HC3 Sector Alert
December News of Interest to the Health Sector.
On December 9, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released an Industrial Controls Systems Medical Advisory (ICSMA) detailing a vulnerability in multiple Hillrom Welch Allyn cardiology products.
Multiple cybersecurity organizations recently shared information regarding a suspected Chinese cyberespionage campaign targeting organizations in multiple industries, including healthcare.
Cybersecurity researchers at Forescout have identified 13 vulnerabilities that impact millions of Internet-connected hospital devices. Several of these vulnerabilities have been categorized as high or critical.
The U.S. Department of Health and Human Services’ (HHS) Office of the Chief Information Officer (OCIO) Health Sector Cybersecurity Coordination Center (HC3) first of our bi-monthly cybersecurity threat briefings in November.
In the third quarter of 2021, HC3 observed a continuation of ongoing trends with regards to cyber threats to the healthcare and public health community.
Agenda
• Hive Ransomware Overview
• Legitimate Applications and Closed Source Code
• Hive Ransomware Attacks
• Hive Ransomware Activity Targeting the U.S. HPH
• Hive Tactics, Techniques, and Procedures (TTPs)
• Mitigations
The Cybersecurity…
BrakTooth - The BrakTooth vulnerabilities were first made public on August 31, 2021, after being discovered by the ASSET Research Group. This new family of security vulnerabilities, found in commercial Bluetooth Classic stacks for various System-on-Chips (SoC),uses the Bluetooth Classic (BR/EDR…
Ransomware remains a major threat to the health sector worldwide, with many healthcare organizations operating legacy technology with limited security resources.