Latest News Articles
|560 Healthcare Providers Fell Victim to Ransomware Attacks in 2020|
Health IT Security, January 19, 2021
In 2020, Emsisoft data shows 560 healthcare provider facilities fell victim to ransomware attacks, of an overall 2,354 US entities hit by the malware variant.
|After widespread hospital attacks, targeting of health care industry continues to rise|
SC Media, January 5, 2021
A wave of ransomware attacks against hospitals in the United States and United Kingdom late last year shocked the conscious of many cybersecurity professionals. Things have only gotten worse for the health care industry since then.
|Attack sophistication means health care cybersecurity requires digital resilience|
SC Media, August 6, 2021
Cybercriminals have not taken a vacation during the pandemic and have continued to modify their tactics to great success. Recent security incidents reflect the nature of the threat landscape and serve as a reminder that even entities with strong cybersecurity practices can be exploited.
|AZ Ransomware Attack Leads to Unrecoverable EHRs, Data Loss|
Health IT Security, September 10, 2021
An Arizona medical center will have to rebuild thousands of patient records after a ransomware attack resulted in corrupted EHRs and data loss.
|Beaumont Health Latest Victim of Accellion Data Breach|
Health IT Security, September 3, 2021
Nearly nine months after the Accellion data breach, Beaumont Health in Michigan joined a list of over 11 healthcare organizations impacted by the cyberattack.
|BioTel Heart vendor breach left patients’ information public for nearly a year|
Becker’s Health IT, April 5, 2021
BioTel Heart began informing 38,575 patients that a vendor data breach may have left their personal information exposed for nearly a year.
In a data breach notice, BioTel Heart said that on Jan. 28, the healthcare provider was informed about the data breach. It launched an investigation and learned that patients’ personal information was accessible to the public between Oct. 17, 2019, and Aug. 9, 2020.
|BlackMatter Ransomware Attacks Threaten Healthcare, HC3 Says|
Health IT Security, September 9, 2021
HC3, HHS’s cybersecurity arm, released a threat brief breaking down the BlackMatter ransomware group’s origins, threat tactics, and likely targets.
|BlackMatter Ransomware Attacks Threaten Healthcare, HC3 Says|
Health IT Security, September 9, 2021
HC3, HHS’s cybersecurity arm, released a threat brief breaking down the BlackMatter ransomware group’s origins, threat tactics, and likely targets.
|CA Attorney General Calls Out Unreported Healthcare Data Breaches|
Health IT Security, August 26, 2021
After multiple ransomware attacks went unreported, California’s attorney general issued a bulletin to providers reminding them to report healthcare data breaches.
|CIS Launches No-Cost Ransomware Service for U.S. Hospitals|
Center for Internet Security (CIS), February 18, 2021
The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity vendor Akamai to proactively identify, block and mitigate targeted threats.
|CISA forms public-private partnership to fight ransomware, work on cyber defense strategy|
SC Media, August 5, 2021
The Cybersecurity and Infrastructure Security Agency announced Thursday the formation of a new committee that will bring government and industry together to work on cybersecurity issues. The move continues the Biden administration’s more proactive stance on cyber that began in May.
|CISA Launches Campaign to Reduce the Risk of Ransomware|
Cybersecurity & Infrastructure Security Agency (CISA), January 21, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.
|CISA Releases Guidance on Protecting PII From Ransomware Attacks|
Health IT Security, August 30, 2021
CISA released a fact sheet on protecting PII from ransomware attacks in light of recent high-profile cyberattacks that put personal data in jeopardy.
|Could allowlisting reduce the impact of ransomware, cyberattacks on health care?|
SC Media, July 12, 2021
A recent IDC report confirmed the health care sector is more vulnerable to the consequences of cyberattacks than other industries and the most likely to suffer application downtime, with 53% of covered entities reporting downtime after an attack.
|Customized threat intelligence can track down ransomware gangs|
SC Media, July 2, 2021
Organizations across the world are now beginning to realize that traditional security measures are largely ineffective against the current generation of increasingly sophisticated ransomware attacks.
|Cyber Vulnerability is Healthcare’s Modern Malaise|
ET Healthworld, September 8, 2021
The healthcare industry makes for an easy target for malicious actors, given its relative nascency to cyber threats and the resultant lax cybersecurity practices.
|Cyberattack Drives 2 UF Health Hospitals to EHR Downtime|
Health IT Security, June 7, 2021
Reports show UF Health in Central Florida leadership is looking into a cyberattack against two of its hospitals, while operating under EHR downtime procedures.
|Cyberattack on UVM Health Network Impedes Chemotherapy Appointments||
The cyberattack has halted chemotherapy, mammogram and screening appointments, and led to 300 staff being furloughed or reassigned.
|Cyberattacks on Healthcare Spike 45% Since November|
Threat Post, January 5, 2021
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
|Cybercriminals accessed Maryland orthopedic center’s emails for a year, affecting 125,000|
Becker’s Health IT, April 5, 2021
On March 25, the Bethesda, Md.-based Centers for Advanced Orthopaedics began notifying 125,291 patients, employees and dependents of a cyberattack that took place over a yearlong breach.
In a news release, the orthopedics center said that on Sept. 17, 2020, it identified unusual email activity and launched an investigation with assistance from cybersecurity experts. The investigation found that multiple employee email accounts were accessed by a cybercriminal between October 2019 and September 2020.
|Cybersecurity for healthcare systems, medical devices more critical than ever|
Today’s Medical Developments, June 11, 2021
Rise in ransomware attacks forcing hospitals to harden cybersecurity.
Cybercriminals have stepped up their game during the pandemic, launching ransomware attacks at a frenzied pace. In 2020, more than 90 U.S. healthcare organizations reported ransomware attacks, which affected over 600 separate clinics, hospitals and organizations and 18 million-plus patient records.
|Data Breach at Georgia Health System|
INFO SECURITY MAGAZINE, August 11, 2021
A health system in Georgia has begun notifying patients of a six-month-long data breach that culminated in a ransomware attack.
|Dead System Admin’s Credentials Used for Ransomware Attack|
Healthcare Info Security, January 28, 2021
Operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable systems during one attack, according to a recent report published by security firm Sophos.
|Dominion National reaches $2M settlement over nine-year data breach|
SC Magazine, July 6, 2021
Insurance giant Dominion National reached a $2 million settlement with the 2.9 million patients affected by its nine-year data breach, first reported in 2019. The security incident was the second-largest breach reported to the Department of Health and Human Services that year.
|Emerging Tech Shapes the Next Generation of Military Health Care|
GOVERNMENT CIO MEDIA & RESEARCH, April 19, 2021
Automation and AI can support medical decision-making on the battlefield, but security remains crucial.
|Entity-Level Encryption: The Only Defense Against Ransomware|
Forbes, June 23, 2021
As if encrypting your data for ransom wasn’t enough, an even more nefarious development has increased the impact of ransomware events on businesses. Cybercriminals have been copying and downloading data to their own servers before encrypting the data on the victims’ computers, giving the hackers two methods for financial gain.
|Eskenazi Health remains on diversion days after ransomware attack|
MSN , August 10, 2021
Eskenazi Health remains on diversion for patients coming by ambulance nearly a week after an attempted ransomware attack that led the hospital to shut down its entire computer network.
|FACT SHEET: Biden Administration Announces Further Actions to Protect U.S. Critical Infrastructure|
White House, July 28, 2021
The Biden Administration continues to take steps to safeguard U.S. critical infrastructure from growing, persistent, and sophisticated cyber threats.
|FBI Investigates Georgia Health System Ransomware Attack|
Government Technology, June 24, 2021
Nearly a week after a ransomware attack was first detected at St. Joseph’s/ Candler, the Savannah, Ga., area’s largest health-care system is still not yet back to normal as officials work with the FBI on the incident.
|FBI releases alert about Hive ransomware after attack on hospital system in Ohio and West Virginia|
MSN, August 27, 2021
FBI releases alert about Hive ransomware after attack on hospital system in Ohio and West Virginia.
|FBI says Conti ransomware gang has hit 16 U.S. health and emergency networks|
SC Media, May 21, 2021
The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 U.S. medical and first response networks in the past year.
|FBI tells Congress ransomware payments shouldn’t be banned|
MSN, July 28, 2021
Congress should not attempt to address the threat of ransomware by making ransom payments to cybercriminals illegal, a top FBI official told US lawmakers Tuesday.
|FBI Warns Egregor Ransomware Actors Actively Extorting Entities|
Cybersecurity News, Janury 7, 2021
A Wednesday FBI private industry notification warns entities that the threat actors behind Egregor ransomware are actively targeting and exploiting a range of global businesses.
|FBI warns ransomware assault threatens US health care system|
AP News, October 29, 2020
Federal agencies warned that cybercriminals could unleash a wave of data-scrambling extortion attempts against the U.S. health care system, an effort that, if successful, could paralyze hospital information systems just as nationwide cases of COVID-19 are spiking.
|Georgia St. Joseph’s/Candler health system shifts to downtime procedures amid ransomware attack|
SC Magazine, June 22, 2021
A ransomware attack against Georgia-based St. Joseph’s/Candler on June 17 spurred network outages and forced clinicians into EHR downtime procedures. Five days later, the workforce is continuing to use paper records for patient appointments.
|H-ISAC warns actors abusing RTLO in phishing campaign against health care|
SC MEDIA, August 11, 2021
A recent Health Information Sharing and Analysis Center (H-ISAC) alert warns that threat actors are targeting the health care sector with phishing attacks that leverage legitimate right-to-left override (RTLO) Unicode to appear benign and evade detection.
|Hackers claim they stole Stanford Medicine data, posted info online: 4 things to know|
Becker’s Health IT, April 5, 2021
Stanford University is investigating claims that hackers stole personal data from its medical school and published the information online.
|Hackers Dump More Health Data, as Feds Share Ransomware Factsheet|
Health IT Security, February 8, 2021
The Conti ransomware hacking group recently released two massive healthcare data dumps tied to Leon Medical Centers and Nocona General Hospital on the dark web for sale. The leaks follow a newly released National Cyber Investigative Joint Task Force (NCIJTF) ransomware factsheet.
|Hacking group behind widespread ransomware attacks disappears online|
Washington Post, July 13, 2021
A cybercriminal group that took responsibility for a massive ransomware attack that affected hundreds of businesses this month has disappeared from sight online.
REvil, which is thought to be based in Russia, was not in its usual places on the “dark web” and the regular Internet on Tuesday. Many researchers have blamed the group for the huge hack that hit technology services provider Kaseya just hours before the beginning of the Fourth of July weekend.
|Health care organizations funnel dollars into security as pandemic, medical developments drive surge in attacks|
SC Media, April 1, 2021
Organizations move on plans to strengthen security policies, increase training, invest in technology.
|Health care ransomware attacks: Oklahoma health system driven to EHR downtime|
SC Magazine, June 16, 2021
Stillwater Medical Center was hit with a ransomware attack on June 13 and is currently operating under electronic health record downtime as it attempts to bring its systems back online. The health system operates a number of care sites, specialist offices, hospitals and clinics in Oklahoma.
According to the health care provider, the IT team quickly moved to ensure the security of the environment after the incident impacted access to certain systems. Upon discovery, officials contacted law enforcement and engaged with a computer forensic firm to assist with the recovery process.
|Health Care Ransomware Strains Have Hospitals in the Crosshairs|
SECURITY INTELLIGENCE, April 23, 2021
The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease.
|Health care system faces ‘very real’ threat of ransomware attacks|
News Center Maine, June 16, 2021
Criminals usually target hospitals for medical records, since they can sell for 200 to 500 dollars on the dark web compared to 14 dollars for financial records.
|Health Cos. Must Prepare For Growing Ransomware Threat|
Health Law Advisor, June 23, 2021
Alaap Shah and Stuart Gerson of Epstein Becker Green have written an Expert Analysis on Law360 that will be of interest to our readers: “Health Cos. Must Prepare for Growing Ransomware Threat.”
|Health sector deals with ransomware, data breaches as COVID cases rise|
SC Media, August 20, 2021
Ransomware actors are having a productive week with several ongoing outages in the health care sector, including Memorial Health System and Eskenazi Health. What’s worse, the pervasive threat is continuing to disrupt the health sector, as it continues to battle another COVID-19 wave.
|Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic|
DARK READING, January 6, 2021
Hospitals and other healthcare organizations bore the brunt of cyberattacks last year, all the while struggling to cope with the challenges posed by the COVID-19 pandemic.
According to a new report this week from Check Point Software, attacks on healthcare entities worldwide jumped 45% in the past two months as attackers tried to take advantage of the pandemic by disrupting operations and extorting ransoms from organizations under tremendous pressure to provide uninterrupted services.
|Healthcare Organizations: Moving to High Alert for Ransomware|
CSO ONLINE, April 13, 2021
Numerous healthcare facilities were attacked in the last year, including one incident in Germany that lead to a death when ransomware locked systems and a patient needing critical care was turned away.
|Healthcare orgs in California, Arizona send out breach letters for nearly 150 000 after SSNs accessed during ransomware attacks|
ZD Net, September 10, 2021
LifeLong Medical Care and Queen Creek Medical Center were both hit with ransomware attacks over the past year.
|Healthcare Ransomware Attack at Indiana ENT Office Impacts 45K|
Health IT Security, August 26, 2021
Indiana-based CarePointe ENT suffered a healthcare ransomware attack that may have exposed the PII and PHI of over 48,000 individuals.
|Healthcare Ransomware Attack in CA Involves PHI of 57K|
Health IT Security, September 7, 2021
San Andreas Regional Center in California experienced a healthcare ransomware attack that may have exposed the PHI of over 57,000 individuals.
|Healthcare Ransomware Attack Leads to EHR Downtime in IN|
Health IT Security, August 26, 2021
A healthcare ransomware attack in Indiana resulted in EHR downtime and potential exposure of patient and employee PII after bad actors released data online.
|Healthcare Ransomware Attack Targets Practice Management Vendor|
Health IT Security, July 5, 2021
Practice management vendor Practicefirst announced a 2020 healthcare ransomware attack that may have exposed patient and employee PII.
|Healthcare’s Data Extortion Problem, and How to Prepare for Ransomware|
HEALTH IT SECURITY, April 12, 2021
Data extortion attempts are now occurring in at least 70 percent of all ransomware attacks. How can healthcare providers best combat these pervasive tactics?
|HHS Shares Resources for Avoiding Ransomware Attacks|
American College of Radiology, June 16, 2021
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is encouraging organizations to familiarize themselves with the growing threat of ransomware — malicious software that blocks access to a computer system until an amount of money (ransom) is paid — and to take steps to avoid the threat. HHS recently provided links to online government resources to help healthcare facilities protect their computer systems from the ransomware threat.
|HIMSS21: Your healthcare organization is crippled by ransomware. Should you pay the attackers?|
FIERCE HEALTHCARE, August 10, 2021
Cyberattacks have ramped up in recent years, and there’s now a strong chance that any given health organization will, at some point, be hit with ransomware.
|Homeland Security Secretary Backs Call for Mandatory Disclosure of Ransomware Payments|
NEXTGOV, April 29, 2021
DHS Secretary Alejandro Mayorkas said the department will work with a task force developed by the private sector on ways to tamp down the increase in ransomware attacks.
|Hospital: Patient information may have been stolen in St. Joseph’s/Candler ransomware attack|
MSN, August 11, 2021
Leaders with St. Joseph’s/Candler said some employee and patient information may have been taken during June’s ransomware attack.
|How Can Congress Aid Healthcare Cybersecurity, Fight Ransomware?|
Health IT Security, July 22, 2021
Witnesses testified before Congress this week, noting that the healthcare sector needs help battling cyberattacks and ransomware.
|How Health Facilities Can Prevent, Mitigate Ransomware in 2021|
Health IT Security, August 13, 2021
Ransomware is continuing to impact the healthcare industry, which has seen a rise in cyber-attacks since the start of the pandemic.
|How Kelsey-Seybold Clinic recovered from a ransomware attack|
Healthcare IT News, June 23, 2021
The provider’s CISO and CTO offers some best practices for pulling through an attack – and describes how to bolster cyber defenses so it doesn’t happen again.
|How precise email analysis reduces healthcare ransomware threats|
Fed Scoop, August 4, 2021
The healthcare industry has come under intensified attacks by malicious actors over the last year amid new opportunities to target institutions during the COVID-19 pandemic.
Among various cyberthreats the healthcare industry faces, ransomware poses particular risks to the patients these institutions are serving. While the goal of ransomware attacks is to extract a payment, the consequences of holding health organizations’ IT systems hostage puts patient safety and critical care at risk.
|How Ransomware Is Affecting Healthcare|
Q&A with Joanne Fitzpatrick
Joanne Fitzpatrick is a lead cybersecurity engineer in MITRE’s Cyber Solutions Innovation Center. She works closely with a range of government sponsors to increase their situational awareness and improve their resiliency to cyber attacks. She began her career at MITRE working on network architectures and security for Air Force systems.
Why are healthcare facilities such prime targets for ransomware attacks?
Hospitals and healthcare organizations, large and small, are at particular risk for ransomware. One study showed more than 500 attacks in 2020 alone, with major health systems in Texas, Minnesota, and Vermont recently coming under attack. Patient care and business systems, such as communications, billing, and electronic health records, are often disrupted, even to the point of re-routing patients to other facilities and cancelling surgeries.
Today, hospitals and healthcare centers are especially vulnerable because COVID has reduced ICU bed capacities, and medical professionals are serving COVID patients while managing existing caseloads. The pandemic has publicized the health systems’ struggles worldwide.
It’s worth noting that an adversary does not need to infiltrate an entire healthcare information system (HIS) to negatively impact an organization’s ability to deliver health services, a primary objective. They may choose to gain access to one subsystem, module, or critical file, such as the scheduling process for operating rooms. Upon gaining access, the adversary could encrypt it, prohibiting the organization from accessing or using the schedule. They would then complete the attack by demanding funds in return for the necessary software to decrypt/unlock the module or files.
Not all health organizations are equal. What do we know about how ransomware affects hospitals and health facilities in rural or underserved areas?
Great question. We tend to hear about large organizations in the media when an attack has happened. However, hospitals and health facilities in rural or underserved areas are just as vulnerable as larger, more urban organizations. Adversaries don’t adhere to rules, and don’t want to be predictable in their attack behavior. Impeding an organization from successfully providing their services to their local communities is simply a pathway to demand a ransom. Since they primarily want to extort money from an organization, they don’t really care about its size, location, or nature of their databases.
From the perspective of hospitals and health facilities in rural or underserved areas, however, their ability to protect themselves from a ransomware attack, or to be able to operate through such attacks, may be more limited than their larger counterparts because their IT infrastructure may be less mature and their resources may be more limited.
Are there considerations for organizations with small or underfunded IT/security staff?
There are two key considerations. First, such organizations typically have smaller IT and security departments, with a handful of talented people wearing many hats, and each responsible for several major operational IT areas. Staff tend to be experienced in the operations of their own organization, but often have little access to growth/training/professional development on cybersecurity issues, such as threats and attacks. Lack of time or budget is usually the reason. Additionally, there is little-to-no extra staff available to dedicate to specialty cyber topics, such as threat modeling or attack surface assessments. Second, we recognize that both small and large healthcare organizations may be targets for adversaries. Size does not matter. We’ve witnessed successful attacks at all types of health organizations. Adversaries may even exploit a smaller hospital as part of their attack navigation to exploit a larger, partnering organization.
For these reasons, we’ve build the Ransomware Resource Center to help all kinds of health organizations, whatever their size and wherever they are in their planning.
How can the Ransomware Resource Center help healthcare organizations?
We hope the Ransomware Resource Center will make two key contributions. It will inform hospitals and healthcare organizations about how to prepare, respond to, and recover from such an attack. It also will share freely with the broader community the unbiased guidance and best practices that MITRE cybersecurity and cyber resiliency professionals have provided for years to our many federal government sponsors.
What is unique about the security needs of healthcare providers, suppliers, and support organizations?
In general, their needs are similar to those of other types of business with regards to structure and process flows. However, expectations for healthcare systems are different from other sectors (such as banking or retail, for example) because human well-being and lives are at stake. Emergency rooms, maternity, and much else demands 24/7 functionality. In this way, the security needs of healthcare delivery are more like some of MITRE’s military sponsors where the safety of human life and local populations is paramount.
Where should you start if you work at a smaller organization, or don’t have the benefit of a fully-staffed information security team?
Many healthcare organizations choose to start with an assessment that asks and answers some key questions: What are our most important assets? What are the strengths and vulnerabilities of our current system? What are the roles and responsibilities around the organization if we come under attack?
MITRE has created numerous cyber tools that help organizations ask and answer these important questions. Three in particular, Cyber Tabletop Exercises, the Crown Jewels Analysis (CJA), and the Cyber Operations Rapid Assessment (CORA) are well-suited to healthcare organizations. We’ve used them extensively in helping many organizations understand where they are in facing cyber adversaries, and then pointing the way to their necessary and feasible next steps.
How can MITRE assist organizations seeking to become more resilient?
To learn more about MITRE and the ways we can work with you, contact us at HealthCyber@mitre.org. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.
|How ransomware runs the underground economy|
CSO, August 31, 2021
Ransomware gangs are adopting all the core elements of legitimate businesses—including defined staff roles, marketing plans, partner ecosystems, and even venture capital investments—and some hallmarks of more traditional criminal enterprises.
|Hoya Optical Labs Notifies Consumers of Healthcare Ransomware Attack|
Health IT Security, June 25, 2021
Hoya Optical Labs sent notices to customers alerting them of a healthcare ransomware attack in April that exposed personally identifiable information.
|Infusion Pump Vulnerabilities Point to Gaps in Medical Device Security|
Health IT Security, August 27, 2021
McAfee researchers discovered significant gaps in medical device security that may allow hackers to administer deadly doses of medications through an infusion pump.
|Intelligence Driven Exercises and Solutions (IDEAS): An uncomplicated approach for solving complicated problems|
Q&A with Theresa Fersch
Theresa Fersch is a Principal Systems Engineer with 15 years of exercise design and development expertise.
What is IDEAS?
As part of our continued focus on solving problems for a safer world, MITRE recognizes that one of our nation’s greatest challenges is that threats and adversaries are constantly evolving. Technology advances by leaps and bounds, our adversaries are becoming faster and stronger, and disruptions are becoming even more disruptive. To stay ahead of the game, we must continuously be checking and refining our assumptions, methods, and strategies. Tabletop exercises are a form of serious games that have long been used by the Department of Defense (DOD), Department of Homeland Security (DHS), the Intelligence Community (IC), and other government agencies to sharpen their focus on a problem set and their understanding of the people, processes, and technologies associated with them. Based on our previous experience, MITRE experts have developed a methodology for implementing and scaling table top exercises we call Intelligence Driven Exercises and Solutions or IDEAS.
Why is MITRE unique?
Over the last 15 years, I have led a small team of diverse subject matter experts (SME) at MITRE in tackling some of our nation’s greatest challenges by compiling lessons learned and best practices in tabletop exercise development to create a scalable and tailored methodology that can be applied to any problem set or industry.
So how did we do this?
We began with traditional tabletop exercise and wargaming methodologies and enhanced them by applying systems engineering principles and making a few key changes. We have leveraged MITRE’s culture of speed and adaptability to identify areas within these tried-and-true methods that can be standardized, replicated, and repeated. Our collaborative focus has helped us learn that by cross-pollinating expertise or applying different types of expertise to the problem set, we can identify new threats or vulnerabilities, and therefore new solutions, that might not necessarily be explored by those who are deeply familiar with the problem. By encouraging participation from specific subject matter experts, IDEAS leads build high performance teams to uniquely tailor each exercise and ensure a high degree of relevance to the problem set being explored. Our exercises and solutions provide an environment wherein participants can safely and boldly explore dynamic problem sets in unique ways to bolster understanding, identify areas for improvement, develop actionable recommendations, and harvest lessons learned.
Applying to cyber in the healthcare sector
While IDEAS began as an exercise methodology for the intelligence community, MITRE has since applied this method to numerous industries and sectors. To date, we have developed and conducted exercises ranging across cybersecurity, healthcare, economics, transportation, intelligence, international relations, defense, supply chain, and emergency management.
Most recently, MITRE has been working with Health Delivery Organizations (HDOs) across the country to build and conduct exercises with a focus on stressing, improving, and validating responses to cyberattacks.
Cyberattacks can have devastating impacts not only from a business continuity perspective, but from a patient health and safety perspective as well. We work with HDOs to fully understand their ecosystems: the roles and responsibilities of key security and emergency response personnel involved, the processes, procedures, and plans currently in place, and their technical capabilities and systems. This vital information, combined with MITRE’s extensive expertise in cybersecurity, informs exercise development to produce exercises that are relevant, realistic, and effective at exercising an HDO’s response to cyberattacks.
We exercise concepts such as:
It is our goal to ensure everyone who works with us is fully prepared to handle cyber attacks on their healthcare systems.
Interested in conducting table top exercises at your organization?
Learn more about how MITRE can help support your organization: https://healthcyber.mitre.org/blog/resources/cyber-tabletop-exercises/
|Is Your Healthcare Organization Following These Four Ransomware Best Practices?|
Security Boulevard, August 24, 2021
Healthcare is the most targeted sector for data breaches and ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020, according to the US Department of Health and Human Services Cyber Security Program 2021 Forecast. While ransomware has been a favorite among attackers for years now, the rate continues to rise each year.
|Italian vaccination registration system down in apparent ransomware attack|
NBC News, August 2, 2021
Residents of the Lazio region, which includes Rome, will not be able to book new appointments for several days, the region’s president said. Hackers have attacked the vaccination registration system in one of Italy’s largest regions, temporarily blocking residents from booking new vaccination appointments.
|Lawsuit: Health System Failed to Heed Ransomware Warnings|
Gov Info Security, September 15, 2021
A proposed class action lawsuit filed this week against St. Joseph’s/Candler Health System in the wake of a recent ransomware breach affecting 1.4 million individuals alleges that the Georgia-based healthcare entity was “reckless” and “negligent” in safeguarding patients’ information.
|Listen: How ransomware put the health sector on notice|
SC Media, September 8, 2021
Ransomware is not new in a sense that malware can encrypt files and do bad things, said Eric Decker, a chief information security officer in the health care industry. But around 2015 or 2016, he said organized crime began to leverage it as a tool in far more disruptive and destructive ways.
|Medtechs need to up their cybersecurity threat modeling game, FDA says|
Medtech Dive, August 13, 2021
Medtech companies must design and develop devices that “have far more robust security built in” to keep pace with emerging cybersecurity threats and vulnerabilities, said Suzanne Schwartz, director of CDRH’s Office of Strategic Partnerships and Technology Innovation. To do that, Schwartz says medtechs need better threat models that lay out what hackers might do to target a device and how to protect it.
|Minnesota clinic transitions to Allina Health’s EHR after ransomware attack|
Becker’s Health IT, March 31, 2021
Apple Valley (Minn.) Clinic, part of Minneapolis-based Allina Health, recently transitioned to the health system’s EHR platform following a ransomware attack on its tech services vendor that exposed nearly 158,000 patients’ information.
|Minnesota’s Lake Region Healthcare Recovering From Ransomware Attack|
IT Health Security, Janury 7, 2021
A ransomware attack struck Minnesota-based Lake Region Healthcare just before Christmas, resulting in some system disruptions; “activist” data leaks and two email hacks complete this week’s breach roundup.
|More ‘actionable’ intel needed from HHS to support health IT security|
SC Magazine, June 29, 2021
The Department of Health and Human Services has made progress in threat sharing efforts to support cybersecurity within its partnerships and the health care sector. But the Government Accountability Office found areas where HHS could better coordinate its efforts to support department information sharing and overall health IT security.
|Navajo Nation hospital the latest victim of brutal wave of ransomware attacks|
Yahoo.com, March 3, 2021
When Rehoboth McKinley Christian Health Care Services in Gallup, New Mexico, was hit with a cyberattack earlier this year, the hospital’s staff had to revert to pen and paper to keep things running.
|Opinion: We at Scripps Health were victims of a ransomware attack. Here’s what we’ve learned.|
The San Diego Union-Tribune, June 10, 2021
This past year, we’ve witnessed doctors, nurses and hospitals on the front lines of the COVID-19 pandemic performing heroically in the face of the most difficult circumstances seen in a century. Just as it seems hospitals and health-care systems may be rounding a corner on coronavirus, the cybersecurity threat has been covertly plaguing our hospital systems and critical care facilities.
|OSU Data Breach Impacts Veterans, More Ransomware Attacks|
Healthcare IT Security, June 24, 2021
Other recent healthcare data breaches include a ransomware attack in Mississippi and a breach at an Iowa eye clinic.
|Outpatient Facilities Now Top Targets for Healthcare Data Breaches|
Health IT Security, August 30, 2021
Cyber criminals are shifting their healthcare data breach targets away from hospitals and onto outpatient facilities and business associates, a new report shows.
|Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack|
NY Times, November 26, 2020
A wave of damaging attacks on hospitals upended the lives of patients with cancer and other ailments. “I have no idea what to do,” one said.
Cyberattacks on America’s health systems have become their own kind of pandemic over the past year as Russian cybercriminals have shut down clinical trials and treatment studies for the coronavirus vaccine and cut off hospitals’ access to patient records, demanding multimillion-dollar ransoms for their return.
|Phishing scheme targets unemployment insurance benefits and PII|
FTC Consumer Information, August 4, 2021
Have you gotten an alarming text message about your unemployment insurance benefits from what seems to be your state workforce agency? You’re not alone. Identity thieves are targeting millions of people nationwide with scam phishing texts aimed at stealing personal information, unemployment benefits, or both.
|Practice Management Software Vendor Practicefirst Affected by Healthcare Ransomware Attack|
Heimdal Security, July 7, 2021
New York-based Practicefirst Medical Management Solutions, a medical management company that processes data for health care providers, declared that a 2020 healthcare ransomware attack may have exposed personally identifiable information (PII) of patients and work staff.
|PwnedPiper threatens thousands of hospitals worldwide, patch your systems now|
IBM, August 2, 2021
Nine critical vulnerabilities in a popular hospital pneumatic tube software could give attackers control of infrastructure and allow them to launch additional attacks that cripple healthcare operations.
|Q&A: Mount Sinai’s Chris Frenz on Best Practices for Zero-Trust Implementation|
Health Tech, September 9, 2021
Healthcare organizations should take the time to map out the assets and traffic within their environment when creating a new security framework.
|Ransomware attack affects 750,000 Personal Touch patients, employees across U.S.|
Becker’s Health IT, April 5, 2021
Personal Touch Holding Corp., the parent company of Personal Touch Home Care centers across the U.S., recently began notifying 753,107 patients and employees of a ransomware attack on its cloud-stored business records.
The data breach occurred between Jan. 20 and Jan. 27. On Jan. 27, Lake Success, N.Y.-based Personal Touch became aware of the cyberattack on the private cloud hosted by its service providers, a news release said.
|Ransomware attack alert! The tell-tale signals to look for|
Computing, March 31, 2021
Patterns of unusual behaviour are the clearest signal of an attack, not programmes or files.
|Ransomware attack exposed info of 210K MultiCare patients, providers, workers|
Becker’s Hospital Review, March 9, 2021
More than 200,000 patients, providers and employees of Tacoma, Wash.-based MultiCare began receiving notice that their personal info had been exposed in a recent ransomware attack.
|Ransomware Attack Forces Indiana Hospital to Turn Ambulances Away|
Yahoo! News, August 5, 2021
Hackers are going after U.S. hospitals with a fresh wave of cyberattacks this week just as coronavirus cases surge around the country.
Eskenazi Health, a health-care service provider that operates a 315-bed hospital, inpatient facilities, and community health centers throughout Indianapolis, was crippled by a ransomware attack that began between 3:30 and 4 a.m. Wednesday morning, a spokesperson told The Daily Beast.
|Ransomware attack knocks out systems at Ohio and W. Virginia healthcare provider|
Silicon Angle, August 17, 2021
The Memorial Health System, a healthcare provider in Ohio and West Virginia, has been struck by a ransomware attack that knocked systems offline and forced hospital staff to use paper charts.
|Ransomware Attack on Eye Clinic Chain Affects 500,000|
Info Risk Today, June 24, 2021
Wolfe Eye Clinic, which operates diagnostic and surgical centers in 40 Iowa communities, is notifying 500,000 current and former patients that their data may have been inappropriately accessed during a recent ransomware attack. But the organization refused to pay a ransom.
|Ransomware Attack on GA Health System Impacts Staff, Patients’ PHI|
HEALTH IT SECURITY, August 11, 2021
A Georgia healthcare system sustained a cyberattack, with hackers targeting patients’ and staff members’ PHI.
|Ransomware attack on health care company, CaptureRx, exposes multiple providers|
SC Media, May 10, 2021
A ransomware attack against CaptureRx, a drug-related administrative service provider in San Antonio, Texas, resulted in the exposure of the health information of patients or customers at several health care providers across the U.S., reports ZDNet.
|Ransomware attack wipes out Arizona clinic’s EHR, corrupts 35,000 patients’ records|
Becker’s Health IT, September 9, 2021
Queen Creek, Ariz.-based Desert Wells Family Medicine recently began notifying 35,000 patients that their EHR data was compromised by a ransomware attack.
|Ransomware attacks on healthcare organizations cost nearly $21B last year, study finds|
Becker’s Hospital Review, March 12, 2021
Six-hundred clinics, hospital and healthcare organizations were attacked by 92 individual ransomware attacks, affecting 18 million patient records in 2020. The costs of these attacks are almost $21 billion, a Comparitech study found.
The report highlighted ransomware attacks published by HHS that affected more than 500 people. Data breaches affecting fewer than 500 people were included if the breach was reported elsewhere, a limitation the researchers said “only scratch[es] the surface of the problem.”
|Ransomware Attacks: CISA Shares Operational Tech Asset Security Guide|
Health IT Security, June 10, 2021
In response to ongoing ransomware attacks targeting operational tech assets and control systems of critical infrastructure entities, CISA published a guide to mitigation and response.
|Ransomware gang behind Ireland attack also hit US health and emergency networks|
MSN, May 23, 2021
The ransomware attack that hobbled the Irish healthcare system was far from an isolated incident. BleepingComputer and Gizmodo note that the FBI has issued a flash alert warning that the ransomware group behind the Ireland attack also targeted “at least” 16 healthcare and emergency networks, including police and 911 dispatch centers. The group used Conti ransomware that steals files, encrypts systems and pressures victims into paying through a portal lest their data be sold or published online.
|Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase|
MSN, September 13, 2021
Ransomware groups have shown no signs of slowing down their assault on hospitals, seemingly ramping up attacks on healthcare institutions as dozens of countries deal with a new wave of COVID-19 infections thanks to the potent Delta variant.
|Ransomware in Healthcare: The Costly Reality of Withstanding Hackers|
HIT Consultant, August 13, 2021
How much larger a percentage of U.S. gross domestic product (GDP) can healthcare command?
This isn’t a rhetorical question, even if it may be difficult to come up with a direct answer.
|Ransomware in healthcare: The inevitable truth|
MedCity News, October 30, 2020
The best path forward for healthcare organizations is first to understand the characteristics, causes, and indicators of ransomware attacks and then be proactive in taking preventative measures.
|Ransomware Task Force releases long-awaited recommendations|
SC Media, April 29, 2021
The Ransomware Task Force (RTF), a collaboration of more than 60 stakeholders, released its long-awaited ransomware framework on Thursday morning, advocating nearly 50 interlocking government and private sector strategies to tackle the criminal scourge.
|Ransomware, supply chain attacks compel health care organizations to act|
SC Media, March 9, 2021
If ransomware and data exfiltration attacks that targeted hospitals and vaccine researchers during the pandemic signaled a cyber hygiene crisis in health care, the SolarWinds supply chain attack demonstrated just how deep the problem goes.
A new report issued this week by the CyberPeace Institute seeks to illustrate the human impact that relentless cyberattacks have on health care staffers, patients and society. Featuring a compilation of interviews, outside research and recent news stories, the report offers key recommendations for various stakeholders.
|Reality of health care threats disconnected from cybersecurity investments|
SC MEDIA, August 12, 2021
Despite the health care sector remaining a prime target for threat actors, many provider organizations don’t see cybersecurity investment as a priority and few name cyber as a high priority spend, according to a new report from CyberMDX in collaboration with Philips.
|Recent Breaches Underscore High Healthcare Security Risk|
Dark Reading, September 10, 2021
Healthcare institutions in California and Arizona are sending breach notification letters after attackers compromised thousands of patients’ data.
|Relentless cyberattacks are putting financial pressure on hospitals: Fitch Ratings|
Fierce Healthcare, July 26, 2021
A historic jump in the number and severity of cyber assaults on hospitals during the last 18 months will cause “material revenue and expense pressures” on nonprofit hospitals and health systems, according to a report from Fitch Ratings.
The sector is viewed as a target-rich environment due to the large amount of sensitive data that healthcare entities maintain for patient care and operations.
|Report: Cyberattacks drive 185% spike in health care data breaches in 2021|
SC Media, July 13, 2021
More than 22.8 million patients have been impacted by a health care data breach so far in 2021, a whopping 185% increase from the same time period last year where just 7.9 million individuals were affected according to a new report from Fortified Health Security.
|REvil STrikes Again – Ransomware Attack on UnitingCare Queensland|
The National Law Review, June 28, 2021
Following a ransomware infection in late April, UnitingCare Queensland has suffered a nearly 2 month long ordeal to regain control of its systems. UnitingCare was a victim of malware called Sodinokibi/REvil which encrypted its files and attempted to delete backups.
The attack shutdown a range of UnitingCare’s core systems and forced its facilities to revert to paper-based and manual workarounds to continue operating.
|Rewards for Justice – Reward Offer for Information on Foreign Malicious Cyber Activity Against U.S. Critical Infrastructure|
U.S. Department of State, July 15, 2021
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).
|Rise in Healthcare Data Breaches Driven by Ransomware Attacks|
CPO Magazine, March 18, 2021
There was a general rise in cyber crime in 2020 due to pandemic conditions, but one notable trend that stood out was a spike in the number of major healthcare data breaches. A new report from cybersecurity firm Tenable reviews the entirety of 2020’s publicly disclosed breaches (along with the first two months of 2021) and finds that this spike can be overwhelmingly attributed to ransomware attacks.
|Risk to patient safety from cyberattacks critical, even as specifics about direct links remain elusive|
SC Media, September 9, 2021
Critical attacks against health care thrived in the last year. Now, as patient volumes continue to surge in some parts of the country, safety concerns grow increasingly dire.
And yet, say experts, specific data that clearly demonstrates the impact of cyberattacks on patient care remains elusive. This reality, in fact, further complicates an already complex effort among health care providers to establish technology plans and processes that put patient safety and care first.
|Sanford Health, Eskenazi Health recovering from cyberattacks in EHR downtime|
SC Media, August 5, 2021
Cyberattacks on two U.S. health systems have forced the providers into electronic health record (EHR) downtime procedures: Sanford Health in South Dakota and Eskenazi Health in Indianapolis, according to multiple local news outlets and statements from the health systems.
|Second FinCEN Exchange on Ransomware to Take Place in August|
FinCEN, July 15, 2021
The Financial Crimes Enforcement Network (FinCEN) today announced it will convene a FinCEN Exchange in August 2021 with representatives from financial institutions, other key industry stakeholders, and federal government agencies to discuss ongoing concerns regarding ransomware, as well as efforts by the public and private sectors. The FinCEN Exchange will build upon FinCEN’s November 2020 event on ransomware. FinCEN anticipates that this FinCEN Exchange will assist its government and private sector partners to inform next steps to address ransomware and focus resources to mitigate the threat.
|Secretary Mayorkas Outlines His Vision for Cybersecurity Resilience|
Homeland Security, March 31, 2021
On March 31, Secretary Mayorkas outlined his vision and roadmap for the Department’s cybersecurity efforts in a virtual address hosted by RSA Conference, in partnership with Hampton University and the Girl Scouts of the USA.
|Surgeries canceled, care diverted as Memorial Health responds to cyberattack|
SC MEDIA, August 16, 2021
Memorial Health System in Ohio is currently operating under electronic health record (EHR) downtime procedures and diverting emergency care patients, after a cyberattack struck its network during the early hours of Sunday, Aug. 15. All radiology exams and urgent surgical cases scheduled for Aug. 16 have also been canceled as a result.
|Texas Medical Center Breach Affects 640,000|
Data Breach Today, January 22, 2021
An apparent ransomware incident at a Texas healthcare organization has potentially compromised the protected health information of more than 640,000 individuals.
|The human cost of ransomware: Disruption to Irish health service will continue for months|
ZDNet, June 24, 2021
Patients in Ireland told to continue to expect delays or cancellations to appointments after its health service was hit with ransomware in May.
|The Ideal Ransomware Victim: What Attackers Are Looking For|
KELA, September 6, 2021
In July 2021, KELA observed threat actors creating multiple threads where they claimed they are ready to buy accesses and described their conditions. Some of them appear to use access for deploying info-stealing malware and carrying out other malicious activities. Others aim to plant ransomware and steal data.
|The Institute for Security and Technology (IST) Launches Multi-Sector Ransomware Task Force (RTF)|
Institute for Security and Technology (IST), December 21, 2020
The Institute for Security and Technology (IST) — in partnership with a broad coalition of experts in industry, government, law enforcement, nonprofits, cybersecurity insurance, and international organizations — is launching a new Ransomware Task Force (RTF) to tackle this increasingly prevalent and destructive type of cybercrime. The RTF’s founding members understand that ransomware is too large of a threat for any one entity to address, and have come together to provide clear recommendations for both public and private action that will significantly reduce the threat posed by this criminal enterprise.
|The National Cyber Investigative Joint Task Force Releases Ransomware Fact Sheet|
FBI.gov, February 4, 2021
The National Cyber Investigative Joint Task Force (NCIJTF) has released a new joint-seal ransomware fact sheet. This educational product is intended to provide the public important information on the current ransomware threat and the government’s response, as well as common infection vectors, tools for attack prevention, and important contacts in the event of a ransomware attack.
|THE PANDEMIC REVEALED THE HEALTH RISKS OF HOSPITAL RANSOMWARE ATTACKS|
The Verge, August 19, 2021
In late October 2020, the University of Vermont Health Network was hit by a ransomware attack. The system couldn’t access electronic health records for nearly a month. Every computer at UVM Medical Center was infected with malware. Hospitals in the network delayed chemotherapy and mammogram appointments, just as COVID-19 cases in the United States started to tick upward in what would become an enormous winter wave.
|The Ransomware Crime Wave Has Made Zero Trust Critical|
eWEEK, July 12, 2021
Zero trust proceeds from the foundational framework that no individual, no device, no application, no thing can be trusted as secure.
The spate of ransomware attacks that have shaken the U.S. in recent weeks has generated a lot of media coverage, much of it focusing on the more sensationalistic aspects of the incidents and their fall out.
|The rise of ransomware within healthcare|
Open Access Government, August 23, 2021
David Higgins, EMEA Technical Director, CyberArk, explores three reasons why healthcare organisations are extra vulnerable to ransomware.
|Top 5 ransomware operators by income|
MSN, August 11, 2021
Jack Cable, a security architect at Krebs Stamos group, and a former U.S. Cybersecurity and Infrastructure Security Agency worker, has started a ransomware payments tracking site called Ransomewhere.
|Two ransomware gangs, Vice Society and Magniber, said to launch attacks via PrintNightmare|
SC MEDIA, August 13, 2021
Researchers over the past couple of days reported that two different ransomware gangs — one fairly new, the other several years old — have been actively exploiting the PrintNightmare vulnerability in the Windows Print Spooler service to launch ransomware attacks.
|U.S. healthcare hit by yet another cyberattack|
Digital Journal, September 11, 2021
The U.S. medical body, California health center LifeLong Medical Care, has been struck by a ransomware attack. The attack was sufficiently wide to leak personally identifiable information of around 115,000 patients across numerous health organizations.
|UF Health admits patient data may have been compromised in ransomware attack|
Villages-News, July 31, 2021
Two months after a ransomware attack was launched on its computer systems, UF Health-The Villages Hospital is admitting that patient data may have been compromised.
The attack was discovered over the Memorial Day weekend at the hospital in The Villages and its sister medical center in Leesburg. Although UF Health initially shrugged it off as a “glitch,” the truth poured out through accounts of patients and staff who described the nightmare which accompanied the ransomware attack.
|UK healthcare sector must protect itself against cybercrime, experts say|
Pharmaceutical Technology, June 29, 2021
The National Cyber Security Centre defended the UK health sector from over 700 attacks between September 2019 and August 2020.
In May 2017, a global ransomware attack known as WannaCry affected hundreds of thousands of computers around the world – including those belonging to the NHS, which saw 80 of out 236 trusts across England compromised. Four years on, the healthcare sector remains the top target for cyberattacks.
|Universal Health Services Estimates $67 Million in Ransomware Losses|
Info Security Magazine, March 2, 2021
A ransomware attack on Universal Health Services (UHS) last autumn cost the company an estimated $67 million in downtime and related expenses, it has revealed.
The Fortune 500 healthcare organization has tens of thousands of employees in the US and UK and annual revenues exceeding $10 billion.
|US healthcare org sends data breach warning to 1.4m patients following ransomware attack|
The Daily Swig, August 19, 2021
The medical and financial data of 1.4 million people was potentially exposed earlier this year in the latest ransomware attack to hit a major US healthcare provider.
St. Joseph’s/Candler (SJ/C), the largest healthcare network in Savannah, Georgia, says in a statement that it first detected the breach on June 17.
After it isolated its systems, an investigation carried out with the help of external security firms found that the attackers had originally gained access on December 20 last year.
|UVM Health Continues to Feel Effects of Ransomware Attack|
Health IT Security, June 24, 2021
Eight months after a ransomware attack that incurred costs upwards of $63 million, UVM Health continues to experience setbacks and financial losses.
|UVM Health Delays Epic EHR Implementation After Cyberattack, COVID-19|
EHR Intelligence, January 6, 2021
One of 2020’s worst cyberattacks resulted in University of Vermont (UVM) Health delaying its Epic EHR implementation schedule.
|Vendor ransomware attack exposes patient information at South Carolina practice|
Becker’s Hospital Review, March 8, 2021
Sandhills Medical Foundation notified patients that an external cloud vendor underwent a ransomware attack, exposing patients’ personal information, according to a news release. The attackers accessed Sandhills’ system on Nov. 15 and extracted Sandhills’ data before the ransomware attack was launched on Dec. 3.
|What Happens After a Ransomware Attack in the Health IT Environment?|
Health IT Security, June 9, 2021
CyberMDX’s Ido Geffen takes a hard look at ransomware attacks within a healthcare environment, including what providers are getting wrong and needed security mitigations.
|When Ransomware Group REvil Vanished, Its Victims Were Stranded|
Bloomberg, July 27, 2021
Ransomware attacks always hurt—but perhaps never more so than when the victim is compromised through the very company they pay for IT and security services. That’s what happened to the nearly 1,500 targets attacked through a vulnerability at Kaseya Ltd., an IT management and antivirus software provider.
|White House announces ransomware task force — and hacking back is one option|
Politico, July 14, 2021
The administration is promoting efforts to help agencies go on defense and offense against hackers whose economically paralyzing attacks pose a growing threat to the U.S.
|White House urges US companies to take ransomware seriously|
Tech Republic, June 3, 2021
A new White House memo to business leaders underscores the threat of ransomware and offers advice on how to protect their companies.
|Why “Ransomware Insurance” Causes Healthcare Industry to Overlook Deeper, Underlying Security Issues|
CPO Magazine, September 2, 2021
In most circumstances, insuring your organization against potential threats is a solid idea. Within this frame of logic, particularly for a healthcare organization, a sector where 34% of all organizations were hit by ransomware last year, insurance may seem like a good investment.
|Why healthcare security needs urgent care|
Hospital Healthcare, July 28, 2021
Increased ransomware incidents in health care require stringent protection of critical systems and data.
Australia’s healthcare sector has been the target of increased cybersecurity incidents since COVID-19 forced digital care into the spotlight. Sensitive data collected by healthcare providers, as well as their increased reliance on cloud-based services and telehealth, make the industry a prime target.
|Why ransomware attacks in healthcare remain a problem – and how to stop them|
SC Media, September 8, 2021
If data has value, then electronic health records are a treasure trove. Today’s emboldened and ever-more-sophisticated cyber criminals know this. With many healthcare organizations again stretched thin to address raising COVID-19 case counts, there’s little doubt that we will see a steady drumbeat of new ransomware attacks, building on the record number so far this year.