Scammers are taking advantage of the monkeypox virus outbreak to launch phishing campaigns targeting healthcare providers and public health organizations to harvest credentials, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center says.
Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?
Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.
Federal authorities have issued urgent advisories - and Medtronic a voluntary product recall - about a cybersecurity flaw in some of the company's insulin pumps. If exploited, the flaw could result in patients receiving too little or too much insulin, which in extreme cases could result in death.
The Department of Health and Human Services slapped three dental practices with fines and corrective action plans in its latest round of HIPAA enforcement actions involving patient right of access. The actions come just days after a new director of the Office for Civil Rights assumed office.
Cybercriminals are netting multimillion-dollar hauls by targeting healthcare industry payment processing, the FBI warns. The criminals use publicly available personally identifiable information and deploy social engineering techniques to impersonate care providers.
A Texas nonprofit, safety net medical center is still struggling to fully bring its communications and other systems back online two weeks after a ransomware attack in which cybercriminals have demanded a ransom in the "tens of millions of dollars.
The FBI is the latest federal agency warning healthcare sector entities of cyberattack threats to medical devices, especially unpatched and outdated products, recommending that organizations take steps to identify vulnerabilities and "actively secure" the gear.
How has cybersecurity technology evolved, and are legal frameworks keeping pace with the evolution? Dr. Pavan Duggal, an advocate at the Supreme Court of India, shares his journey and talks about his passions.
A host of emerging technologies - including artificial intelligence, 5G cellular, quantum computing, nanomedicine and smart hospitals - offer the potential to revolutionize healthcare, but organizations must carefully evaluate the security risks, federal authorities warn.
Vikas Malhotra, country manager, LastPass, discusses establishing a password management program as the first line of defense in establishing user identity, followed by 2FA and MFA as the second step in the protection process.
An identity-centric approach to security will establish legitimate user behavior against suspicious user behavior using SIEM solution, coupled with machine learning algorithms, says Vivin Sathyan, senior technical evangelist at ManageEngine.
Today's big challenge for practitioners is identifying the "known and unknown" attack surface faster than the hackers. There is a need to build purpose-built sensors and asset management strategies to discover unknown attacks, says Debashish Jyotiprakash, vice president - Asia at Qualys.
Attackers could block access to every Contec patient monitoring device connected to a hospital network by sending a single malformed packet, security researchers warn. U.S. authorities say China-based Contec hasn't responded to outreach to fix the flaws.
The sheer number of connected devices in healthcare environments is one of the top challenges healthcare entities face in adopting a zero trust approach to cybersecurity, says Zachary Martin, senior adviser at law firm Venable. He discusses the obstacles to achieving zero trust in healthcare.