The group behind the disruptive SamSam ransomware has attacked 67 different organizations in 2018, nearly a quarter of which were health care organizations, new research shows. SamSam, which is deployed in a more targeted way than other ransomware, hobbled Atlanta’s municipal agencies in March, and reportedly struck medical-testing giant LabCorp in July.
Cybersecurity company Symantec has released data showing that of the 67 organizations targeted by the SamSam group in the last 10 months, more than 80 percent are based in the United States. “SamSam continues to pose a grave threat to organizations in the U.S.,” a Symantec blog post states. “The group is skilled and resourceful, capable of using tactics and tools more commonly seen in espionage attacks.”
Read more about the SamSam ransomware campaigns on CyberScoop.
Many industries are grappling with how to digitize their services, and healthcare is no different. Hospitals have turned to electronic medical records (EMR) and electronic health records (EHR) in recent years to streamline communication between doctors and improve the patient experience. Google and Windows have offered their services to hospitals, and Apple recently added a health records app to their new iOS that is compatible with more than 40 different health systems.
A new survey of 600 healthcare IT managers from Jamf conducted by Vanson Bourne found that 90% were implementing or considering a mobile device initiative, and 96% of those who already had said the plans had a noticeably positive impact on the experience of their patients. Despite hailing mobile device initiatives as the wave of the future, most of those surveyed also expressed worry about the safety and security of the devices.
Read more about the findings of the new Jamf survey on TechRepublic.
More data breaches happened in the third quarter of 2016 than in the year’s first two quarters. That’s according to the Protenus Breach Barometer, which found that 118 security incidents either reported to the Department of Health and Human Services or first disclosed in the media or other sources in the third quarter compared with 89 in the second quarter.
Read more about the Protenus Breach Barometer by DataBreaches.net which found that health care data breaches in third quarter of 2016 have outpaced previous two quarters on Healthcare IT News.
Read Michael Laycob, Pou-I Lee, and David Zetoony explain the causes for healthcare data breaches on JD Supra :
Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches of unsecured protected health information (“PHI”).
Read why Elizabeth Snell says that information sharing is the key to improving healthcare cyber security on Health IT Security :
Improving the outreach and information sharing on healthcare cybersecurity issues, along with having more educated and qualified cybersecurity personnel and health IT experts will be essential in strengthening the healthcare cybersecurity infrastructure, according to the Healthcare Information and Management Systems Society (HIMSS).
Read Donald Voltz’s article about whether forensics can thwart data breaches in health care sector on CIO :
As Halloween approaches, the usual spate of horror movies will intrigue audiences across the country, replete with slashers named Jason or Freddie running amok in the corridors of all-too-easily accessible hospitals. Unfortunately, this horror movie scenario is similar to how data thefts often occur at medical facilities.
Read Elizabeth Snell’s article about how health care data breach victims are affected by cyber attacks on Health IT Security :
The large fiscal cost to individual victims stemming from medical identity theft is just one of the key ways that healthcare data breaches affect patients, according to a recent report from the Institute for Critical Infrastructure and Technology (ICIT).
Cyber security remains a high business priority for provider organizations, but security professionals say that a shortage of resources mean they they’re relying on a limited set of tools to fight threats. Respondents from 87 percent of hospitals and 81 percent of other providers say security has grown in stature to become a key business priority.
Read about the new survey by HIMSS which reveals though cyber security has become a priority, many providers are still struggling with the tech for protection on Health Data Management.
As cybercriminals continue to assault the healthcare industry, most health executives are elevating data security as a business priority, according to the 2016 HIMSS Cybersecurity Survey, released Tuesday. Eighty-five percent of the report’s 150 surveyed IT security leaders are increasing cybersecurity awareness, motivated by potential phishing attacks (80 percent of acute care providers, 65 percent non-acute); viruses or malware (68 percent acute, 65 percent non-acute); and risk assessment results (64 percent acute, 77 percent non-acute).
Read about the new 2016 HIMSS Cybersecurity Survey which reveals that health care IT leaders are elevating cyber security as a priority on Healthcare IT News.
Read Elizabeth Snell explain how cyber security attacks remain the leading cause of large health care data breach incidents on Health IT Security :
While the summer of 2016 is quickly coming to an end, covered entities and their business associates cannot ease up on their data security measures. If the past three months have been any indication, large health data breaches are not about to cease anytime soon.