July 1, 2021
With Cyber Security Awareness Month right around the corner, the multiple cyber alerts issued by the Office for Civil Rights (OCR) in the month of June serve as a perfect preamble for the importance of prioritizing data protection all year round. These government-issued Cyber Alerts have become all too familiar in the healthcare industry, with the past year seemingly filled with emergency directives and scam tactics to be aware of. So with healthcare data breaches on the rise and the most recent warnings of a heightened risk of ransomware and IT system vulnerabilities – ensuring your organization has the necessary programs in place is essential to avoid falling victim.
What did the most recent Cyber Alerts cover?
In early June, the White House and Cybersecurity and Infrastructure Agency (CISA) released a memo titled “What We Urge You to Do to Protect Against the Threat of Ransomware.” This alert urged healthcare organizations to take appropriate action in protecting against ransomware threats and covered several best practices that providers can take to enhance cybersecurity including:
- Implementing multi-factor authentication for network and device login and passwords.
- Ensuring all data is encrypted when it is both sent and stored.
- Improving endpoint detection and response to identify any malicious activity early on.
- Regularly backing up data and keeping these backups offline.
- Updating and patching systems promptly to best maintain the security of operating systems as new threats evolve.
- Testing disaster recovery plans on an ongoing basis before an incident occurs.
- Evaluating organizational security teams’ practices by using a third-party tester to determine cybersecurity readiness.
- Segmenting company networks so that if a network is compromised, the threat is better mitigated. This could mean separating a labs IT network from the one used in your main office to help isolate the data compromised and system downtime if a threat were to occur.
While keeping up with the above steps should be done on a regular basis, the more recent OCR notice covers additional vulnerabilities organizations should be aware of. According to the memo shared on June 25, 2021 – Eclypsium Security Researchers have discovered a vulnerability in the Dell BIOSConnect feature available on over 180 models of consumer and business devices. Dell urges all customers to ensure that their devices are updated to the latest version and provided a full list of impacted devices and steps to address the vulnerability that can be found here.
Additionally, this memo also included an advisory from CISA due to the multiple vulnerabilities found in the ZOLL Defibrillator Dashboard. The agency warns that these vulnerabilities may allow a remote user to take control of an affected system and emphasizes that all organizations should review the ICS Medical Advisory and apply the recommended mitigations.
So now what?
Well, for any healthcare organization of any size – data breaches and cyberattacks are becoming more and more of a concern. Implementing the necessary technical safeguards, following guidance on ransomware prevention, and keeping all devices and IT systems up to date with the latest version is key to steering clear of heightened vulnerabilities like the ones outlined in recent government memos. Unfortunately, as technology and threat actor tactics continue to evolve, these new and increasing threats don’t seem to be going away anytime soon. So keeping your practice and your patients’ data protected in the long run starts with having both a security AND compliance program in place now.