Cyber Alert: Updates on Ransomware and Critical VMware Vulnerability

OCR is sharing the following alerts from the White House and Cybersecurity and Infrastructure Security Agency (CISA).  Organizations are encouraged to review the information below and take appropriate action.

Confidentiality Coalition Webinar: HIPAA: Privacy, Security and New Challenges, Oh My!

HIPAA has provided the privacy and security of health data for decades; however new challenges have arisen with the rapid expansion of technology. Experts will provide overviews of both the HIPAA privacy and security rules, followed by a discussion about next steps to respond to a changing privacy and security environment. Watch here.

Will 2020 be the cybersecurity wakeup call healthcare needed?
It would be difficult to overstate the cybersecurity challenges faced by healthcare entities—providers in particular—in 2020. Hospitals and health systems were already prime targets for cyberattacks due to the huge amount of personal information contained in patient records. This year, two opportunities presented themselves to cybercriminals: IT staff was stretched thin by pandemic-related activities, while employees working from home created a wave of new vulnerabilities.
Moody's warns of revenue risks as healthcare cyberattacks increase

A report this week from Moody’s Investors Service found that cyber risk will likely remain high for the healthcare sector, leading to the potential for lost revenue, increased expenses and elevated scrutiny. “The large amount of sensitive patient data held by the industry will make it a rich target for attacks, particularly in the form of ransomware,” researchers predicted.



FBI warns Conti ransomware hit Ireland system, targeted 16 U.S. medical, emergency networks

The same hackers that hit the Irish health system a week ago also targeted at least 16 U.S. medical and first responder networks in the past year, according to a federal law enforcement alert. The Cyber Division of the Federal Bureau of Investigation (FBI) said cybercriminals using the malicious software dubbed ‘Conti’ have targeted law enforcement, emergency medical services, dispatch centers, and municipalities.