H-ISAC Report TLP White: Hacking Healthcare - November 17, 2020

This edition of Hacking Healthcare takes a look at how security researchers found serious vulnerabilities in a contact-tracing application used in the Philippines and highlights the role of coordinated vulnerability disclosure in remediating them. Next, we ponder what PayPal’s acceptance of cryptocurrency might mean for ransomware perpetrators and victims. Finally, we revisit the issue of attacks against COVID-19 related research and why healthcare organizations should be wary about expecting attacks to wind down. Welcome back to Hacking Healthcare.

In this edition:

  • COVID-19 Contact-Tracing App Vulnerability Highlights the Benefits of Coordinated Vulnerability Disclosure
  • PayPal’s Acceptance of Cryptocurrency Has Ransomware Implications
  • Microsoft Calls for Action as Malicious Actors Continue to Target the Healthcare Sector

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public