I hate it when I tweet something but forget to post it. In today’s installment of “Smacking Myself in the Forehead,” I remember to tell readers that HHS has issued a new guidance on ransomware and HIPAA. A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since…
Category: Of Note
Should you pay a hacker’s ransom?
Carl Herberger of Radware writes: If someone locked down your pacemaker, what would you pay to regain control? If hackers took over a cockpit or locomotive, what would you pay for restitution? This is the future of ransomware that we’ll almost certainly see if the evolution of these threats holds course. Any time human safety…
OHSU pays nearly $3 million over two data breaches in 2013
Lynn Terry has the scoop on what appears to be a new HHS resolution agreement. There’s nothing up on HHS’s site or in my mailbox yet about this one, but I had covered the four breaches mentioned in her report as well as a more recent breach (search OHSU). Oregon Health & Science University has…
Healthcare Sector Under Attack? Yes.
From a new report by InfoArmor: InfoArmor has identified a group of bad actors performing targeted cyberattacks on healthcare institutions and their IT infrastructure, including connected medical devices such as Magnetic Resonance Imaging systems (MRI), X-ray machines and mobile computing healthcare workstations. This group of bad actors has performed at least four successful attacks against…
9th Circuit: It’s a federal crime to visit a website after being told not to visit it
Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears…
IoT Medical Devices: A Prescription for Disaster
Tom Spring reports: Late last month, TrapX Labs’ security team spotted an uptick in the prevalence of a new more virulent strain of malware targeting hospitals and their IoT equipment. Researchers discovered attackers targeting unpatched medical equipment running Windows XP and Windows 7 with variations of attacks such as the Conficker worm, long thought obsolete. The…