Life’s inevitabilities: bills, taxes, ransom

This week’s Hacking Healthcare:
TLP White

Hot Links –

1. Ransomware in 2018 – The Emergency Care Research Institute this week ranked ransomware as their top health technology hazard for 2018. This is probably unsurprising to most in the NH-ISAC community who have been dealing with the plague of ransomware for much of the last two years. The important acknowledgment is in the risk to patient safety that new ransomware attacks might pose. As we’ve seen, operational technology and medical devices are susceptible to ransomware and are being deliberately targeted. That’s my top threat for 2018 – IoT attacks that hold physical activity ransom.

2. HHS Cyber Bill – A bipartisan bill was introduced in the House last week that would give the HHS Secretary the authority to re-organize cybersecurity personnel. The bill would also require HHS to develop a plan that lays out its approach to coordinating within the department to address cybersecurity challenges. This would include regulatory (e.g., ONC, FDA, OCR) offices, as well as those offices charged with maintaining the resiliency of the sector against all hazards (i.e., ASPR). HHS would also have to report on how it secures its own systems. This bill is a step in the right direction – and consistent with HHS cyber task force recommendations – but needs funding attached to have more than marginal impact.

As a reminder, this is the public version of the Hacking Healthcare newsletter. For additional in-depth analysis and opinion, become a member of NH-ISAC.

Read full blog below:

Newsletter_NH-ISAC_Public_110717