Cyberattacks Increase in the Time of COVID-19

By Justin Armstrong, Chair, and Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

For COVID-19 resources for health IT developers and other stakeholders, click here.

As part of National Cybersecurity Awareness Month, EHRA is highlighting three alarming trends in cyberattacks that have arisen since the beginning of the COVID-19 pandemic that health organizations should pay special attention to:

  1. Increases in COVID-19 themed cyberattacks
  2. Increased risk of exploitation with more employees working from home
  3. Increase in targeting of COVID-19 research and vaccine development
(more…)

Protecting Your Organization and Yourself from Coronavirus-Related Scams and Malware

By Justin Armstrong
Chair, EHRA Privacy & Security Workgroup

For updated COVID-19 resources for health IT developers and other stakeholders, click here.

Untitled design(5)In the midst of a healthcare crisis like COVID-19, the furthest things from the minds of many may be cybersecurity. However, now is the time for a heightened alert level. Attackers frequently take advantage of current news and distracted organizations, and the COVID-19 crisis is no different. 

Forbes reports that “there are now more than 40,000 ‘high-risk’ COVID-19 threats on the web.” Hackers have already attacked or attempted attacks on the U.S. Department of Health & Human Services, the World Health Organization, a vaccine test center, hospitals, a public health department, and other healthcare organizations in the U.S. and around the world. The increase in teleworking opens up new avenues of risk

(more…)

Recruiting Healthcare Cybersecurity Staff Takes Creativity

By Justin Armstrong
Chair, EHRA Privacy & Security Workgroup

Cybersecurity help wanted(2)It’s not news that, from the front line security analyst to the CISO level, there’s a shortage of skilled healthcare cybersecurity staff.  

Thankfully, interest in cybersecurity has never been greater! There is a career in cybersecurity to fit every personality, temperament, and level of technical acumen. Some positions require intense focus and deep technical knowledge, while others require interpersonal skills.

How can you find talent in such a tight market? There are several good avenues.

(more…)

Ransomware Trends, the $64,000 Question, and Preparedness

ransomware

By the EHRA Privacy & Security Workgroup

One of the latest ransomware variants making the rounds is Ryuk. It’s deployed using malware believed to be managed by Russian criminal groups with code names “Wizard Spider” and “Grim Spider” (learn more here).

Ransomware Trends

The Crowdstrike 2019 Global Threat Report highlights disturbing new trends that make cyberattacks increasingly difficult to detect and block without more advanced tools. These include:

(more…)

Preventing Malware Infections Starts With Good Cyber Hygiene

By the EHRA Privacy & Security Workgroup

Danger enter keyJust as healthcare clinical staff recognize the value of good physical hygiene to prevent infection, good cyber hygiene can prevent malware infections. 

The number one preventative step? Staff vigilance. Everyone must be careful with clicks — whether it be an email, website link, or file attachment. Even as we’re inundated with information in today’s fast-paced digital world, taking the time to think before you click is just as important in preventing digital infections as washing hands between patients is in preventing bacterial infection.

(more…)

Strategic Healthcare Leaders Recognize Cybersecurity As A Patient Safety Risk

By the EHRA Privacy & Security Workgroup

Cybersecurity leadership quote(1)For many C level executives in a healthcare organization, cybersecurity equates to risk of a cyberattack that results in a Health Insurance Portability and Accountability Act (HIPAA) breach and fine. 

The bigger risk posed by a cyberattack, however, is to patient safety. If you get anything from this blog post, it should be this: Cybersecurity incidents affect more than HIPAA compliance, and should be treated as a patient safety risk. 

By categorizing cyberattacks as a patient safety risk, it escalates the importance of cybersecurity as more than mitigating a potential HIPAA fine.

(more…)

  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 165 other followers

  • Contact Us

    Kristi Feliksik
    kfeliksik @ ehra.org

    Elinore Boeke
    Communications and Media
    elinore @ kecommunications.net