CYBERFIT ® 2017 Q3 Quarterly Newsletter
“It’s Not Who’s First… It’s Who Puts The Industry First“ By: NH-ISAC Threat Intelligence Committee Jim Routh, CSO Aetna Global Security NH-ISAC – “The healthcare industry has been hit with two significant and subsequent cyber challenges in recent weeks (WannaCry and Petya) both of which caused business impact for several organizations and in both … Continue reading "NH-ISAC White Paper – “It’s not who’s first…it’s who puts the industry first”"
Caution regarding spoofing activity surrounding Not Petya ransomware event This information is marked TLP White; Subject to standard copyright laws. TLP: White information may be distributed without restriction. *Any reproduction or reposting of this content requires proper credit/attribution to NH-ISAC. It is being reported that bad actors are attempting to gain credential access through … Continue reading "*** NH-ISAC Alert ***"
This information is marked TLP White: Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. *Any reproduction or reposting of this content requires proper credit / attribution to NH-ISAC. Summary This new ransomware attack was first observed on June 27, 2017. The impacted entities are mostly focused in the EU at this time … Continue reading "NH-ISAC Alert :TLP White distribution regarding ongoing Petya attack"
Kennedy Space Center, FL, June 19, 2017 – The National Health Information Sharing and Analysis Center, (NH-ISAC), a member-owned non-profit that is the health and public health (HPH) sector’s trusted community for sharing cyber and physical security information, supports the recently published Principles for Fair and Accurate Security Ratings. Today the Chamber of Commerce and … Continue reading "NH-ISAC Supports the Principles for Fair and Accurate Security Ratings"
The following information is labeled TLP White: HHS ASPR/CIP HPH Cyber Notice: On-Going Impacts to HPH Sector from WannaCry June 2, 2017 DISCLAIMER: This product is provided “as is” for informational purposes only. The Department of Health and Human Services (HHS) does not provide warranties of any kind regarding any information contained within. HHS does … Continue reading "HHS WannaCry Update 6-2-17"
NH-ISAC and Perch Security Aim to Revolutionize Information Sharing Kennedy Space Center, FL, June 5, 2017 – The National Health Information Sharing and Analysis Center, (NH-ISAC), a member-owned non-profit that is the health and public health (HPH) sector’s trusted community for sharing cyber and physical security information, has entered into a partnership with Perch … Continue reading "NH-ISAC and Perch Security Aim to Revolutionize Information Sharing"
The attached report and appendix, developed by the Health Care Industry Cybersecurity Task Force in an effort to improve preparedness for and response to cybersecurity threats, outlines recommendations directed toward the health care industry in general as well as to individual industry and government organizations. Two task force members are also members of NH-ISAC. The … Continue reading "Health Care Industry Cybersecurity Task Force Report"
MAY 16, 2017 On May 12, 2017 at 4:00am ET, multiple companies in Europe started reporting ransomware infections with the most damage impacting the National Health System (NHS) Trust in the UK and a large telecom company, Telefonica in Spain. 16 hospitals within the NHS have canceled surgeries, had their phone systems disabled or have had to turn away emergency patients. It is reported that many of … Continue reading "WannaCry Ransomware Update 5-16-17"
FBI WannaCry Flash Bulletin – Indicators Associated With WannaCry Ransomware Please see the attached TLP White report from the FBI concerning the WannaCry Ransomware incident.
On 4/4/17 NH-ISAC president Denise Anderson and board members Terry Rice and Michael McNeil gave testimony to the United States House of Representatives Committee on Energy & Commerce subcommittee on Oversight & Investigations regarding “Cybersecurity in the Health Care Sector: Strengthening Public-Private Partnerships.” They each gave their statement and then answered questions … Continue reading "NH-ISAC Testifies on Cybersecurity in the Health Care Sector"
Want to stop phishers? Use email authentication. By: Lisa Weintraub Schifferle | Mar 3, 2017 9:10AM TAGS: Bureau of Consumer Protection Consumer Protection Privacy and Security Data Security Phishing emails can harm businesses whose identities are spoofed. Don’t want that to happen to your business? Read the new Staff Perspective from our Office of Technology, … Continue reading "Federal Trade Commission recommends Email Authentication to prevent Phishing"
On January 31, 2017, NH-ISAC hosted a webinar describing the new Medical Device Vulnerability Intelligence Program for Evaluation and Response (MD-VIPER) Link to register for viewing of recorded webinar Slideshow Presentation from webinar: Slides 1-19: Slides 20-29: Slides 30-38:
NH-ISAC / MDISS (MD-VIPER) Webinar Medical Device Vulnerability Intelligence Program for Evaluation and Response Note: This webinar has been rescheduled for January 31, 2017. NH-ISAC & MDISS will host a webinar for industry to review, discuss and answer questions around MD-VIPER, the medical device ISAO, and how it supports the FDA “Postmarket Management of Cybersecurity … Continue reading "(MD-VIPER) Webinar: Medical Device Vulnerability Intelligence Program for Evaluation and Response, 1/31"
Medical device security is now recognized as a major public health problem. Examine the critical functions of the recently launched medical device Information Sharing and Analysis Organization (ISAO) initiative co-led by NH-ISAC and MDISS. Uncover the potential transformative impact of the open and collaborative ISAO on patient safety and privacy, health system and manufacturer cybersecurity … Continue reading "NH-ISAC at HIMSS17 Pre-conference Medical Device Security Symposium, 2/19"
Official Healthcare Information Sharing and Analysis Center to Leverage Prevalent Vendor Network Experience for Third-Party Risk Management WARREN, NJ (December 5, 2016) – Prevalent, Inc., the leader in Third-Party Risk Management and Vendor Threat Intelligence and Churchill & Harriman, the recognized leader in enterprise risk management and third-party risk assessments, today jointly announced that NH-ISAC … Continue reading "NH-ISAC Selects Prevalent Synapse as CYBERFIT™ Vendor Network Platform and Churchill & Harriman for Third-Party Risk Assessments"
A shared interest and collaboration in encouraging the identification, mitigation, and prevention of cybersecurity threats to medical devices fosters a MOU between NH-ISAC, MDISS and FDA Kennedy Space Center, FL, October 18, 2016 – The National Health Information Sharing and Analysis Center, (NH-ISAC), the Medical Device Innovation, Safety and Security Consortium (MDISS), and the U.S. … Continue reading "NH-ISAC and MDISS Sign Memorandum of Understanding (MOU) with FDA Around Collaboration of Medical Device Cybersecurity"
The Electricity Information Sharing and Analysis Center (E-ISAC) has released a white paper regarding a new type of DDoS attack.
New Board Will Provide Strategic and Governance Oversight To NH-ISAC On A Number of Important Health and Public Health (HPH) Sector Initiatives, Partnerships And Services. Kennedy Space Center, FL, October 19, 2016 – The National Health Information Sharing and Analysis Center, (NH-ISAC), a member-owned non-profit that is the health and public health (HPH) sector’s trusted … Continue reading "NH-ISAC Announces Results of Board of Directors Elections"