HEALTHCARE INFOSECURITY NEWSLETTER

December 2017

Avoid These Common Incident Response Assumptions and Planning Mistakes

Andrew Cook, deltarisk.com, November 17, 2017

Last week, I took part in one of SecureWorld Seattle’s panels, “Manage the Damage – The Current Threat Landscape.” This panel focused on the topic of developing, fine-tuning, and practicing incident response plans to be better prepared for a breach. The moderator, Jean Pawluk, and the crowd in attendance, asked some thought-provoking questions about common incident response challenges that businesses face. Here are three questions that sparked an engaging and insightful discussion between the panel.

Read More

2018 Cybersecurity Prediction: Extortion Attempts, Ransomware Will Proliferate

Jessica Davis, healthcareitnews.com, December 7, 2017

For about two years, the healthcare industry has come up against some major cyber threats. Ransomware especially has proven problematic — along with being a nuisance — as it can shut down entire systems and disrupt care. This year saw the rise of wiper malware or ransomworms, where viruses masquerading as ransomware destroyed complete networks, data and service capabilities. But those attacks were just the beginning.

Read More

North Carolina County Refuses to Pay $23,000 Ransom to Hackers

Liam Stack, nytimes.com, December 6, 2017

In a world rocked by hackers, trolls and online evildoers of all stripes, the good people of the Internet have long looked for a hero who would refuse to back down. Finally, someone has said enough is enough.

Read More

Ransomware Attack Involving Scarab Malware Sends Over 12M Emails in 6 Hours

Waqas Amir, hackread.com, November 28, 2017

Security researchers at the Austin based Anti-virus software firm Forcepoint have discovered a massive spam ransomware campaign in which the Scarab malware destroys all your files if you don’t pay the ransom, which is asked in Bitcoin. The campaign was started on 23rd November while attackers have used the largest email spam botnet on the internet called Necurs for distributing malicious emails.

Read More

Security, Privacy Issues We Need to Solve Before Non-Medical Implants Become Pervasive

Zeljka Zorz, helpnetsecurity.com, November 6, 2017

The cybernetic revolution is happening, and it’s imperative that civil liberties and privacy issues are addressed by system designers, innovators, regulators, and legislators, says James Scott, a Senior Fellow at cybersecurity think tank ICIT (Institute for Critical Infrastructure Technology).

Read More

Healthcare Cybersecurity Threats Require HHS Bill of Materials

Elizabeth Snell, healthcareitsecurity.com, November 20, 2017

The increasing amount of healthcare cybersecurity threats is pushing organizations to utilize numerous technologies to combat potential dangers. It can often be difficult though to have clear visibility into the hardware or software in those technologies, according to the House Committee on Energy and Commerce.

Read More

Holiday Cybersecurity: Defense Tips for Hospitals to Get Systems Through the Season

Bill Siwicki, healthcareitnews.com, November 20, 2017

Historically, organizations in various industries, including healthcare, have seen spikes in cyberattacks during November and December. This is in large part due to the fact that during the holidays, employees often are not in front of their desktop computer and instead performing tasks remotely – and more likely to click on links or get duped by spear-phishing emails, cybersecurity experts said.

Read More

How to Get the Most Out of Data Loss Prevention Technology to Improve Insider Threat Detection

Noah Powers, deltarisk.com, November 10, 2017

Yesterday, I attended our webinar, “How to Unlock the Full Potential of Insider Threat Tools,” and it got me thinking about the relationship between technology and past successes of insider threats. Rich Burke, Vice President of Public Sector, made a critical point during the webinar that failure to detect insiders isn’t exclusively a technology issue. There are plenty of good technologies out there, but it really takes people and processes to make them even more effective.

Read More

Cybersecurity Tops List of IT Investments for 2018

Meg Bryant, healthcareitnews.com, December 7, 2017

IT investment is growing as health systems look to ramp up and improve their telehealth services, which can sometimes save money in the long term. Also, a few high profile cyberattacks this year have led executives to see a greater need for securing their computer systems and devices.

Read More