WannaCry ransomware attack jumped cyber threat levels to new heights. Particularly hard hit were healthcare facilities in the UK. Three news articles summarize the attack and address healthcare industry’s vulnerability. The US missed the brunt of the lockdown because of an accident in the form of an entrepreneurial coder inadvertently tripping the “kill switch”. Addressing cyber-attacks vulnerable healthcare industries marked the 1

TCyber-attacks Vulnerable Healthcare Industrieshe news coverage did not touch on the major effort by leading healthcare organizations preparing for many types of cyber-incursions. Sounding more like Marvel Comics version of the Avengers, the HITRUST Alliance, a not for profit, was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. This was 10 years ago and the struggle continues.

The foundation of all HITRUST programs and services is the HITRUST CSF, a certifiable security framework (CSF) that provides organizations with a comprehensive, flexible and efficient approach to regulatory compliance and risk management.

Developed in collaboration with healthcare and information security professionals, the HITRUST CSF rationalizes healthcare-relevant regulations and standards into a single overarching security framework. Because the HITRUST CSF is both risk- and compliance-based, organizations can tailor the security control baselines based on a variety of factors including organization type, size, systems, and regulatory requirements. For more information on HITRUST, click HERE.

Cyber-attacks Vulnerable Healthcare Industries

New York Times

Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool 

The attacks appeared to be the largest ransomware assault on record, but the scope of the damage was hard to measure. It was not clear if victims were paying the ransom, which began at about $300 to unlock individual computers, or even if those who did pay would regain access to their data.

On Friday, hackers took advantage of the fact that vulnerable targets — particularly hospitals — had yet to patch their systems, either because they had ignored advisories from Microsoft or because they were using outdated software that Microsoft no longer supports or updates.

The malware was circulated by email. Targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets. The fact that the files were encrypted ensured that the ransomware would not be detected by security systems until employees opened them, inadvertently allowing the ransomware to replicate across their employers’ networks.

New York Times

What We Know and Don’t Know About the International Cyber-attack 

Cybersecurity experts identified the malicious software as a variant of ransomware known as WannaCry. Workers at hospitals and companies across the globe were confronted with a message on their monitors that read, “Oops, your files have been encrypted!” and demanded $300 in Bitcoin.

Experts said that the attackers may pocket more than $1 billion from individuals worldwide before the deadline ran out to unlock the machines.

At least 45 British hospitals and other medical facilities seemed to be hit hardest by the attacks, which blocked doctors from gaining access to patient files and caused emergency rooms to divert patients. Prime Minister Theresa May said there was no evidence that patient data had been stolen.

Emergency rooms, doctors’ offices and ambulances were disrupted in Britain and communications were affected in other countries. It is still unknown if anyone suffered further injury or died because of the disruption.

CNN Money

Why hospitals are so vulnerable to ransomware attacks by Selena Larson

Billy Marsh, a 10 year veteran of healthcare IT and now a security researcher at The Phobos Group, says hospitals need to be much more active in correcting their security.

“There are pretty big consequences” if a hospital has vulnerable software, Marsh said. “If they’re in the middle of an operation, whatever machines they’re using could go down and they’ll have to fall back on manual methods.”

Many people don’t realize that healthcare hardware — like MRI machines, ventilators, and some types of microscopes — are actually computers. Those computers, like our laptops, come with software that the makers are responsible for supporting. Sometimes the people who make the machines stop supporting them after an extended period. That means the old software can become vulnerable to attacks.