Tim Johnson reports: The attack seemed like a garden-variety digital holdup. A computer intruder, calling himself the “Albanian hacker,” left a message for the administrator of a website for an Illinois internet retailer: Pay two Bitcoins, or about $500 at the time, and the intruder would “remove all bugs on your shop!” Such demands are…
Category: Of Note
New HHS guidance on Ransomware and HIPAA
I hate it when I tweet something but forget to post it. In today’s installment of “Smacking Myself in the Forehead,” I remember to tell readers that HHS has issued a new guidance on ransomware and HIPAA. A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since…
Should you pay a hacker’s ransom?
Carl Herberger of Radware writes: If someone locked down your pacemaker, what would you pay to regain control? If hackers took over a cockpit or locomotive, what would you pay for restitution? This is the future of ransomware that we’ll almost certainly see if the evolution of these threats holds course. Any time human safety…
OHSU pays nearly $3 million over two data breaches in 2013
Lynn Terry has the scoop on what appears to be a new HHS resolution agreement. There’s nothing up on HHS’s site or in my mailbox yet about this one, but I had covered the four breaches mentioned in her report as well as a more recent breach (search OHSU). Oregon Health & Science University has…
Healthcare Sector Under Attack? Yes.
From a new report by InfoArmor: InfoArmor has identified a group of bad actors performing targeted cyberattacks on healthcare institutions and their IT infrastructure, including connected medical devices such as Magnetic Resonance Imaging systems (MRI), X-ray machines and mobile computing healthcare workstations. This group of bad actors has performed at least four successful attacks against…
9th Circuit: It’s a federal crime to visit a website after being told not to visit it
Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears…