Vigilant Ops Announces Partnership with BeanStock Ventures

Author: vigilantops

White House Considers Software Bill of Materials (SBOM) Critical

Written by vigilantops on . Posted in Blog, In the News, News & Events.

The recent SolarWinds attack report, which we summarized in a recent post, hinted at possible executive action as a response to the massive assault. That possibility has been realized, and a Biden administration executive order, requiring enhanced cybersecurity measures including the Software Bill of Materials (SBOM), is expected any day now.  A National Security Council spokeswoman was recently quoted as saying that the SolarWinds attack showed that the “federal government needs to be able...

Continue reading

Software Bill of Materials Help to Defend Against Cyberattacks

Written by vigilantops on . Posted in Blog, In the News, News & Events.

On February 17, 2021, a remarkable White House press briefing addressed possible executive action in the wake of the SolarWinds attack, the most systematic hack of the U.S. government in history. In mid-February, the United States White House held a press briefing and announced possible executive action in response to a recent attack against some critical US agencies, including the US Department of Commerce and the US Department of Justice. The recent hack, referred to as the SolarWinds...

Continue reading

Two Key Device Security Documents Hospitals Need Now

Written by vigilantops on . Posted in Blog, News & Events.

When it comes to medical device security risk, hospitals are largely in the dark. By deploying medical devices without a Software Bill of Materials (SBOM) and/or an MDS2, they have no good way to know their actual vulnerability to cyberattacks, at least not without a lot of manual effort. When it comes to medical device security risk, hospitals are largely in the dark. By deploying medical devices without a Software Bill of Materials (SBOM) and/or an MDS2, they have no good way to know their...

Continue reading

Massive Ransomware Assault on Healthcare

Written by vigilantops on . Posted in Blog, News & Events.

CISA (Cybersecurity & Infrastructure Security Agency), the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) jointly released a cybersecurity advisory on October 28, 2020 warning of an imminent cybercrime threat to healthcare providers. Since the original release, the warning has been revised to include additional information. The advisory, Alert (AA20-302A) can be found here.  Authorities have claimed this to be one of the most significant...

Continue reading

U.S. Treasury Department Warns of Possible Violations

Written by vigilantops on . Posted in Blog, News & Events.

Paying ransomware hackers could run afoul of anti-money laundering regulations. The Financial Crimes Enforcement Network (FinCEN) issued an advisory that, depending on the circumstances, facilitating ransomware payments to cyber-criminals could constitute money transmission, thus violating anti-money laundering regulations. In addition, the Office of Foreign Assets Control (OFAC) issued an advisory that engaging in transactions, such as ransomware payments, with individuals or entities on their...

Continue reading

Universal Health Services (UHS) Hit by Ransomware Attack

Written by vigilantops on . Posted in News & Events.

Early on the morning of Sunday, September 27, 2020, end users at a United Health Services (UHS) hospital were greeted with locked phones and computer screens hijacked by ransomware. The giant hospital system has reverted back to paper forms, with no electronic access to online patient data, including lab results and historical information. Healthcare workers at the hospitals were told that it would take days to get the systems back online. UHS serves millions of patients through 400 facilities...

Continue reading