Cybersecurity News

Latest

Third Party Cyber Risk is Your Cyber Risk. How to Understand, Mitigate and Prepare for Third Party Cyber Risk Exposure
by John Riggi, National Advisor for Cybersecurity and Risk, AHA
It’s a sad fact that hospitals and health care systems continue to be a prime target for cyber criminals.
Keeping Our Defenses Strong Against Cyberthreats
by Rick Pollack, President and CEO, AHA
The health care field continues to be a top target for cybercriminals.
Agencies alert health care sector to commonly exploited cyber vulnerabilities
The National Security Agency, Cybersecurity and Infrastructure Security Agency and FBI yesterday urged U.S. critical infrastructure and other organizations to take certain actions to protect their systems from known vulnerabilities that China state-sponsored actors continue to exploit to target intellectual property and sensitive networks. In a separate presentation, the Department of Health and Human Services yesterday warned health care organizations that threat actors are increasingly using legitimate network security tools for malicious purposes.
AHA-supported cybersecurity bill introduced in House
AHA yesterday thanked Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Pa., for introducing a House companion to the Healthcare Cybersecurity Act, AHA-supported legislation that would improve collaboration and coordination between the Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services.
Proofpoint Press Release on Cybersecurity Survey does a Disservice to Health Care Providers
by John Riggi, National Advisor for Cybersecurity and Risk, AHA
A survey released in early September from Proofpoint, Inc., and the Ponemon Institute, on cybersecurity in health care raises important issues but appears to have a number of significant limitations.
FDA reports potential cybersecurity risk with insulin pump system
The communications protocol for the Medtronic MiniMed 600 Series Insulin Pump System could allow an unauthorized person to access the pump to deliver too much or too little insulin, the Food and Drug Administration alerted users today.
HHS alerts health sector to monkeypox-themed phishing campaign
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday alerted the sector to a monkeypox-themed phishing campaign targeting health care providers.
FBI: Cyber criminals targeting health care payment processors  
Cyber criminals are increasingly targeting health care payment processors to redirect payments intended for health care providers to accounts they control, costing victims millions of dollars, the FBI reported this week.
FBI charges Iranian hackers, recommends action to prevent further attacks
The FBI yesterday charged three Iranian nationals with allegedly orchestrating a scheme to hack into the computer networks of multiple U.S. victims, including an attempted but thwarted attack last year against Boston Children’s Hospital.
FBI recommends action to protect vulnerable medical devices from cyberattacks
The FBI today released recommendations to help protect medical devices from cyberattacks that can threaten health care operations, patient safety, and data privacy and integrity, citing a growing number of unpatched medical device vulnerabilities.
Lawmakers seek update on HHS efforts to address health care cyber threats
Former co-chairs of the Cyberspace Solarium Commission request briefing on HHS efforts to protect health care sector through public-private collaboration. 
Agencies advise action to protect against Zeppelin ransomware
The ransomware uses remote desktop protocol and firewall vulnerabilities and phishing campaigns to access victim networks.
Agencies recommend action to protect against top malware threats
A new advisory from the Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre details the top malware strains observed last year and immediate actions organizations should take to protect themselves from these remote access Trojans, information stealers and ransomware threats.
HHS issues advisory on web application attacks in health care
A new brief from the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) offers tips to protect health care organizations from basic web application attacks.
DOJ recovers ransom paid to North Korean hackers targeting health care
The Justice Department has recovered about $500,000 in ransom that a Kansas hospital and Colorado medical provider paid to state-sponsored North Korean hackers, the agency announced.
FBI warns of North Korean ‘Maui’ ransomware threat on health care and public sectors
The FBI issued a “white” joint cybersecurity advisory warning of ransomware threats against the U.S. health care and public sectors.
Agencies alert private sector to ransomware threat
The FBI, Cybersecurity and Infrastructure Security Agency, Department of the Treasury, and Financial Crimes Enforcement Network today urged organizations to take certain actions to protect their networks from MedusaLocker ransomware, which uses vulnerabilities in the Remote Desktop Protocol to access victims’ networks and encrypt their data.
AHA voices support for bill to protect medical device cybersecurity 
 AHA Friday voiced support for the Protecting and Transforming Cyber Health Care Act, legislation that would require medical device manufacturers to meet certain cybersecurity requirements when seeking approval for devices that are internet connected or include software
Organizations urged to protect networks from China-backed cyber threats
The National Security Agency, Cybersecurity and Infrastructure Security Agency and FBI this week
Senate considers how to better protect health care from cyber threats
A Senate committee last week held a hearing on how to strengthen cybersecurity in the health care and education sectors.