HEALTHCARE INFOSECURITY NEWSLETTER

January 2016


Cybersecurity: What 2016 Taught the Healthcare Industry

Marla Durben Hirsch, Fiercehealthcare.com, December 19, 2016

One of the biggest developments in EHRs and health IT in 2016—unfortunately—was the rise of cyberattacks. It’s the unintended consequence of ditching paper records for electronic, on in-house systems or in the cloud. It’s easier to steal or compromise a greater number of records at one time when they’re digital. And the records themselves are lucrative (although the price for medical records appears to have dropped, perhaps because they’re now flooding the dark web market).

Read More

The Cost of Ransomware Attacks Can Reach Far Beyond the Ransom Payment Itself

Ryan Bergsieker and Allison Chapin, Gibson, Dunn & Crutcher, December 22, 2016

The ransomware epidemic continues to spread. According to the Federal Bureau of Investigation, ransomware victims in the United States reported a total of more than $209 million in losses in the first three months of 2016 alone. The U.S. Department of Justice has reported that an average of 4,000 ransomware attacks occur in the United States each day.

Read More

No Phishing: OCR Warns of Phishing Attempts Disguised as Official HIPAA Audit Program Emails

William W. Hellmuth, Adam H. Greene and Rebecca L. Williams, Privsecblog.com, December 13, 2016

What’s worse than receiving an email indicating that you have been selected for an audit by your favorite government regulator? Clicking on a link in the email and discovering that it is a phishing attack that has just compromised your computer and your network.

Read More

Medical Data: Accessible and Irresistible for Cyber Criminals

Taylor Armerding, Csoonline.com, December 19, 2016

Apparently it depends. Based on at least some price comparisons on the Dark Web – the underground online marketplace for cyber criminals – electronic health records (EHR) are not even close to premium goods.

Read More

HHS Offers Tips on Mitigating DDoS Risks

Marianne Kolbasuk McGee, Healthcareinfosecurity.com, December 8, 2016

Federal regulators have issued an alert urging healthcare sector organizations to take specific steps to prevent falling victim to distributed denial-of-service attacks.

Read More

How Evolving Cyber Threats Affect Health Data Encryption

Elizabeth Snell, Healthitsecurity.com, December 12, 2016

As cyber threats continue to become more intricate, organizations should consider health data encryption options to keep data secure.
Data encryption options are quickly becoming a top security choice for healthcare organizations that are looking to remain innovative but still keep patient data out of the wrong hands. With a recent survey showing the quick growth of the global encryption software market, covered entities should ensure they understand how data encryption could be implemented at their organization.

Read More

Implantable Medical Devices Can Be Hacked to Harm Patients

Peter Sayer, Csoonline.com, December 1, 2016

It’s possible to transmit life-threatening signals to implanted medical devices with no prior knowledge of how the devices work, researchers in Belgium and the U.K. have demonstrated.

Read More

IDC Predicts Healthcare Ransomware Attacks to Double by 2018

Elizabeth Snell, Healthitsecurity.com, November 29, 2016

The convergence of mobile, social, and sensors is just one factor leading to the continued growth of healthcare ransomware attacks over the next two years.
Numerous industries have been working to combat, prevent, and mitigate malicious malware attacks. The healthcare sector has found itself particularly vulnerable to such attacks, and research has shown that the number of healthcare ransomware attacks often outweighs other industries.

Read More