Healthcare Cybersecurity Weekly Briefing 12-15-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

NewsJacker #4

In this 3+ minute NewsJacker episode, Mike shares his opinions on the most recent news in IT security:

  • Net Neutrality
    • The vote is imminent, and motivations for repeal look fishy
  • Georgia’s Hacked Voting Machine
    • Here’s a good example of why paper voting is still the best way to hold a secure election.
  • Cyber Security as a Competitive Differentiator
    • Learn the four forces accelerating infosec as a competitive advantage

 

Henry Ford Health System Data Breach Compromised Data of Nearly 20,000 Patients
Patient names birthdates, medical record numbers, provider names, dates of service, department names, locations, medical conditions and health insurers were compromised in the incident.  On Oct. 3, 2017, officials learned someone gained access to or stole the email credentials of a group of employees. These credentials enabled access to employee’s emails which contained the patient health information.

 

Ransomware Attack on NJ Provider Locks 16,000 Patient Records
The sleep center did not pay the ransom. Instead, the medical center immediately contacted the New Jersey State Police Cyber Crimes Unit and hired a computer forensics team to help with the investigation and make recommendations on how to better protect its system. Further, officials said they’re implanting stronger security measures.

 

How Will Technology Change the Standard of Healthcare?
Today, technology such as wearable data collectors and systemic applications like blockchain can be found in all areas of health. In the home and hospital field, with nurse retirements expected to surge in the next five- to 10 years, companies are looking for alternative ways to efficiently and effectively perform basic nursing care.

 

Cyber Security Is a Serious Problem for Physicians: Survey
More than four in five US physicians (83%) have experienced some form of a cyber attack, according to new research released today by the American Medical Association (AMA) and Accenture. […] The findings show the most common type of cyber attack was phishing — cited by 55% of physicians who experienced an attack — followed by computer viruses (48%). Physicians from medium and large practices were twice as likely as those in small practices to experience these types of attacks.

 

Infectious Email Is the Top Cyber Threat To Healthcare Providers: Study
Healthcare providers, the holders of some of the most sensitive possible data on consumers, rank email as their worst cyber security threat, according to a study from Mimecast Ltd., conducted by HIMSS Analytics. […] Next are laptops and other portable electronic devices, followed by paper/films and electronic medical records. Desktops rank near the bottom, and network severs are last.

 

Do You Know What Healthcare Did Last Summer? 
Interestingly this demand (and proliferation of attacks) has created an excess supply [of stolen health records]. This has led to a reported drop in street price of the records – and led to an in increase in ransomware, where the payout is immediate and requires less “creativity”. Much of the healthcare industry is beginning to realize this and investing heavily into their security as a result[.]

 

Medical Devices a ‘Bulls-eye’ for Cyber-attacks, Says Cybersecurity Executive
“There are really broad recommendations and not a whole lot of specificity when it comes to security…From a vendor point of view, it’s really important that device manufacturers realise that their targeted user is not the only person that has access to their device. They have to take security into consideration.”

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.