From a new report by InfoArmor: InfoArmor has identified a group of bad actors performing targeted cyberattacks on healthcare institutions and their IT infrastructure, including connected medical devices such as Magnetic Resonance Imaging systems (MRI), X-ray machines and mobile computing healthcare workstations. This group of bad actors has performed at least four successful attacks against…
Category: Commentaries and Analyses
IoT Medical Devices: A Prescription for Disaster
Tom Spring reports: Late last month, TrapX Labs’ security team spotted an uptick in the prevalence of a new more virulent strain of malware targeting hospitals and their IoT equipment. Researchers discovered attackers targeting unpatched medical equipment running Windows XP and Windows 7 with variations of attacks such as the Conficker worm, long thought obsolete. The…
Caldicott’s health security reform fails to address basic cyber hygiene
Richard Olver writes: The NHS treats more than 1 million people every 36 hours. These patients are often at their most vulnerable physically and emotionally, but so too are their digital selves. The health sector accounts for the most data security incidents in the UK — more than 40% of all UK incidents in Q4 2015 — and…
Analysis of Health Care Data Breach Litigation Trends
The law firm of Bryan Cave lists nine factors entities should look at when considering the risk that litigation poses following a breach. They note: Specifically, unless a plaintiff has been the victim of identity theft or has suffered some other type of concrete injury, most courts have refused to let them proceed based solely on the…
Reps. Lieu and Hurd urge ransomware events to be reported under HITECH
Representatives Ted W. Lieu (D | Los Angeles County) and Will Hurd (R | San Antonio) sent a letter to Deven McGraw, Deputy Director of the Office of Civil Rights of the Department of Health and Human Services (HHS) encouraging the office to focus on developing guidance for health care providers to respond to ransomware attacks under…
NEW: Monthly stats for health/med breaches
People have often asked me if I compile stats on the reports on my site. I haven’t, but am pleased to announce that I am now collaborating with Protenus to help them provide monthly stats for U.S. breaches involving health/medical data. You can read their first blog post on June incidents here. Here’s a snippet…