Reading Room

Healthcare Info Security, December 14, 2022

Ransomware operations have become expert at finding ways to make a victim pay, and healthcare organizations are no exception. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that in the event of an attack, they can quickly restore systems and never have to consider paying a ransom.

Read full Healthcare Info Security article.

Bank Info Security, December 13, 2022

A ransomware attack on the Irish healthcare system in 2021 has caused 80 million euros in damages and counting as the government continues to notify victims of the incident that their personal information was illegally accessed and copied.

Read full Bank Info Security.

SC Media, December 13, 2022

Healthcare cybersecurity leaders are being urged to review the IOCs and the recommended proactive measures for defending against BlackCat and LockBit 3.0 ransomware variants given the continued targeting of healthcare environments.

Read full SC Media article.

SC Media, December 12, 2022

Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, much like in 2021. The fallout for many of these cyberattacks resulted in impacts for multiple connected providers, with two of these vendor incidents affecting hundreds of providers.

Read full SC Media article.

HHS, December 12, 2022

HC3: Analyst Note. Report: 202212121700
LockBit 3.0 Ransomware

LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion technique where sensitive data is encrypted and exfiltrated. The actor requests payment to decrypt data and threatens to leak the sensitive data if the payment is not made.

Download HHS Report as PDF.

SC Media, December 8, 2022

Since the emergence of the human-operated ransomware threat group known as Royal in September, the Department of Health and Human Services Cybersecurity Coordination Center has been made aware of targeted cyberattacks against the healthcare sector.

Royal-based attacks have steadily increased in appearance over the last three months with ransom demands ranging from $250,000 to more than $2 million.

Read full SC Media article.

SC Media, December 7, 2022

An assessment of the monthslong outage at New Zealand Waikato District Health Board last year revealed that despite being prepared and clear awareness of cybersecurity priorities, the response was dogged by a lack of practiced preparedness and a number of other missteps.

Read full SC Media article.

Healthcare Dive, December 5, 2022

• Personal information of patients and their family and caregivers may have been accessed.
• System said it discovered that cyberattackers gained access to portions of its network.
• Impacted people may have received services from certain facilities of Virginia Mason Franciscan Health.

Red full Healthcare Dive article.

Becker’s Health IT, December 5, 2022

Silverdale, Wash.-based St. Michael Medical Center experienced an October ransomware attack that exacerbated the hospital’s short staffing issues that have been persisting for months, Kitsap Sun reported Dec. 2.

The hospital was a part of the ransomware attack that plagued Chicago-based CommonSpirit facilities, and due to the attack, St. Michael’s had to shut down its Epic EHR system.

Read full Becker’s Health IT article.

Health IT Security, December 5, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory to warn critical infrastructure organizations of tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware.

Read full Health IT Security article.