Mimic: The ransomware exploiting Windows search
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreIn December 2023, the US Department of Health and Human Services (HHS) reported a surge in cyber attacks against the country’s healthcare industry. Large breaches have increased by 93% from 2018-2022, and breaches involving ransomware have risen by 273%.
Recent targets include Ardent Health Services (which runs 30 hospitals and 200 other healthcare sites across six states), which had to divert emergency care as it took its network offline following a Thanksgiving holiday attack. And HTC Global Services (which provides technology to the healthcare industry) confirmed an attack, which was claimed by threat group AlphV/BlackCat.
In response, HHS has released a new concept paper focused on how to strengthen the cyber resilience of the US healthcare sector.
It lays out four steps aimed at improving the resilience of healthcare organisations.
They are:
No organisation in any industry is immune to cyber attacks. And as many of our Black Hat MEA speakers advise – all organisations should assume breach.
But attacks on the healthcare industry have serious implications for patient safety, so more focused expertise and funding to protect the sector is important. That being said, mandatory requirements would create new challenges for organisations in the sector, and there will be resistance if the guidelines laid out by the HSS lead to such requirements.
Rick Pollack (CEO at the American Hospital Association) said in a statement, “Many recent cyberattacks against hospitals have originated from third-party technology and other vendors. No organization, including federal agencies, is or can be immune from cyberattacks. Imposing fines or cutting Medicare payments would diminish hospital resources needed to combat cyber crime and would be counterproductive to our shared goal of preventing cyberattacks.”
But as Jen Easterly (Director at the Cybersecurity and Infrastructure Security Agency) wrote here,
“The days of relegating cybersecurity to the CIO or the CISO must end. CEOs and Boards of Directors must embrace cyber risk as a matter of good governance and prioritize cybersecurity as a strategic imperative and business enabler.”
In essence, it’s a difficult balance to strike: protecting critical organisations and their patients from cyber attacks, without creating unnecessarily complex and costly regulatory challenges for them to navigate. We’ll keep watching to see what happens next.
Join the newsletter to receive the latest updates in your inbox.
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreWhat are non-human identities (NHIs) and why are they driving a paradigm shift in identity security?
Read MoreNew research shows that a growing number of organisations view cybersecurity as a strategic priority.
Read More