Health Care – Page 4 – WindowsTechs.com

Canadian hospitals recovering from breach that forced thousands of appointment cancellations

Posted on November 10, 2021 by Tim Starks

Intruders accessed patient and employee data after infiltrating health-releated IT systems in a breach that’s only now coming into focus. A security incident affecting the province of Newfoundland and Labrador, first detected Oct. 30, took down multiple health networks, leading to the cancellation of thousands of appointments, including for chemotherapy treatments. The regional Eastern Health authority, which employees 13,000 people, on Tuesday announced that its email system was again functioning, more than a week after the initial compromise became known. “As part of the on-going investigation into a cyberattack that impacted health care IT systems in Newfoundland and Labrador, it has been determined that some personal information and personal health information was accessed from the systems,” the provincial government said in a Nov. 9 news release. “A review is ongoing to determine if any other information is affected in the incident and further updates will be provided as appropriate.” Hackers […]

The post Canadian hospitals recovering from breach that forced thousands of appointment cancellations appeared first on CyberScoop.

Continue reading Canadian hospitals recovering from breach that forced thousands of appointment cancellations→

Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets

Posted on October 7, 2021 by Tim Starks

A Russian-speaking ransomware gang in recent months has aggressively targeted North American organizations with more than $300 million in revenue, with a ruthless focus on the health care sector amid the COVID-19 pandemic, according to new findings. The threat intelligence firm Mandiant published details Thursday about a group it calls FIN12, a gang that moves quickly and uses an array of established hacking tools to infiltrate its targets. Over the past year, hackers have kept investigators busy, accounting for 20% of the ransomware incidents that Mandiant has responded to, with the next highest attackers at 5%, according to Kimberly Goody, the company’s director of cyber crime analysis. “They have a significantly higher cadence of attacks from our perspective,” she said. “We also see that, unlike other threat actors, this group has also aggressively pursued victims in critical sectors like health care, even during the pandemic, which had resulted in several actors saying that […]

The post Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets appeared first on CyberScoop.

Continue reading Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets→

Researchers show how to tamper with medication in popular infusion pumps using software flaws

Posted on August 24, 2021 by Sean Lyngaas

McAfee security researchers on Tuesday said they had found multiple vulnerabilities in infusion pump software that, under certain conditions, a skilled hacker could use to alter a patient’s medication dose to a potentially unsafe level. The vulnerabilities are in equipment made by multinational vendor B. Braun that are used in pediatric and adult health care facilities in the United States. While there are no reports of malicious exploitation of the flaws, the research illustrates the challenge of securing devices conceived decades ago from 21st-century digital threats. The findings come as the health care sector reckons with a series of ransomware attacks that hit aging hospital computer networks during the pandemic. Medical devices “remain vulnerable to legacy issues that have persisted for many years and have exceptionally slow update or upgrade cycles,” said Steve Povolny, who heads the Advanced Threat Research team at McAfee. In a statement, B. Braun said the […]

The post Researchers show how to tamper with medication in popular infusion pumps using software flaws appeared first on CyberScoop.

Continue reading Researchers show how to tamper with medication in popular infusion pumps using software flaws→

BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings

Posted on August 17, 2021 by Sean Lyngaas

A critical set of software flaws first revealed in April also affects code made by BlackBerry that is used in countless devices in the medical, automotive and energy sectors, the technology vendor confirmed on Tuesday. A hacker who exploits the so-called BadAlloc software vulnerabilities, which Microsoft researchers uncovered, could cause devices running the software to crash. In BlackBerry’s case, the attacker would need to first gain access to a targeted network and then go after devices that are exposed to the internet. The affected software is BlackBerry’s QNX Real-Time Operating System, a suite of software that manages data across a network. It’s unclear just how many devices are running the affected BlackBerry software. The firm said last year that its QNX software was embedded in more than 175 million cars alone. A BlackBerry spokesperson did not immediately respond to a request for comment. “These vulnerabilities may introduce risks for certain […]

The post BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings appeared first on CyberScoop.

Continue reading BlackBerry’s popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings→

Health Care Security Must Mature With 5G

Posted on August 5, 2021 by Mike Nelson

It’s clear that 5G technology is rapidly coming of age, and is enjoying wide adoption across every industry. According to Gartner, the market for 5G infrastructure was predicted to hit $4.2 billion over the past year, with two-thirds of companies depl… Continue reading Health Care Security Must Mature With 5G→

How to Protect Medical Devices from Ransomware

Posted on July 7, 2021 by Doug Folsom

Cyberattacks on hospitals are rising, and patients are worried. Is my personal data at risk? Could ransomware or hackers effectively shut down the ER near me? Consider these findings from a March 2021 report by cybersecurity provider Morphisec: Abo… Continue reading How to Protect Medical Devices from Ransomware→

Ransomware Reshapes Health Care Security Landscape

Posted on June 17, 2021 by Nathan Eddy

A sharp rise in ransomware is buffeting the health care sector and forcing IT security professionals to reevaluate how they tackle the threat. More than a third of health care organizations were hit by ransomware in the last year, according to a Sopho… Continue reading Ransomware Reshapes Health Care Security Landscape→

Sensitive medical, financial data exposed in extortion of Massachusetts hospital

Posted on June 2, 2021 by Sean Lyngaas

A hospital in Massachusetts quietly paid off a ransomware gang after a February hack that exposed patients’ sensitive medical and financial data, the hospital said in a May 28 statement. Sturdy Memorial Hospital, a 126-bed facility in the city of Attleboro, said that the information exposed in the hacking incident may have included insurance claim numbers, medical history, treatment information, Social Security numbers, bank routing numbers and credit card numbers and security codes, among other data. “In exchange for a ransom payment, we obtained assurances that the information acquired would not be further distributed and that it had been destroyed,” Sturdy Memorial said. Other Massachusetts health providers with which Sturdy Memorial Hospital has worked were swept up in the incident. The breach affected data belonging to patients of Harbor Medical Associates, South Shore Medical Center and providers affiliated with South Shore Physician Hospital Organization, according to the statement. Nearly four […]

The post Sensitive medical, financial data exposed in extortion of Massachusetts hospital appeared first on CyberScoop.

Continue reading Sensitive medical, financial data exposed in extortion of Massachusetts hospital→

Irish officials analyze decryption tool as long recovery process from ransomware continues

Posted on May 21, 2021 by Sean Lyngaas

The Irish government expects to dedicate significant resources in the coming days to recovery efforts related to a ransomware incident that has hampered the country’s public health service for the last week, officials said Friday. Irish officials have obtained a decryption key that could unlock the data on the networks of the Health Service Executive (HSE), Ireland’s $25 billion public health system, though the key will need to be tested to ensure it does more harm than good. Meanwhile, medical appointments have dropped by as much as 80% in parts of the country following the breach, health officials have said. It’s an example of the pressure that governments face, often under the international spotlight, to promptly restore connectivity to critical systems held hostage by cash-rich cybercriminals. Emergency care has continued throughout the ordeal, but there have been delays in non-urgent services in parts of Ireland as IT systems supporting maternity […]

The post Irish officials analyze decryption tool as long recovery process from ransomware continues appeared first on CyberScoop.

Continue reading Irish officials analyze decryption tool as long recovery process from ransomware continues→

Conti ransomware gang victimized US health care, first-responder networks, FBI says

Posted on May 21, 2021 by Tim Starks

The FBI tracked at least 16 Conti ransomware attacks that struck U.S. health care and first-responder networks within the last year, the bureau said in an alert this week. That accounting only factors in attacks in the past year, and incidents that the FBI itself identified. In all, the alert said Conti has hit 400 organizations, nearly 300 of which were in the U.S. The recent first responder victims include law 9-1-1 dispatch centers, emergency medical services, law enforcement agencies and municipalities, the FBI said. The Conti gang has sought as much as $25 million to decrypt systems it locked up, according to the alert. The FBI warning comes as the Irish health care system is contending with its own Conti ransomware attack. It also comes shortly after a report that CNA Insurance paid a $40 million extortion demand — the biggest yet revealed, as extortionists continue to ratchet up […]

The post Conti ransomware gang victimized US health care, first-responder networks, FBI says appeared first on CyberScoop.

Continue reading Conti ransomware gang victimized US health care, first-responder networks, FBI says→