco devices.
The Healthcare Sector Coordinating Council and Department of Health and Human Services released a report benchmarking best practices and opportunities for improvement in hospital cyber resiliency.
The Department of Health and Human Services today released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, which outlines the top five threats facing the health care sector and 10 practices to combat them.
The latest threat brief from the Department of Health and Human Services’ Office of Information Security and Health Sector Cybersecurity Coordination Center (HC3) reviews the top cyber threats to electronic medical records and best practices to help health care organizations prevent, detect and respond to this growing threat.
Effective today under the Consolidated Appropriations Act of 2023, medical devices seeking approval from the Food and Drug Administration must meet certain cybersecurity requirements if they connect to the internet and contain software and technological characteristics vulnerable to cybersecurity threats.
The Department of Health and Human Services yesterday released a mobile device security checklist for the health care sector, and an update on the Black Basta ransomware group targeting the sector since last year.
In this AHA podcast, hear the inside story on the FBI’s successful infiltration and shutdown of a cybercriminal gang that specialized in hospital and health system extortion.
The FBI, Cybersecurity and Infrastructure Security Agency, and Multi-State Information Sharing & Analysis Center today provided actionable intelligence and encouraged organizations to implement recommendations to protect their networks from LockBit 3.0 ransomware, which is more evasive than previous versions.