Categories
Cyberinfrastructure Education Ransomware Smartphone Technology

Mobile ransomware in healthcare

After WannaCry mobile ransomware is infecting hospital-issued mobile phones and tablets.

mobile ransomwareMobile ransomware attacks in 2017 built upon the sharp increase from earlier years. This is simply malware that steals sensitive data or locks your smartphone permanently.

This is exactly like the WannaCry ransomware attacks that occurred in 2017.
Those same criminals will demand bitcoin payments before unlocking your device.

These mobile ransomware attacks on hospital-issued mobile devices carry risks of exposing PHI data. This is especially important if a hospital workforce employee is accessing PHI data on a personal device that is not secure.

Today healthcare needs Mobile Device Management (MDM) more than ever. Respectable MDM services install a “secure container” on a mobile device that ensures hospital data downloaded to a mobile device is stored in a secure, encrypted directory on the device. This can even prevent the user from copying the data from the container.

Categories
Cyberinfrastructure Education Milwaukee Network Ransomware Technology

Ivanti Interchange Podcast

I was humbled to be considered a guest on Ivanti’s Interchange Podcast addressing ransomware in healthcare.

it interchange podcastI added their new series to my collection of InfoSec podcasts as soon as our Hospital server team acquired Ivanti’s Patch for Windows service back in June. In this timeframe, I suggested to our Hospital’s IT patch subcommittee to consider adding Ivanti’s Patch Tuesday Webinar series into our meeting schedule.

Ivanti launched their monthly webinar in April 2017 and provide a solid overview to Microsoft’s Patch Tuesday releases. This also includes key third-party updates from Adobe, Google, and Mozilla.

After registering for October’s webinar, by chance an out-of-the-blue a marketing specialist from Ivanti called. When I confirmed our participation in the coming Patch webinar, they suggested considering their new IT Interchange Podcast. I believe they were pleasantly surprised that I was able to recite all their podcast topics.

Categories
Cyberinfrastructure Education Milwaukee Network Ransomware Technology

Ivanti Patch for Windows

The 2017 Ransomware attacks on healthcare or: How I Learned to Stop Worrying and Love Ivanti.

Ivanti’s Patch for Windows helps hospitals, clinics, and health systems mitigate ransomware attacks with agile change management, security controls and third-party patching for healthcare in the age of ransomware.
patch for windows
How did hospitals and clinics come to rely upon Ivanti? In 2017 the healthcare industry was confronted for the first time by a multi-headed monster in ransomware attacks. WannaCry, NotPetya and multiple ransomware strains have forever changed the data security landscape for hospitals, clinics and health systems.

Categories
Cyberinfrastructure Education Milwaukee Network Ransomware Technology

2017 Ransomware attacks on Healthcare

Ransomware attacks on Hospitals and Clinics have just begun

For the first time the healthcare industry was attacked by a multi-headed ransomware monster. This is only the beginning of a new attack model for hospitals and clinics to confront moving forward.
2017 Ransomware attacks

Since the first ransomware attack in early 2016 I have observed how this became a credible threat to hospitals. In 2017 an seemingly overwhelming series of attacks forced hospitals and clinics around the country to adjust long-held views and policies of information security. Due to the amount of news coverage I have added a timeline to this post to indicate how ransomware became part of the social mainstream.

Overview

A ransomware primer in three parts:
Ransomware is not new
PHI data remains highly valuable on the dark web
The Shadow Brokers, Wikileaks, and the CIA

2016 – Setting the stage
February 5th – Hollywood Presbyterian
July 12: HHS issues new guidance

2017 – The attacks begin
May 12: WannaCry IT infrastructure attacks
May 15: WannaCry medical device attacks
June 13: WannaCry building control attacks
June 15: US Congress: Lessons learned from WannaCry
June 29: NotPetya attacks
July 25: Nuance confirms NotPetya attack
October 24: Bad Rabbit attack
December 13: Nuance shuts down medical transcription service

Read more about it

Did hospitals ignore the March Microsoft Security Bulletin?
Ransomware in popular culture
Top 2017 Healthcare Ransomware Attacks
Healthcare, Cyber Insurance, & Ransomware
US Senate Bill S.2179-Data Security & Breach Notification Act

Categories
Blockchain Cloud Cyberinfrastructure Education Globalization Innovation Network OpenSource Reading Technology

Latest Read: Blockchain Basics

The Blockchain Basics by Daniel Drescher. This is a very basic blockchain book. I would recommend this to someone completely unfamiliar with blockchain. Daniel hits his mark as he places a repeated template for each step. In this design, I felt the book had trouble flowing for anyone who has already read a blockchain textbook.
Blockchain BasicsDaniel pushes the elementary lessons through 25 steps.

There is a very basic outline to the security of the blockchain. Again this book has a specific target audience: Newbie.

I have to admit that I was bored reading the text. yet was impressed by the lessons and related topics that are presented.

Yet his lessons and related topics are simple to follow. For an overall tip of the iceberg, you can fly through this book and then move to Don Tapscott, William Mougayar and Melanie Swan.