Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
Feature
09 Oct 2024
Exploring today's top rural healthcare cybersecurity challenges
Financial troubles and an ongoing cyber workforce shortage are some of the factors contributing to persisting rural healthcare cybersecurity challenges. Continue Reading
By- Jill McKeon, Associate Editor
-
Podcast
23 Sep 2024
Implementing cyber hygiene best practices in healthcare
Applying best practices for cyber hygiene and employee security training can help healthcare organizations effectively mitigate cyber-risk. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Apr 2023
55% of Surveyed Healthcare Workers Believe Security Policies Keep Up With New Tech
Nearly a quarter of surveyed healthcare workers reported thinking that generative AI tools are safe to use at work, but just 55% of respondents agreed that their organization’s security policies were keeping up with new tools and technologies. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Apr 2023
HHS Cybersecurity Task Force Releases New Resources to Address Rise in Healthcare Cyberattacks
Led by the HHS 405(d) Program and the HSCC CWG, the new resources include an update to the HICP and an educational platform offering healthcare cybersecurity trainings. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
13 Apr 2023
How the HSCC is Bridging the Gap Between Cyber Haves and Have-Nots
Recognizing that patient safety and cybersecurity are inextricably linked is a crucial step in strengthening the security posture of the healthcare sector, HSCC leader Greg Garcia suggested at the HealthITSecurity Virtual Summit. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Apr 2023
DNS NXDOMAIN Flood DDoS Attacks Impacting Healthcare, HC3 Warns
HC3 warned the healthcare sector of DNS NXDOMAIN flood DDoS attacks, which are used by threat actors to overload DNS servers and slow down systems. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Apr 2023
Microsoft, Fortra, Health-ISAC Crack Down On Cobalt Strike Abuse
Microsoft’s Digital Crimes Unit is partnering with Fortra and Health-ISAC to remove illegal, legacy copies of Cobalt Strike used by cybercriminals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Apr 2023
HC3 Raises Concern Over KillNet DDoS Attacks Targeting Healthcare Sector
HC3 warned the healthcare sector again of the ongoing threat of KillNet hacktivist group, with their biggest DDoS strike affecting over 90 organizations in January 2023. Continue Reading
By- Sarai Rodriguez
-
News
06 Apr 2023
HSCC Releases Free Video Series Providing Healthcare Cybersecurity Awareness, Training to Clinicians
The Health Sector Coordinating Council (HSCC) released an eight-episode series entitled “Cybersecurity for the Clinician,” which organizations can use to enhance their healthcare cybersecurity training programs. Continue Reading
By- Jill McKeon, Associate Editor
-
News
05 Apr 2023
Illinois Medical Practice Settles Lawsuit After Data Breach Impacts 228K
The Plaintiff launched and settled a class action lawsuit against Illinois Gastroenterology Group (IGG) following a data breach that allegedly jeopardized patient privacy. Continue Reading
By- Sarai Rodriguez
-
News
04 Apr 2023
Rise Interactive Faces Class Action Lawsuit Over Healthcare Data Breach
The digital marketing firm faces a class action lawsuit over a 2022 data breach, alleging inadequate cybersecurity measures exposed the PHI of 54,509 Edgepark patients. Continue Reading
By- Sarai Rodriguez
-
News
03 Apr 2023
Health-ISAC Annual Threat Report Sheds Light on Healthcare Cyber Threat Landscape
Health-ISAC, CHIME, and the Health Sector Coordinating Council surveyed healthcare cybersecurity executives on the top five threats facing their organizations this year. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Mar 2023
FDA to Refuse Medical Device Submissions For Cybersecurity Reasons Beginning in October
Medical device manufacturers will now be required to include cybersecurity details in device submissions, and the FDA will soon be able to deny submissions over inadequate security controls. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Mar 2023
Inadequate Healthcare Cybersecurity Maturity Jeopardizes Patient Privacy
CYE found that the healthcare cybersecurity maturity score lags behind other sectors, putting patient privacy and sensitive data at risk due to weak EHR systems, telemedicine, and other security vulnerabilities. Continue Reading
By- Sarai Rodriguez
-
News
28 Mar 2023
CISA Looks Back On One Year of CIRCIA, Encourages Cyber Threat Sharing
In the year since President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) into law, CISA has been busy collecting feedback from key stakeholders. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Mar 2023
NY Law Firm Pays $200K Over Healthcare Data Security Failures
As a result of an investigation by the New York Attorney General’s Office, the law firm is required to pay $200K and implement enhanced data security measures. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Mar 2023
20 Healthcare Vendors Receive KLAS Cybersecurity Transparent Designation
At ViVE 2023, KLAS and Censinet recognized 20 vendors that achieved KLAS Cybersecurity Transparent designation, indicating that the vendors met rigorous healthcare cybersecurity standards. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Mar 2023
HHS, FBI Disrupt BreachForums Cybercriminal Marketplace
The HHS Office of Inspector General and the FBI forced BreachForums offline, disrupting a marketplace used by more than 340,000 cybercriminals to buy, sell, and trade stolen data. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Mar 2023
Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity
Fifty-seven percent of healthcare CISOs utilize dark web intelligence in their strategies, causing the sector to lag other industries and leaving healthcare cybersecurity vulnerable to threat actors, a new report revealed. Continue Reading
By- Sarai Rodriguez
-
News
23 Mar 2023
CISA Issues Revised Cybersecurity Performance Goals
Originally released in October, CISA updated its Cybersecurity Performance Goals (CPGs) in response to stakeholder feedback. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Mar 2023
Healthcare DDoS Attacks Are Increasing, Microsoft Says
Microsoft has observed an uptick in DDoS attacks launched against healthcare organizations by KillNet and other hacktivist groups. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Mar 2023
FBI IC3: Victims Racked Up $10.3B in Losses Tied to Internet Crime Last Year
The FBI Internet Crime Complaint Center (IC3) data show that healthcare was impacted by more ransomware attacks than any other critical infrastructure sector in 2022. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Mar 2023
Experts Shed Light On Healthcare Cybersecurity Challenges Before Senate Panel
Four industry experts testified before the Senate Homeland and Governmental Affairs Committee recently, championing healthcare cybersecurity minimum standards and federal assistance for under-resourced organizations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Mar 2023
CISA, FBI, MS-ISAC Warn Critical Infrastructure of LockBit 3.0 Ransomware Attacks
LockBit 3.0 ransomware operations as a RaaS model and is known to attack a wide range of sectors, including those in critical infrastructure. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Mar 2023
FL Children’s Health Insurance Site Contractor Pays Fine to Resolve False Claims Act Allegations
Jelly Bean Communications Design agreed to pay nearly $300K to resolve False Claims Act allegations that it failed to secure personal information stored on a federally funded Florida children’s health insurance website. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Mar 2023
HC3 Raises Alarm Over Black Basta Ransomware Group as a Threat to Healthcare
HC3 cautioned that the Black Basta ransomware group, known for its calculated double extortion tactics with potential connections to Conti and FIN7, poses a risk to healthcare cybersecurity. Continue Reading
By- Sarai Rodriguez
-
News
16 Mar 2023
CISA Launches Pilot Program to Help Critical Infrastructure Manage Cybersecurity Vulnerabilities
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) required the creation of the Ransomware Vulnerability Warning Pilot (RVWP), aimed at helping organizations stay ahead of the latest cybersecurity vulnerabilities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Mar 2023
Blackbaud Pays $3M to Settle “Misleading Disclosures” Following Ransomware Attack
Following a 2020 ransomware attack, Blackbaud announced that the attacker had not accessed donor bank information, but it was determined that information had in fact been accessed and exfiltrated. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Mar 2023
HC3 Report Uncovers Key Data Exfiltration Trends in Healthcare
Data exfiltration played a role in 70 percent of ransomware incidents impacting healthcare organizations, HC3 stated. Continue Reading
By- Sarai Rodriguez
-
News
14 Mar 2023
HSCC Publishes Guidance On Managing Legacy Medical Tech Security
The guidance positions medical technology security as a shared responsibility, encouraging medical device manufacturers and healthcare organizations to work together to reduce risks associated with legacy tech. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Mar 2023
HHS, HSCC Release Guidance to Help Healthcare Align With NIST Cybersecurity Framework
The new Framework Implementation Guide aims to help healthcare organizations better manage cybersecurity risks with the help of actionable steps aligned with the NIST Cybersecurity Framework. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Mar 2023
DC Health Link Healthcare Data Breach Exposes PHI of Congress Members
The FBI and US Capitol Police are investigating a recent healthcare data breach at DC Health Link, where House members' and staff's personal health information (PHI) was compromised. Continue Reading
By- Sarai Rodriguez
-
News
08 Mar 2023
CISA, FBI Shed Light On Royal Ransomware Cyberattack Tactics
CISA and the FBI’s latest cybersecurity advisory contains detailed indicators of compromise and initial access techniques used by Royal ransomware, a variant known to be used against the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
03 Mar 2023
How The New National Cybersecurity Strategy Will Impact Healthcare Cybersecurity
The Biden Administration issued its National Cybersecurity Strategy aimed at securing critical infrastructure, disrupting cyber threat operations, and investing in a more secure digital ecosystem. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Mar 2023
As Hacker Sophistication Increases, Confidence in Basic Cybersecurity Defenses Falters
More than half of surveyed health IT leaders reported feeling “less than fully confident” in the technologies they currently use to prevent ransomware attacks, Akamai and Porter Research found. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
01 Mar 2023
Outdated Operating Systems Remain Key Medical Device Security Challenge
Support for Windows 8.1 ended in January, sparking conversations about how to manage risks associated with out-of-date operating systems and medical devices in the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Feb 2023
94% of CISOs Face Work-Related Stress, Leading to Retention Snags
Work-related stress impacts 94 percent of the surveyed chief information security officers and is the root cause of 74 percent of healthcare security teams’ retention problems. Continue Reading
By- Sarai Rodriguez
-
News
27 Feb 2023
MedusaLocker Ransomware Leveraged In Healthcare Cyberattacks
HC3 described the MedusaLocker ransomware variant as “lesser known but potent” and recommended that healthcare security defenders apply necessary mitigations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Feb 2023
Clop Ransomware Continues to Threaten Healthcare Sector, HC3 Warns
Clop ransomware recently claimed that it leveraged a vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) solution to attack more than 130 organizations, including healthcare entities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Feb 2023
CommonSpirit Health Ransomware Attack Leads to $150M in Losses To Date
As previously reported, CommonSpirit Health suffered a ransomware attack in October 2022 that impacted facilities across its network. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Feb 2023
35% More Patients Impacted by Healthcare Data Breaches in H2 2022
A critical Insight report on healthcare data breaches found that the number of health records exposed increased from 21.1 million in 2019 to 28.5 million in 2021. Continue Reading
By- Sarai Rodriguez
-
News
15 Feb 2023
DDoS Attacks Continue to Threaten Healthcare Cybersecurity
HC3’s latest brief shed light on the threat of Distributed Denial of Service (DDoS) attacks on healthcare cybersecurity, noting that they may have “detrimental impact on the ability to provide care.” Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Feb 2023
UMass Memorial Health Center Resolves Healthcare Data Breach Lawsuit With $1.2M Settlement
The proposed settlement will resolve allegations relating to a 2020 healthcare data breach at UMass Memorial Health Center that impacted patient PHI. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
14 Feb 2023
Tackling Third-Party Risk Management (TPRM) Challenges In Healthcare
Third-party risk management (TPRM) is a crucial component of any healthcare organization’s security and compliance programs. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Feb 2023
GootLoader Malware, SEO Poisoning Impacting Healthcare
Cybereason observed new deployment methods of the GootLoader malware loader, as well as SEO poisoning techniques that are impacting the healthcare and finance sectors in particular. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Feb 2023
Nearly 63K Impacted by Healthcare Data Breach from Exploited Web Server
Sharp HealthCare in San Diego suffered a healthcare data breach after an unauthorized third-party gained access to the organization’s web server potentially exposing some PHI. Continue Reading
By- Sarai Rodriguez
-
News
10 Feb 2023
HHS, FBI, CISA Warn of North Korean State-Sponsored Cyber Threat Actors Targeting Healthcare
US and South Korean authorities issued a joint cybersecurity advisory to warn healthcare organizations about North Korean state-sponsored cyber threat actors who have been conducting ransomware attacks against the sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Feb 2023
Business Email Compromise (BEC) Attacks Continue to Increase in Healthcare
Threat actors leverage business email compromise (BEC) attacks to take advantage of well-meaning employees and gain network access. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Feb 2023
GoodRx Faces Lawsuit Over Alleged Improper Health Data Sharing Practices
Prior to the proposed class action lawsuit filed by a GoodRx user, the Federal Trade Commission (FTC) imposed a $1.5 million civil penalty against GoodRx to resolve allegations of improper health data sharing practices. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Feb 2023
Top Healthcare Cybersecurity, IoT, Privacy Vendors Achieve Best in KLAS Status
KLAS named Imprivata, Medigate by Claroty, Fortified Health Security, and more as Best in KLAS in the healthcare cybersecurity and privacy space in 2023. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Feb 2023
Third-Party Data Breach Victims Double, Healthcare Most Targeted
A Black Kite report revealed the increasing level of impact third-party had on select industries, with healthcare as the most targeted sector. Continue Reading
By- Sarai Rodriguez
-
News
07 Feb 2023
Consumers More Concerned About Financial Data Compromise Than Healthcare Data Breaches
Kroll found that more consumers took advantage of free monitoring services when they were impacted by a breach in the finance industry compared to those who were impacted by a healthcare data breach. Continue Reading
By- Jill McKeon, Associate Editor
-
News
06 Feb 2023
Rise in Third-Party Data Breaches Requires Updated Risk Management Approach
More than 98 percent of analyzed healthcare organizations have a relationship with at least one breached third-party vendor, a new report shows. Continue Reading
By- Jill McKeon, Associate Editor
-
News
03 Feb 2023
Tallahassee Memorial HealthCare Diverts EMS Amid “IT Security Issue”
Tallahassee Memorial HealthCare is responding to an IT security issue that began on Thursday evening and has led to EMS diversions and outpatient procedure cancellations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Feb 2023
FTC Imposes $1.5M Penalty on GoodRx Over Failure to Report Healthcare Data Breach
The FTC alleged that GoodRx failed to notify consumers of a healthcare data breach stemming from its unauthorized disclosure of user health information to Facebook, Google, and other third parties. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Feb 2023
3 Cybersecurity Vulnerabilities in OpenEMR Can Lead to Remote Code Execution
HHS urged the healthcare sector to upgrade to the most recent version of OpenEMR to protect against three recently discovered cybersecurity vulnerabilities. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
01 Feb 2023
How Sen. Warner Aims to Mitigate Healthcare Cybersecurity Risks Through Legislation
Senator Mark Warner spoke with HealthITSecurity about the healthcare cybersecurity challenges discussed in his recent policy options paper and how he plans to address them. Continue Reading
By- Jill McKeon, Associate Editor
-
News
31 Jan 2023
HC3: KillNet Hacktivist Group Uses DDoS Cyberattacks to Target Healthcare
HC3’s latest analyst note details the cyberattack tactics of KillNet, a hacktivist group known to target the healthcare sector by executing DDoS cyberattacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Jan 2023
IL Hospital Reaches $380K Settlement to Resolve Lawsuit Over Healthcare Data Breach
The healthcare data breach stemmed from an incident in which billing statements containing PHI were sent to the wrong patients. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Jan 2023
IL Social Services Organization Notifies 184K of Healthcare Ransomware Attack
The January 2022 ransomware attack potentially involved the protected health information (PHI) of more than 184,000 individuals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Jan 2023
UCHealth, UCLA Health Report Healthcare Data Breaches
The healthcare data breach at UCHealth stemmed from a third-party vendor, and the UCLA Health breach was tied to the organization’s use of analytics tools. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Jan 2023
Logan Health Reaches $4.3M Settlement Following Healthcare Data Breach Lawsuit
Logan Health suffered a healthcare data breach in November 2021 that impacted more than 213,000 individuals and led to potential unauthorized PHI access. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Jan 2023
DOJ Takes Down Hive Ransomware Group
The Justice Department completed a months-long disruption campaign against Hive ransomware group, a threat group known to aggressively target healthcare and other critical infrastructure sectors. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Jan 2023
CISA: Federal Employees Targeted in Malicious Cyber Threat Campaign Using RMM Software
Threat actors leveraged legitimate remote monitoring and management (RMM) software to execute a widespread campaign against federal civilian executive branch (FCEB) employees. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Jan 2023
Downloaders, Ransomware, Among Top Healthcare Cyberattack Tactics in Q4
A new report from BlackBerry sheds light on Q4 2022 healthcare cyberattack trends, showing that ransomware is still a dominant tactic. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
24 Jan 2023
How An Independent Practice Recovered From a Third-Party Ransomware Attack
A NC-based family physician shares lessons learned after his independent practice was collateral damage in a third-party ransomware attack originating at a cloud provider. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Jan 2023
CommonSpirit Health Faces Class Action Lawsuit in Wake of Healthcare Data Breach
CommonSpirit Health suffered a ransomware attack in October that impacted multiple facilities and more than 620,000 individuals across the health system. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Jan 2023
Hacking Accounted For Nearly 80% of Healthcare Data Breaches Last Year
In past years, unauthorized disclosures, loss, theft, and improper disposal accounted for more healthcare data breaches than malicious hacking. Continue Reading
By- Jill McKeon, Associate Editor
-
News
19 Jan 2023
HC3 Warns Healthcare of AI’s Use in Malware Development
In its latest brief, HC3 details how artificial intelligence (AI) can be used by threat actors to aid in malware development, forming a serious threat to healthcare cybersecurity. Continue Reading
By- Sarai Rodriguez
-
Answer
19 Jan 2023
How Northwell Health Runs Its Cybersecurity Training and Awareness Program
The New York health system uses a variety of tactics to keep its cybersecurity training and awareness program fresh and engaging for its entire workforce. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Jan 2023
PA University Addresses Cybersecurity Workforce Shortage With New Apprenticeship Program
The Drexel University registered apprenticeship program will provide students with training and skills based on national standards to mitigate the cybersecurity workforce shortage. Continue Reading
By- Sarai Rodriguez
-
News
18 Jan 2023
How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts
Healthcare cybersecurity benchmarking can help health IT experts establish cybersecurity program goals and improve decision-making, a new survey from Censinet and Ponemon Institute suggests. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Jan 2023
CISA Reflects on Past Year, Upcoming Critical Infrastructure Security Priorities
CISA’s 2022 Year in Review outlines the four-year-old agency’s top accomplishments of the past year and hints at upcoming critical infrastructure security priorities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Jan 2023
Ransomware Operators Continue to Aggressively Target US Healthcare Sector
HC3’s latest brief highlights the tactics and capabilities of Royal ransomware and BlackCat ransomware, two groups that are known to target the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Jan 2023
Larger Organizations Most Likely to Be Affected by Ransomware Attacks
New data revealed over 50 percent of organizations with more than 100 employees are targeted by ransomware attacks. Continue Reading
By- Sarai Rodriguez
-
News
11 Jan 2023
Global Cyberattacks Increased By 38% Last Year, Healthcare Hit Hard
Healthcare, education, and government were the three industries most impacted by cyberattacks in 2022, new data from Check Point Research suggests. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Jan 2023
Healthcare CISOs Form Health3PT Council to Improve Third-Party Risk Management
More than 20 healthcare leaders joined forces to form the Health 3rd Party Trust (Health3PT) Initiative and Council aimed at identifying new approaches for tackling third-party risk. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Jan 2023
Healthcare Sector Faces Critical Challenges With Supply Chain Risk Management
A new survey conducted by Ponemon Institute on behalf of the Health Sector Coordinating Council (HSCC) showed that healthcare organizations are struggling to maintain basic supply chain risk management practices. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Jan 2023
Breach Reporting Requirements Are Top Concern For Security Teams
Alongside data breach reporting requirements, cybersecurity professionals are likely to encounter challenges with digital transformation, talent shortages, and rising security investments in 2023. Continue Reading
By- Sarai Rodriguez
-
News
06 Jan 2023
HC3: Clop Ransomware Group Preying on Healthcare Sector
Clop ransomware group has reportedly been infecting files that look like medical documents and subsequently requesting medical appointments in hopes of getting victims to open the malicious files. Continue Reading
By- Jill McKeon, Associate Editor
-
News
05 Jan 2023
Healthcare Ransomware Attacks More Than Doubled Over Past 5 Years
According to a study published in JAMA Health Forum, healthcare ransomware attacks have more than doubled from 2016 to 2021, posing potential risks to patient safety in the process. Continue Reading
By- Jill McKeon, Associate Editor
-
News
05 Jan 2023
Avalon Healthcare, Morley Companies Reach Healthcare Data Breach Settlements
Healthcare data breach lawsuits and settlements are becoming more common as high-profile breaches continue to impact the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
03 Jan 2023
Scripps Health Reaches $3.5M Settlement After Ransomware Attack
Scripps Health recently settled a class action lawsuit stemming from a 2021 ransomware attack that impacted 1.2 million individuals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Dec 2022
Pro-Russian Hacktivist Group KillNet Poses Threat to US Healthcare Cybersecurity
HC3 warned the sector of a pro-Russian hacktivist group called KillNet, which could endanger healthcare cybersecurity. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Dec 2022
New Version of HITRUST CSF Helps Healthcare Tackle Emerging Cybersecurity Threats
HITRUST will release CSF version 11 in January 2023, promising improved mitigations against emerging cybersecurity threats and an AI-based standards development toolkit. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Dec 2022
Key Medical Device Security Requirements Included in Omnibus Bill
The 4,100-page omnibus bill keeps the government funded through September 30 and includes key medical device security provisions. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Dec 2022
MA Executive Order Confronts Increasing Cybersecurity Threats
The executive order will establish a Massachusetts cyber incident response team furthering Governor Baker’s effort to manage significant cybersecurity threats and attacks. Continue Reading
By- Sarai Rodriguez
-
News
20 Dec 2022
Citrix Releases Patches For Cybersecurity Vulnerability Used to Target Healthcare
HC3 urged healthcare organizations to prioritize patching known cybersecurity vulnerabilities found in the Citrix Application Delivery Controller and Gateway platforms. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
19 Dec 2022
Top Free Resources For Improving Healthcare Cybersecurity
Regardless of size, structure, or budget, providers can leverage free or low-cost industry resources to improve healthcare cybersecurity. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Dec 2022
Healthcare Cybersecurity Measures Must Go Beyond Perimeter Security
Over 90 percent of surveyed critical infrastructure leaders agree they cannot solely depend on perimeter security, indicating that healthcare cybersecurity measures must go further than the firewall. Continue Reading
By- Sarai Rodriguez
-
News
14 Dec 2022
HHS Warns Healthcare Sector of LockBit 3.0, BlackCat Ransomware
LockBit 3.0 and BlackCat ransomware have been known to target healthcare organizations with highly sophisticated tactics. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Dec 2022
Cybersecurity Resilience Top Priority for 96% of Surveyed Executives
Organization executives are focusing on preventing incidents and mitigating losses rather than retaining security talent when listing their main objectives for cybersecurity resilience, a new survey found. Continue Reading
By- Sarai Rodriguez
-
News
13 Dec 2022
CHIME, AEHIS Provide Feedback on Senator Warner’s Cybersecurity Policy Options Paper
CHIME and AEHIS applauded Senator Warner’s commitment to enhancing healthcare cybersecurity and advocated for the creation of more cybersecurity programs aimed at small and under-resourced providers. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Dec 2022
HC3 Explores Cybersecurity Implications of Automation in Healthcare
HC3’s latest brief dives into the history of automation, its uses in cybersecurity, and how it may impact healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Dec 2022
Conway Regional Medical Center Reaches $295K Settlement Over Healthcare Data Breach
The Arkansas medical center fell victim to a phishing scam in 2019, leading to a healthcare data breach lawsuit. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Dec 2022
HC3: Royal Ransomware Impacts Healthcare Sector
Royal ransomware appears to consist of experienced threat actors from other ransomware groups, HC3 noted. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
07 Dec 2022
3 Trends From the HIMSS Healthcare Cybersecurity Forum
Enhancing collaboration and communication, managing third-party risk, and balancing innovation with security were among the top trends discussed at this year’s HIMSS Healthcare Cybersecurity Forum. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Dec 2022
AHA Shares Recommendations Regarding Cybersecurity Policy Proposals
Hospitals and healthcare systems need future support through cybersecurity policies to address cybersecurity threats, the AHA stated following Senator Mark R. Warner’s policy options paper. Continue Reading
By- Sarai Rodriguez
-
News
06 Dec 2022
Balancing Digital Transformation With Healthcare Cybersecurity
Forrester experts shared best practices for maintaining healthcare cybersecurity amid rapid digital transformation at the HIMSS Healthcare Cybersecurity Forum in Boston. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
06 Dec 2022
3 Strategies for Healthcare Merger, Acquisition Cybersecurity Due Diligence
Assessing the target company’s cyber resiliency and establishing a list of non-negotiables are among the top strategies for conducting healthcare merger and acquisition cybersecurity due diligence. Continue Reading
By- Jill McKeon, Associate Editor
-
News
05 Dec 2022
CISA, FBI Alert Healthcare Sector of Cuba Ransomware Tactics
The Cuba ransomware group has collected over $60M in ransom payments and comprised more than 100 critical infrastructure organizations, including many within the healthcare sector. Continue Reading
By- Sarai Rodriguez
-
News
02 Dec 2022
Weak Connected Medical Device Security Increases Cyberattack Threats
A new survey found that healthcare organizations with more connected medical devices have a 24 percent greater risk for cyberattacks, underscoring a need for more medical device security. Continue Reading
By- Sarai Rodriguez