Latest
Industry News

On February 17, 2021, a remarkable White House press briefing addressed possible executive action in the wake of the SolarWinds attack, the most systematic hack of the U.S. government in history. In mid-February, the United States White House held a press briefing and announced possible executive action in response to a recent attack against some critical US agencies, including the US Department of Commerce and the US Department of Justice. The recent hack, referred to as the Sol…

When it comes to medical device security risk, hospitals are largely in the dark. By deploying medical devices without a Software Bill of Materials (SBOM) and/or an MDS2, they have no good way to know their actual vulnerability to cyberattacks, at least not without a lot of manual effort. When it comes to medical device security risk, hospitals are largely in the dark. By deploying medical devices without a Software Bill of Materials (SBOM) and/or an MDS2, they have no good way to know the…

CISA (Cybersecurity & Infrastructure Security Agency), the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) jointly released a cybersecurity advisory on October 28, 2020 warning of an imminent cybercrime threat to healthcare providers. Since the original release, the warning has been revised to include additional information. The advisory, Alert (AA20-302A) can be found here.  Authorities have claimed this to be one of the most significan…

Paying ransomware hackers could run afoul of anti-money laundering regulations. The Financial Crimes Enforcement Network (FinCEN) issued an advisory that, depending on the circumstances, facilitating ransomware payments to cyber-criminals could constitute money transmission, thus violating anti-money laundering regulations. In addition, the Office of Foreign Assets Control (OFAC) issued an advisory that engaging in transactions, such as ransomware payments, with individuals or entities on the…

Early on the morning of Sunday, September 27, 2020, end users at a United Health Services (UHS) hospital were greeted with locked phones and computer screens hijacked by ransomware. The giant hospital system has reverted back to paper forms, with no electronic access to online patient data, including lab results and historical information. Healthcare workers at the hospitals were told that it would take days to get the systems back online. UHS serves millions of patients through 400 facilitie…

Healthcare Delivery Organizations Gain Visibility into Risk Profile of Deployed Medical Devices. Today, Vigilant Ops, an innovator in medical device cybersecurity, announced the immediate availability of InSight Platform V1 for Healthcare Delivery Organizations, providing HDOs with an automated solution for monitoring the health of their deployed medical devices.  The InSight Platform V1 for Medical Device Manufacturers (MDMs) was released on May 11 and provided MDMs an automated solutio…