Healthcare Cybersecurity Weekly Briefing 6-16-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

Healthcare Industry Suffers the Most Cyber Attacks
“The data shows that healthcare and education are consistently targeted and attackers can easily evade perimeter defenses,” the report states. At the same time, the study found attack rates increasing across the board, with the average number of reconnaissance, lateral movement and exfiltration detections all increasing by more than 265 percent. Reconnaissance detections, a first step in ransomware campaigns, were up by 333 percent over 2016.

HHS Prepares to Unveil Cybersecurity Communications Center by the End of the Month

The Department of Health and Human Services (HHS) will officially open its healthcare-specific cybersecurity communication center by the end of the month, according to HHS officials, after withstanding an unexpected test run during last month’s ransomware attack. Scanlon said the Department of Homeland Security, which operates the National Cybersecurity and Communications Integrations Center (NCCIC), recommended HHS open their own version specifically for the healthcare industry. HCCIC will focus its efforts on analyzing and disseminating cyberthreats across the healthcare industry in real time.

HHS Gives Providers Cyber-Attack Advice

The HHS guide offers HIPAA-covered entities step-by-step recommendations for how to handle a cyber-related event, such as a ransomware attack, beginning with immediately executing their response procedures and contingency plan. Providers should fix any technical issues and stop the incident. They then should mitigate any “impermissible disclosure” of protected health data whether through in-house efforts or with help from an outside entity.

HHS’ Cybersecurity Center Offering Much More Than a Band-Aid for Health IT Cyber Attacks
HHS officials recently testified before Congress that the center did exactly what it was intended to do during last month’s WannaCry ransomware attack, and further proved the point that paralyzing cyber attacks on health IT are only a click away. “In the recent WannaCry immobilization,  HCCIC analysts provided early warning of the potential impact of the attack and HHS responded by putting the secertary’s operations center on alert,” said Leo Scanlon, deputy chief information security officer at HHS, during a June 8 House energy and commerce subcommittee hearing.

Cybersecurity Checklist for HIPAA Covered Entities
While the HHS checklist is certainly a practical resource for healthcare providers, it does not (and absolutely should not) alleviate a healthcare provider’s responsibility to create, implement, and continuously test/update an incident response plan (“IRP”) tailored to that provider’s circumstances and vulnerabilities. Relying solely on the HHS checklist without an IRP will surely result in panic-based reactions with no structure to guide next steps when a cyber-related security incident inevitably occurs.

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing at:


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.