Cybersecurity News

The Department of Justice July 25 announced the indictment of North Korean national Rim Jong Hyok for allegedly conspiring to hack and extort U.S. hospitals and health care providers.

The cybersecurity firm CrowdStrike July 24 posted online a preliminary post incident report following a non-malicious global technology outage which began July 19 and affected many industries, including health care.

There has been a sharp uptick this year in ruthless tactics by cybercriminals, who are now directly threatening patients with the release of sensitive information, photos and medical records. John Riggi, AHA national advisor for cybersecurity and risk, talks with two experts about the rise in these tactics and what’s needed to fight back and prepare against these threat-to-life crimes.

The AHA July 24 shared information and new offerings from some of its private sector partners that can help hospitals and health systems strengthen their cybersecurity efforts and defend against and deflect cyberattacks.

AHA President and CEO Rick Pollack opened the 2024 AHA Leadership Summit in San Diego discussing the similarities of the U.S. Navy Seals to the hospital field in its commitment to operational flexibility, team cohesion, cultural awareness, use of advanced technology, and physical and mental resilience. 

A non-malicious global technology outage that began in the early morning of July 19 is continuing to affect many industries and is having varying effects on hospitals and health systems across the country. The outage was caused by a faulty software update issued by the cybersecurity firm CrowdStrike, which is widely used by businesses and government agencies that run on Microsoft computers. 

John Riggi, AHA’s national advisor for cybersecurity in risk, participated July 18 as the opening keynote speaker in the Information Security Media Group’s Healthcare Cybersecurity Summit in New York City to discuss emerging threats, defense measures and other cybersecurity issues within the health care sector.

A joint advisory issued the week of July 8 by the Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI and several international agencies warns of the threat of a state-sponsored cyber group in China. The Advanced Persistent Threat (APT) 40, also known as Kryptonite Panda, GINGHAM TYPHOON, Leviathan and Bronze Mohawk, has previously targeted organizations in the United States and other countries.

The AHA July 2 submitted comments to the Cybersecurity and Infrastructure Security Agency on its proposed rule establishing reporting requirements for cybersecurity incidents under the Cyber Incident Reporting for Critical Infrastructure Act.

The Department of Health and Human Services Health Sector Cybersecurity Coordination Center June 27 issued an alert about a critical vulnerability in MOVEit, a common file transfer platform utilized in the health sector. The vulnerability exposes health care organizations to cyberattacks, especially ransomware and data breaches.

A joint report released June 26 by the Cybersecurity and Infrastructure Security Agency, FBI, the Australian Cyber Security Centre and Canadian Centre for Cybersecurity provides roadmaps for addressing memory safety vulnerabilities in open source software.

The Health Information Sharing and Analysis Center June 27 issued a threat bulletin alerting the health sector to active cyberthreats exploiting TeamViewer.

The FBI and Department of Health and Human Services June 24 released an advisory about cyberthreat actors targeting health care organizations in attempts to steal payments.

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) this week released an advisory about Qilin, formerly "Agenda," a ransomware-as-a-service group targeting health care and other industries worldwide.

Change Healthcare June 20 began notifying health care providers and other customers with patient data stolen following February’s cyberattack, the company announced.

The Centers for Medicare & Medicaid Services June 17 announced it will close its accelerated and advance payment program July 12 for Medicare providers and suppliers disrupted by the Change Healthcare cyberattack in February.

The health care sector should swiftly implement patches or mitigations to address 14 new cyber vulnerabilities identified by the Cybersecurity and Infrastructure Security Agency in May, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) advised this week.

The Departments of Health and Human Services, Labor, and the Treasury June 14 announced a 120-day extension for parties impacted by the cyberattack on Change Healthcare to open disputes under the No Surprises Act independent dispute resolution process.

Microsoft and Google will provide a range of free or discounted cybersecurity services to rural hospitals across the country to help them in their efforts to prevent cyberattacks. The announcement was made June 10 in collaboration with the White House and the AHA.

The AHA June 6 participated in a Wall Street Journal Tech Live Cybersecurity event to discuss the historic Feb. 21 cyberattack on Change Healthcare.