Cybersecurity

63% of known exploited vulnerabilities found on healthcare networks

March 18, 2024 - Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty. The study found that 63 percent of known exploited vulnerabilities (KEVs) tracked by the Cybersecurity and Infrastructure Security Agency (CISA) can be found on healthcare networks. About...


More Articles

Healthcare data breaches are piling up 3 months into the year

by Victoria Bailey

As of the first week of March, 116 healthcare data breaches have been reported to the HHS Office of Civil Rights (OCR) in 2024, impacting over 13 million individuals. The most common breach types were...

Healthcare hit hardest by ransomware last year, FBI IC3 report shows

by Jill McKeon

The healthcare sector suffered more ransomware attacks than any other critical infrastructure sector last year, according to complaint data examined in the Federal Bureau of Investigation’s 2023...

What the LockBit ransomware gang’s return means for healthcare

by Jill McKeon

Since its emergence four years ago, the LockBit ransomware gang has been ruthlessly targeting organizations across critical infrastructure at alarming rates. The group’s constant tactic modifications and vast network of affiliates...

Lurie Children’s Restores Key Systems Following Cyberattack

by Jill McKeon

Lurie Children's Hospital in Chicago has restored its Epic EHR platform and other key systems following a cyberattack that began on January 31st, the hospital stated. MyChart remains unavailable as...

NIST Releases CSF 2.0, Caters to Audience Beyond Critical Infrastructure

by Jill McKeon

The National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework (CSF), which is broadly used to reduce cyber risk across critical infrastructure....

Healthcare Faces Uncertainty Amid Change Healthcare Cyberattack

by Jill McKeon

UPDATE 2/29/2024 - BlackCat/ALPHV has claimed responsibility for the attack and denied using the ConnectWise vulnerabilities for initial access. Healthcare organizations everywhere are feeling the impact of the Change Healthcare...

HSCC Issues Five-Year Health Industry Cybersecurity Strategic Plan

by Jill McKeon

The Healthcare and Public Health (HPH) Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) announced the publication of its “Health Industry Cybersecurity Strategic Plan”...

Cybersecurity Preparedness Tied to Lower Insurance Premium Increases

by Jill McKeon

Surveyed healthcare organizations that used the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as their primary framework saw lower cyber insurance premium...

Exploring the Health Industry Cybersecurity Practices (HICP) Publication, How to Use It

by Jill McKeon

The “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” publication, known as “HICP” for short, is the product of healthcare industry leaders and government representatives coming...

New Legislation Aims to Strengthen Healthcare Cybersecurity Within HHS

by Jill McKeon

US Senators Angus King (I-ME) and Marco Rubio (R-FL) introduced the Strengthening Cybersecurity in Health Care Act, aimed at bolstering cybersecurity efforts within HHS. Specifically, the act would...

Chicago Children’s Hospital Confirms Cyber Threat Activity

by Jill McKeon

UPDATE 2/13/24 - This article has been updated to reflect new information about the cyberattack on Lurie Children's Hospital.  Lurie Children's Hospital has entered its third week of...

Akira Ransomware Aggressively Targets Healthcare, HC3 Warns

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about Akira ransomware, a group that has been active since at least May 2023. In its short tenure, Akira has conducted...

KLAS Highlights Top Security, Privacy Solutions This Year

by Jill McKeon

KLAS Research recognized several leading security and privacy vendors as Best in KLAS winners for 2024. The 2024 Best in KLAS software and services winners were designated based on information...

Ransomware Makes ECRI’s Top Health Tech Hazards List

by Jill McKeon

ECRI named ransomware as one of the top ten health tech hazards of 2024 in its annual report, following a record year for healthcare data breaches. Ransomware and other cyber risk areas have made...

How HHS Cybersecurity Performance Goals Will Impact Healthcare

by Jill McKeon

HHS recently unveiled healthcare-specific cybersecurity performance goals (CPGs) with the intent of helping the sector prioritize the implementation of key security best practices. On their surface, the voluntary CPGs are straightforward,...

Insurance Broker Data Breach Impacts 1.5M Individuals

by Jill McKeon

Insurance brokerage company Keenan & Associates recently notified more than 1.5 million individuals of a data breach. Keenan provides insurance and risk management solutions for schools, colleges,...

FL Bill Seeks to Reduce Cyber Incident Liability For Entities That Meet Industry Standards

by Jill McKeon

Florida lawmakers have proposed new legal protections for businesses facing claims of negligence in data breach lawsuits in the recently introduced Florida House Bill No. 473. Also known as the...

Researchers Observe Increase in Emerging Ransomware Groups Targeting Healthcare

by Jill McKeon

The healthcare sector was hit hard by data breaches in 2023, with more than 540 organizations reporting breaches to HHS last year. Ransomware remains a top threat to healthcare, as exemplified by the...

HHS Unveils Healthcare Cybersecurity Performance Goals

by Jill McKeon

HHS has released sector-specific cybersecurity performance goals (CPGs) to help the sector prioritize key security actions and reduce risk. The voluntary CPGs consist of “essential” and...