As healthcare organizations faced an increase in cybersecurity threats, HHS, the FBI and the Cybersecurity and Infrastructure Security Agency increased their efforts to support, inform and advise the healthcare industry of possible threats and how to amp up security measures.
Here are four cybersecurity warnings the groups issued in August:
- On Aug. 4, the Health Sector Cybersecurity Coordination Center issued a warning about the rise in cybersecurity risks associated with Internet of Things devices in the healthcare and public health sector. According to the warning, IoT devices are being targeted by criminals as they look to access the functions of the devices to steal credentials and data.
- On Aug. 9, the Health Information Cybersecurity Coordination Center issued a warning about the security risks associated with cloud services and providers. According to the warning, internal threats such as human error, external threats from malicious actors and the infrastructure itself are the biggest concerns with cloud security.
- On Aug. 10, the Health Information Cybersecurity Coordination Center issued a warning about a phishing campaign, known as Evernote, that lures recipients into downloading a Trojan file that steals credentials.
- On Aug. 11, the CISA and the FBI issued a joint warning about the Zeppelin ransomware, which is being used to target healthcare organizations and medical industries. The hackers spend one to two weeks inside victims' networks before deploying their ransomware. Afterwards, Zeppelin hackers threaten to publish or sell stolen data from the entities if the victim refuses to pay the ransom.