Tag: HITRUST

2018 Ransomware attacks on Healthcare

Post author By Don Kasprzak
Post date March 4, 2018

The impact of ransomware, botnets and crypto mining will continue to impact hospitals and clinics in 2018.

ransomware, botnets and crypto mining

More precise, targeted attacks including botnets and crypto mining are projected to overtake global attacks hospitals witnessed with WannaCry and NotPetya.

Healthcare Information Security teams must show risk tolerance and carefully monitor new trends in malware, patch management, and change management.

Ransomware via botnets and crypto mining will continue to drive agile healthcare technology solutions, This will impact business shifts in governance and policy across US healthcare facilities as new attacks continue to focus on financial based malware.

Moving into the new year global attacks may give way to targeted attacks, botnets and crypto mining that have been branded as WannaMine.

Tags badrabbit, botnets, crypto mining, cyber attacks, cyberinsurance, ECRI, fda, healthcare, HITRUST, malware, nist, notpetya, ransomware, wannacry, wannamine

Cyberinfrastructure Education Milwaukee Network Ransomware Technology

Ivanti Patch for Windows

The 2017 Ransomware attacks on healthcare or: How I Learned to Stop Worrying and Love Ivanti.

Ivanti’s Patch for Windows helps hospitals, clinics, and health systems mitigate ransomware attacks with agile change management, security controls and third-party patching for healthcare in the age of ransomware.

How did hospitals and clinics come to rely upon Ivanti? In 2017 the healthcare industry was confronted for the first time by a multi-headed monster in ransomware attacks. WannaCry, NotPetya and multiple ransomware strains have forever changed the data security landscape for hospitals, clinics and health systems.

Tags change management, chris goettl, cyber insurance, cyberinsurance, cybersecurity, healthcare, HITRUST, ivanti, malware, medical device, Patch for Windows, patch management, patch tuesday, ransomware

Cyberinfrastructure Education Milwaukee Network Ransomware Technology

2017 Ransomware attacks on Healthcare

Post author By Don Kasprzak
Post date January 27, 2018
1 Comment on 2017 Ransomware attacks on Healthcare

Ransomware attacks on Hospitals and Clinics have just begun

For the first time the healthcare industry was attacked by a multi-headed ransomware monster. This is only the beginning of a new attack model for hospitals and clinics to confront moving forward.
2017 Ransomware attacks

Since the first ransomware attack in early 2016 I have observed how this became a credible threat to hospitals. In 2017 an seemingly overwhelming series of attacks forced hospitals and clinics around the country to adjust long-held views and policies of information security. Due to the amount of news coverage I have added a timeline to this post to indicate how ransomware became part of the social mainstream.

Overview

A ransomware primer in three parts:
Ransomware is not new
PHI data remains highly valuable on the dark web
The Shadow Brokers, Wikileaks, and the CIA

2016 – Setting the stage
February 5th – Hollywood Presbyterian
July 12: HHS issues new guidance

2017 – The attacks begin
May 12: WannaCry IT infrastructure attacks
May 15: WannaCry medical device attacks
June 13: WannaCry building control attacks
June 15: US Congress: Lessons learned from WannaCry
June 29: NotPetya attacks
July 25: Nuance confirms NotPetya attack
October 24: Bad Rabbit attack
December 13: Nuance shuts down medical transcription service

Read more about it
Did hospitals ignore the March Microsoft Security Bulletin?
Ransomware in popular culture
Top 2017 Healthcare Ransomware Attacks
Healthcare, Cyber Insurance, & Ransomware
US Senate Bill S.2179-Data Security & Breach Notification Act

Tags bad rabbit, clinical engineering, cyber insurance, cybersecurity, DHS, ECRI, healthcare, HITRUST, ivanti, malware, medical device, notpetya, patch management, patch tuesday, patching for windows, ransomware, wannacry