What You Should Know:
- The healthcare industry faces a growing threat: cyberattacks targeting hospital IT systems. In response, the US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged over $50 million to fund a groundbreaking program called UPGRADE (Universal PatchinG and Remediation for Autonomous DEfense).
- The success of UPGRADE has the potential to significantly improve hospital cybersecurity and protect patient care from cyber threats. By
Read More
Healthcare Cybersecurity | Healthcare Data Security | Ransomware | Hospital Security Breaches
Why It’s Time to Go on the Offensive with Healthcare Cybersecurity
Being an avid soccer fan, player, and coach, I’ve heard countless times that “the best defense is a good offense.” As a cybersecurity professional, the concept of taking active steps to improve your team’s position resonates. However, cybersecurity programs within and outside the healthcare industry typically focus on reactive approaches.
The stakes are too high in healthcare to wait for a hacker to strike your organization, and meanwhile, the scale and scope of cyberattacks continue to
Read More
Healthcare’s Trillion-Dollar Data Breach Crisis: Cybersecurity is a Matter of Life and Death
Between January 1 and April 1, 2024, at least 16.6 million individuals were impacted by data breaches across the healthcare industry. Of those, 16.3 million - or 98 percent - were hacking/IT incidents according to the HIPAA Breach Report generated by the U.S. Department of Health and Human Services. The financial implications of these breaches are staggering with some industry estimates the impact to top $1 trillion.
The healthcare sector has become the most
Read More
Researchers Uncover Critical Vulnerabilities in GE HealthCare Ultrasound Systems and EchoPAC Software
What You Should Know:
- Security researchers at Nozomi Networks Labs have identified a total of 11 vulnerabilities affecting GE HealthCare's Vivid family of ultrasound machines, the accompanying Common Service Desktop web application, and EchoPAC PC software.
- These vulnerabilities could be exploited by attackers to disrupt critical medical procedures, compromise patient data privacy, and hinder accurate diagnoses.
Vulnerable Devices and Potential Impacts
Vivid T9
Read More
Ascension Investigating Cybersecurity Event Potentially Affecting Clinical Operations
What You Should Know:
- Ascension, one of the nation's largest nonprofit and Catholic health systems, announced today they are investigating a potential cybersecurity event detected on Wednesday, May 8th.
- According to a statement released by Ascension, unusual activity was identified on specific technology network systems. The nature of this activity suggests a potential cyberattack, though the investigation is ongoing.
Ascension Mitigation Efforts
Ascension has taken
Read More
Blackwell Security Raises $13M to Empower Healthcare Cybersecurity Operations
What You Should:
- Blackwell Security, a leading provider of specialized cybersecurity solutions designed for the healthcare industry raises $13M in funding co-led by General Catalyst and Rally Ventures.
- The funding will be strategically directed towards two key areas. Firstly, it will fuel the expansion of Blackwell's Managed Healthcare Extended Detection and Response (MHXDR) offering. This purpose-built solution addresses the unique complexities of healthcare data security and
Read More
Healthcare Cybersecurity: 5 Steps to Prepare for a Ransomware Attack
It's not a matter of if but when an organization will face a security incident. In 2023, the healthcare industry faced its toughest year, with over 124 million health records breached in a total of 725 hacking incidents, according to The HIPAA Journal. This trend shouldn’t come as a surprise given how hospitals and medical offices are relatively lucrative and easy targets for cyberattacks due to the combination of outsourced services and solutions, legacy systems, and varying degrees of network
Read More
FTC Strengthens Health Data Breach Notification Rule to Protect Consumers
What You Should Know:
- The Federal Trade Commission (FTC) has finalized significant changes to the Health Breach Notification Rule (HBNR), aiming to improve consumer protection in the digital age.
- These updates clarify the rule's application to modern technologies like health apps and expand the information healthcare providers must disclose in the event of a data breach.
Key Updates to Health Breach Notification Rule Summary
Focus on Health Apps and Emerging Technologies:
Read More
UnitedHealth Faces New Ransomware Threat After Alleged $22M Payment Failure
What You Should Know:
- UnitedHealth Group is embroiled in a new ransomware saga, just as it recovers from a February attack, according to a blog post from threat intelligence firm SOCRadar.
- A hacking group called RansomHub claims to possess 4 terabytes of stolen data from UnitedHealth's subsidiary, Change Healthcare and is demanding a ransom to prevent its release.
RansomHub's Demands and Allegations
This data supposedly includes the personal details and medical records of
Read More
Feds Launches Investigation of Change Healthcare Cybersecurity Attack
What You Should Know:
- The Department of Health and Human Services' Office for Civil Rights (OCR) has announced an investigation into the recent cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group (UHG).
- The cybersecurity attack has significantly disrupted healthcare billing and information systems nationwide, potentially impacting patient care.
Investigation Focuses on HIPAA Compliance
The OCR enforces the Health Insurance Portability and Accountability Act
Read More