Healthcare

April 30, 2018

A slew of devices from medical technology company Becton, Dickinson and Company (BD) are vulnerable to the infamous KRACK key-reinstallation attack, potentially enabling hackers to change and exfiltrate patient records. The KRACK vulnerability, discovered last October, is an industry-wide glitch in the WPA and WPA2 protocol for securing Wi-Fi that can cause “complete loss of control over data,” ...

April 23, 2018

Symantec has identified a new attack group dubbed Orangeworm deploying the Kwampirs backdoor in a targeted attack campaign against the healthcare sector and related industries. Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within large international corporations that operate within the healthcare sector in the United States, ...

January 21, 2018

Cybercriminals have stolen a massive trove of Norway’s healthcare data in a recent data breach, which likely impacts more than half of the nation’s population. An unknown hacker or group of hackers managed to breach the systems of Health South-East Regional Health Authority (RHF) and reportedly stolen personal info and health records of some 2.9 million ...

January 16, 2018

A US hospital paid extortionists roughly $60,000 to end a ransomware outbreak that forced staff to use pencil-and-paper records. The crooks had infected the network of Hancock Health, in Indiana, with the Samsam software nasty, which scrambled files and demanded payment to recover the documents. The criminals broke in around 9.30pm on January 11 after finding a ...

August 31, 2017

Almost half a million people in the United States are highly recommended to get their pacemakers updated, as they are vulnerable to hacking. The Food and Drug Administration (FDA) has recalled 465,000 pacemakers after discovering security flaws that could allow hackers to reprogram the devices to run the batteries down or even modify the patient’s heartbeat, ...

August 21, 2017

The NHS has once again been the target of hackers, this time with a member of the famous group Anonymous managing to breach the appointment booking system and expose details of 1.2 million patients. SwiftQueue, who handles appointments of eight NHS trusts, confirmed the hack, but said that only some 32,500 “lines of administrative data” had ...

August 16, 2017

NHS Digital has set up an agreement with Microsoft that will provide support in detecting cyber threats to IT systems relying on outdated operating systems until the middle of next year The provider of data and IT services for health and social care bodies has reached a custom support agreement with the software giant that will ...

August 4, 2017

Siemens is readying patches for a number of vulnerabilities in its molecular imaging products, including some where public exploits are available. Advisories published Thursday by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) indicate that the flaws are remotely exploitable. “Siemens is preparing updates for the affected products and recommends protecting network access to the Molecular ...

July 30, 2017

The Dubai Health Authority (DHA) has launched an information security project, which comes in line with the Dubai Cyber Security Strategy. The strategy was launched by His Highness Shaikh Mohammad Bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai, with an aim to strengthen Dubai’s position as a world leader ...

July 28, 2017

Healthcare executives report a growing number of cyberattacks against their organizations over the past two years, and the vast majority have countered with larger cybersecurity investments to combat those threats. But analysts say that funding is concentrated too heavily on technology and not enough on staffing. Two-thirds of healthcare organizations have invested in information security over the past ...

July 25, 2017

We’re fortunate to live in an age when medical technology is hyper-advanced and continuing to innovate rapidly. Today, depending on where you live, you may expect to live to be up to 80 years or older; but just a hundred years ago, most people didn’t make it beyond the age of 50. Obviously researchers, medical professionals, ...

July 17, 2017

Lloyd’s of London has warned that a serious cyber-attack could cost the global economy more than $120bn (£92bn) – as much as catastrophic natural disasters such as Hurricanes Katrina and Sandy. Published two months after a ransomware cyber-attack that hobbled NHS hospitals and hit nearly 100 countries, a 56-page report from the world’s oldest insurance market ...

July 14, 2017

A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product supports card readers and integrates with video surveillance equipment, among other ...

July 4, 2017

Medicare numbers in Australia became a lot less useful as a proof-of-identity, with the Australian Federal Police investigating how an unknown number of records ended up for sale on a Tor site. The report first surfaced via The Guardian’s Australian site, with journalist Paul Farrell reporting he purchased his own record for around AU$30 on the ...

June 20, 2017

A “massive” increase in spending is needed to prevent another “avoidable” cyber attack on NHS computer systems, an expert has warned. A ransomware attack hit 11 health boards in Scotland last month, as well as many other organisations worldwide. Prof Bill Buchanan told MSPs the attack should act as a “wake-up call” to the government and health ...

June 6, 2017

A federal task force released its long-awaited cybersecurity recommendations report Friday evening. The far-reaching report from the Health Care Industry Cybersecurity Task Force was mandated by the Cybersecurity Act of 2015. The task force convened 21 wide-ranging stakeholders in medical cybersecurity, ranging from device manufacturers to hospitals to consumer advocates. Workforce issues are the “most foundational problem” for ...

June 2, 2017

The Health Care Industry Cybersecurity Task Force today released the final version of its cybersecurity report, calling on the government to write policies that would help healthcare organizations boost their defenses—a need made even more evident after last month’s WannaCry ransomware attacks. The final report, which was mandated by the Cybersecurity Information Sharing Act of 2016, ...

May 30, 2017

Hackers have published naked photos of thousands of plastic surgery patients who had work done at a Lithuanian clinic, it has been reported. Local authorities said more than 25,000 private photos and pieces of personal information from the Kaunas-based Grozio Chirurgija clinics were published on the internet. The leak includes intimate photos and data of more than ...

May 26, 2017

The medical device industry appears to be under siege by cybercriminals, but it isn’t taking steps to defend itself, according to two separate reports. Over the next 12 months, two thirds of medical device manufacturers and more than half of healthcare delivery organizations (HDOs) say that a cyber-attack on one or more medical devices built or ...

May 18, 2017

The US Food and Drug Administration (FDA) on Thursday kicked off a fortuitously-timed public workshop on medical device cybersecurity, the agency’s third on the subject to date. At the workshop, FDA officials, representatives from industry and researchers are trying to determine the current gaps in regulatory science as it relates to cybersecurity with the aim of ...