Reading Room
Canadian province health care system disrupted by cyberattack
Bleeping Computer, November 1, 2021
The Canadian province of Newfoundland and Labrador has suffered a cyberattack that has led to severe disruption to healthcare providers and hospitals.
The attack took place on October 30th, causing regional health systems to shut down their networks and cancel thousands of medical appointments.
UMass Memorial notifies 209K patients 8 months after data breach discovery
SC Media, October 29, 2021
Nearly eight months after discovering the hack of multiple employee email accounts, UMass Memorial Health is notifying about 209,000 patients that their personal and health information was potentially compromised.
Third-Party Vendor Ransomware Attack Impacts Humana, Anthem Members
Health IT Security, October 27, 2021
PracticeMax, a billing and IT solutions provider, experienced a ransomware attack that impacted some Humana and Anthem members.
Red Teams vs. Blue Teams: What’s the Difference, and How do Health IT Leaders Run These Exercises
Health Tech, October 27, 2021
Cybersecurity threats are becoming more sophisticated, and healthcare organizations must prepare for attacks in order to mitigate damage.
Understanding And Responding To Ransomware Threats
Forbes, October 27, 2021
Police forces, healthcare providers, educational institutes, the oil industry, entire governments — no sector is immune to the ransomware epidemic. Once you’re hit, it can threaten your organization’s very existence. The threat is so pervasive, the ramifications so dire, that the U.S. Department of Justice has elevated all ransomware investigations to a similar priority class as terrorism.
Working with hospitals to reassess risk in the ransomware age
SC Media, October 27, 2021
It’s an unfortunate truth that ransomware attacks have become not only more common, but also more disruptive and dangerous, especially at hospitals, where a misplayed ransomware attack could result in a fatality.
Healthcare faces COVID-induced triple threat as cyber awareness peaks
SC Media, October 27, 2021
A shift has occurred in the healthcare sector over the course of the COVID-19 pandemic, pressing the limits of what providers can accomplish under the most overwhelming circumstances, and not just in terms of patient care.
Why Hive Attacks Are the Latest Menace to Healthcare Sector
Gov Info Security, October 26, 2021
Several characteristics of the Hive ransomware group make the threat actor particularly menacing to victims, which include healthcare sector targets, says Adam Meyers, vice president of intelligence at security firm CrowdStrike.
Reports show healthcare’s ongoing third-party vendor, vulnerability challenges
SC Media, October 26, 2021
Healthcare organizations are much more likely than any other industries to have an incident response plan, according to new Shred-it research. However, 42% of providers surveyed for the report said they don’t have prepared recovery plans in place and may not be prepared to handle a security incident.
As fewer victims pay ransoms, Conti gang looks to sell victim data
SC Media, October 26, 2021
Conti is changing its business model. Rather than post leak data as a threat, Conti is now offering stolen data from victims who have not paid ransoms for sale to outside buyers. It may be the next evolution for ransomware gangs left with boatloads of unmonetized data after victims have become dramatically less likely to pay ransoms over just the past quarter.