Two recent security incidents involving ransomware attacks on vendors serve as the latest reminders of the risks business associates pose to healthcare organizations. What steps should entities take to mitigate those risks?
The city of Atlanta's ransomware outbreak cleanup and response tab has hit $2.6 million after a March attack froze corporate servers, employees' PCs and resident-facing portals. Some security experts say the breach response funds would have been put to better use preventing the outbreak in the first place.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
Email is still the most common attack vector as a preferred method utilized by attackers because of the overwhelming effectiveness. Phishing attacks have only been increasing and evolving to bypass modern security appliances, endpoint protection, and user awareness training.
Verizon's latest Data Breach Investigations Report shows that half of data breaches in 2017 worldwide were orchestrated by organized cybercriminal groups, says Verizon's Ashish Thapar, who offers an in-depth analysis of the findings.
The Department of Health and Human Services is warning the healthcare sector about ongoing attacks involving SamSam ransomware that have impacted at least eight U.S. organizations so far this year. What mitigation steps are recommended?
Leading the latest edition of the ISMG Security Report: Assessing cryptocurrencies' role in the latest ransomware and malware attacks. Plus: Facebook's revised estimate on account details accessed by Cambridge Analytica.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Leading the latest edition of the ISMG Security Report: Ransomware hits the city of Atlanta, Baltimore's 911 system as well as aviation giant Boeing. Plus, WikiLeaks and its Julian Assange get taken for a ride by Russian intelligence.
Boeing says that a malware outbreak affected a small number of systems but did not disrupt production. An executive has reportedly identified the malware as being WannaCry ransomware and called for "all hands on deck" to respond to the incident.
Five days after a ransomware outbreak crypto-locked city systems, Atlanta has advised its 8,000 employees that they can once again boot their PCs and printers. But information security experts warn that the city's infrastructure still appears to have easily exploitable misconfigurations.
Ransomware isn't an easy area to study. But a team of researchers has calculated the minimum paid by all ransomware victims over a two-year period, and found that nearly 75 percent of the bitcoins attackers received got funneled onto Russia's now-shuttered BTC-e cryptocurrency exchange.
Ransomware has struck the city of Atlanta and frozen internal and customer-facing applications, hampering residents from paying bills or accessing court information. But the city says it has working backups and expects to pay employees on time.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
Recent ransomware attacks on healthcare entities have been a major security wake-up call, says Rod Piechowski, senior director of health information systems at of HIMSS, who explains what action is needed.