Alabama Hospitals Pay Up in Ransomware Attack
A trio of Alabama hospitals have decided to pay for a decryption key. Continue reading Alabama Hospitals Pay Up in Ransomware Attack
Category Archives: Hospitals
Ransomware attacks paralyze, and sometimes crush, hospitals
New attacks on the perennially besieged sector have crippled hospitals in the US and Australia and caused one health clinic to shut down. Continue reading Ransomware attacks paralyze, and sometimes crush, hospitals
Medical Device Security with Special Guest John Nye
In episode 90 of our monthly show we discuss medical device security with John Nye, Senior Director of Cybersecurity Research and Communication at CynergisTek. Do you use an insulin pump, have a pacemaker or other medical device implant? Are you concer… Continue reading Medical Device Security with Special Guest John Nye
Hospitals are being suffocated by robocalls
Some pretend to be hospitals to get patients’ payment data. Others pose as the goverment and try to get confidential data from hospitals. Continue reading Hospitals are being suffocated by robocalls
Health agency looks to bolster cybersecurity with new guidelines for industry
2018 was a busy year for cyberthreats to the health care sector, with more than 3 million patient records breached in the second quarter alone, according to one study. In an effort to learn from those incidents – and build on security progress in the sector – the Department of Health and Human Services (HHS) capped the year by releasing voluntary cybersecurity guidelines for health care professionals. The document, published Dec. 28 and developed with industry experts from the Health Sector Coordinating Council, emphasizes the financial and health impacts of cyber incidents and outlines steps practitioners can take to better secure their systems. HHS lent urgency to the guidelines’ release by underscoring that the same technologies that provide critical treatment to patients can be exploited by hackers to steal patient data or disable hospital systems. “We are under constant cyberattack in the health sector, and no organization can escape that reality,” […]
The post Health agency looks to bolster cybersecurity with new guidelines for industry appeared first on CyberScoop.
Continue reading Health agency looks to bolster cybersecurity with new guidelines for industry
Ransomware infects hospitals in Ohio, West Virginia
Ransomware has infected two hospitals in Ohio and West Virginia, a spokeswoman said Monday. A ransomware attack affected the Ohio Valley Medical Center and East Ohio Regional Hospital, Karen Janiszewski, spokeswoman for parent company Ohio Valley Health Services & Education Corp., confirmed in an email to CyberScoop. The attack Friday prevented the two hospitals, which together have 340 beds, from receiving patients via ambulance through at least part of Thanksgiving weekend, Ohio’s The Times Leader reported. No patient data was compromised and the hospitals could accept walk-in patients, according to the paper. The two hospitals are “the area’s only comprehensive behavioral and mental health services and board certified emergency services on both sides of the Ohio River,” which separates Ohio and West Virginia, according to their website. This attack is only the latest to strike U.S. medical facilities. Health care organizations have been on the frontlines of recent ransomware infections, with nearly a quarter of the 67 SamSam ransomware […]
The post Ransomware infects hospitals in Ohio, West Virginia appeared first on Cyberscoop.
Continue reading Ransomware infects hospitals in Ohio, West Virginia
DEF CON 2018: Hacking Medical Protocols to Change Vital Signs
LAS VEGAS – In recent years there has been more attention paid to the security of medical devices; however, there has been little security research done on the unique protocols used by these devices. Many of the insulin pumps, heart monitors and other … Continue reading DEF CON 2018: Hacking Medical Protocols to Change Vital Signs
‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience
In the winter finale of the popular television show “Grey’s Anatomy,” there was an unexpected guest star: ransomware. After years of dealing with natural disasters, surgical regulations, human error, lawsuits and medical accidents, the staff at Grey Sloan Memorial Hospital was forced to confront one of today’s most prominent and worrying threats to the health care industry. In the episode, the hospital’s electronic equipment fizzled out, causing life-saving patient information and diagnostic tools to stop working while the hospital’s staff was dealing with a slew of patients. Doctors received a message on their monitors — “We own your servers. We own your systems. We own your patients’ medical records.” — demanding 4,932 bitcoin (worth $20 million when the episode taped, around $40 million as of this article’s publish date) if they wished to have their systems restored to normal. While computers sputtering and loudly shutting off isn’t necessarily a true depiction of […]
The post ‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience appeared first on Cyberscoop.
Continue reading ‘Grey’s Anatomy’ attempts to bring ransomware attacks to a public audience
Report: New ransomware found in targeted attacks against health care industry
A unique variant of ransomware that appears to have been designed for and used against health care companies was recently uncovered by a researcher at cybersecurity firm Proofpoint. While most ransomware is sent out in waves to as many people as possible, Proofpoint’s findings instead show that a hacker is carefully developing specially tailored ransomware attacks for hospitals and doctor’s offices. The company has labeled the malware Defray. “At this point, all attacks into which we have visibility have been targeted,” said Kevin Epstein, vice president of threat operations at Proofpoint. “It appears that this ransomware is not for sale, suggesting that it is a personal project.” Proofpoint found only two samples of the Defray ransomware in August. Those samples, however, are likely just a subsegment of all incidents involving this computer virus. Defray has been spread through a small email phishing campaign. The emails contain booby-trapped Microsoft Word documents […]
The post Report: New ransomware found in targeted attacks against health care industry appeared first on Cyberscoop.
Continue reading Report: New ransomware found in targeted attacks against health care industry
Former CIA head: health care industry must quickly confront cybersecurity issues
Cybersecurity within the health care sector will only become a more dire issue for politicians and doctors alike as connected technology continues to expand, a panel of experts speaking at the Bipartisan Policy Center agreed Wednesday. Former acting CIA Director Michael Morrell and former Homeland Security Secretary Michael Chertoff pointed to the rapid integration of smart technology into U.S. health care system since 2008, and they noted the sector’s exposure to ransomware, data theft and disruption of connected devices. Devices such as network-connected pacemakers are vulnerable to hackers in three ways, Morrell said: through a vulnerable internet-connected network; by infiltration of the supply chain from manufacturers to hospitals; or through insider manipulation at health care facilities. The insider threat is the most direct and therefore more potentially devastating one, he said. Expanding the conversation, he said cybersecurity across all sectors “is the second-biggest threat facing the U.S. after international terrorism, and it’s the fastest-growing […]
The post Former CIA head: health care industry must quickly confront cybersecurity issues appeared first on Cyberscoop.
Continue reading Former CIA head: health care industry must quickly confront cybersecurity issues