Healthcare

For the last decade, healthcare provider organizations have borne the brunt of securing the expansive, complex medical device ecosystem. And most of even the best-equipped health systems struggle (and don’t) close all medical device security risks.

But all that may soon change, at least for premarket device submissions.

The sweeping $1.7 trillion omnibus package passed in December 2022 included measures that give the FDA new authorities to establish medical device security requirements for manufacturers, which has led to overwhelming praise from the healthcare sector.

The omnibus included “long desired FDA authorities” previously left out of the continuing resolution, said Carter Groome, CEO of First Health Advisory. Some of these requirements for premarket submissions were included in the Protecting and Transforming Cyber Health Care (PATCH) Act, which heralded broad support from industry stakeholders.

The last FDA appropriations bill passed in September without PATCH Act elements, despite overwhelming bipartisan support — much to the chagrin of medical device security leaders. The Consolidated Appropriations Act of 2023 includes some, but not all, of the language of the PATCH Act.

“Although watered down from PATCH Act asks, it’s a big step forward for health sector resilience and ultimately the safety of people reliant on the integrity and availability of medical devices,” said Groome, who’s also a post-market medical device security advisor and member of the Health Sector Coordinating Council (HSCC).

But even the smallest step in healthcare cybersecurity is a huge win for provider organizations.

Read the full article HERE

A new DDoS-as-a-Service (DDoSaaS) platform named 'Passion' was seen used in recent attacks by pro-Russian hacktivists against medical institutions in the United States and Europe.

A DDoS (distributed denial of service) attack is when threat actors send many requests and garbage traffic to a target server to overwhelm the server and cause it to stop responding to legitimate requests.

DDoSaaS platforms rent their available firepower to those looking to launch disruptive attacks on their targets, absolving them from the need to build their own large botnets or coordinate volunteer action.

Typically, these botnets are built by compromising vulnerable IoT devices such as routers and IP cameras, uniting them under a large swarm that generates malicious requests toward a particular target.

Radware discovered the Passion platform, and although its origins are unknown, the operation has distinctive ties with Russian hacking groups, suck as Killnet, MIRAI, Venom, and Anonymous Russia.

"The Passion Botnet was leveraged during the attacks on January 27th, targeting medical institutions in the USA, Portugal, Spain, Germany, Poland, Finland, Norway, Netherlands, and the United Kingdom as retaliation for sending tanks in support of Ukraine," said Radware researchers.

Read the full article HERE

"State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory.

The attacks, which demand cryptocurrency ransoms in exchange for recovering access to encrypted files, are designed to support North Korea's national-level priorities and objectives.

This includes "cyber operations targeting the United States and South Korean governments — specific targets include Department of Defense Information Networks and Defense Industrial Base member networks," the authorities said."

Read the full article HERE

A study just published in the Journal of the American Medical Association found that the number of ransomware attacks against hospitals and other medical institutions more than doubled from 2016 to 2021 — from 43 to 91 nationally, and that figure is likely under-reported.

The study results suggest that ransomware attacks on healthcare delivery organizations are increasing in frequency and sophistication; disruptions to care during ransomware attacks may threaten patient safety and outcomes.

Read the f