Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Major Cyberattacks On Healthcare Grew 63% In 2016
Newest First  |  Oldest First  |  Threaded View
haemorrhoiden-selbst-behandeln
haemorrhoiden-selbst-behandeln,
User Rank: Apprentice
1/16/2017 | 6:42:03 AM
security issue
Healtcare IT departments often lags on security. Last year randsomware attacks showed the weakness and IT-admins got some homework to do. Hopefully it will not happen again in this dimension.
Dr.T
Dr.T,
User Rank: Ninja
12/28/2016 | 11:56:22 AM
Attacking healthcare
"Article mentioned "people wouldn't want to attack a healthcare facility because they didn't believe anyone would want to do harm to the patients"

We know that is not the case, patients are people, and they want to attack anything they can including people.
Dr.T
Dr.T,
User Rank: Ninja
12/28/2016 | 11:55:51 AM
Re: Hacking Healthcare
"your EHR usage and allocate that to beefing up both your software/network and personnel/building security practices."

Another good point. Sometimes it is not the system everything else around it. Gmail is quite secure with two factor authentication and yet we see they are able to hack Gmail account.
Dr.T
Dr.T,
User Rank: Ninja
12/28/2016 | 11:52:00 AM
hospitals unaware of breaches
Hospitals are unaware of breaches and as many other organizations, remember Yahoo, they told us they were hacked a few years earlier. Damage may be worse if we do not know early enough
Dr.T
Dr.T,
User Rank: Ninja
12/28/2016 | 11:51:31 AM
Re: Hacking Healthcare
"A good social engineer only needs to get a malware USB plugged into one or two devices to have access to the hospital network. "

Good point. As we know we will all take the USB drive we found in the parking lot and plug in the computers to see what is inside. 
Dr.T
Dr.T,
User Rank: Ninja
12/28/2016 | 11:49:07 AM
Ransomware and healthcare data
As article stated hackers target healthcare because organizations will usually pay ransom for patient data simply because the alternative is more costly. They will pay and may not even reveal that there was ransomware attack.
Techgmyth
Techgmyth,
User Rank: Strategist
12/23/2016 | 4:51:16 PM
Microsoft Professional Support
This is really a nice post. Thanks for sharing this to us !
RetiredUser
RetiredUser,
User Rank: Ninja
12/22/2016 | 7:09:40 PM
Hacking Healthcare
There are a couple different mindsets that need to change here.  The first is that idea of some of the smaller healthcare organizations (mostly individual practices) that hackers aren't interested in hurting patients.  Technically most aren't, but it isn't anything to do with their well-being anyway, but more to do with their personal information.  Once healthcare practices understand that data is used to create new identities, obtain credit cards and used for insurance fraud, they'll realize that by setting up more secure practices they are directly impacting their patients in a positive way. 

The other mindset that needs to change is how larger organizations (the Cedars and Kaisers of the world) deal with drug and device vendors.  These people come and go, sometimes getting into patient care areas, with access to medical devices on the floor.  A good social engineer only needs to get a malware USB plugged into one or two devices to have access to the hospital network.  Even easier, convincing a young intern to plug in a USB and "print something" for them will do the trick, too. 

Some of the larger hospitals are now implementing large Electronic Health Records that require various levels of security even to run properly so that's a plus on one hand, but on the other hand the distraction of large implementations can cover up the low-tech hacks that never get old, and never go away.  Let's take some of that money you're now earning from the governement, folks, for your EHR usage and allocate that to beefing up both your software/network and personnel/building security practices. 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-20099
PUBLISHED: 2022-06-27
A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The attack may be initiated remotely.
CVE-2022-2221
PUBLISHED: 2022-06-27
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8.
CVE-2022-28622
PUBLISHED: 2022-06-27
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server supports weak key exchange algorithms which could lead to remote unauthorized access. HPE has made the following software update to resolve the vulnerability in HPE StoreOnce Software 4.3.2.
CVE-2022-31034
PUBLISHED: 2022-06-27
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v0.11.0 are vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or UI. The vulnerabilities are due to the use of insufficiently random values in paramete...
CVE-2022-31035
PUBLISHED: 2022-06-27
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting with v1.0.0 are vulnerable to a cross-site scripting (XSS) bug allowing a malicious user to inject a `javascript:` link in the UI. When clicked by a victim user, the script will execute with th...