search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
CYBER CORNER


for HR data, tax information, acquisition information, and clinical trial data. In 2018, the goals of the campaign were unknown. In 2019, APT 41 targeted a U.S. cancer research facility with mal- ware dubbed “EVILNUGGET” and CVE-2019-3396 was exploited. In October, we reported that Chicago-


based CommonSpirit Health, which has 140 hospitals across 21 states and more than 1,000 facilities, has been experiencing an “IT security issue,” as mainstream media outlets have been reporting. Journalists began report- ing the incident on Monday, Oct. 3, and updated information categorizes the incident as a ransomware attack. CommonSpirit is the second-largest nonprofi t health system in the U.S. According to an Oct. 6 article by


Jessica Lyons Hardcastle in The Register, CommonSpirit had a short statement on its website saying it took some systems offl ine, including “electronic health record (EHR) and other systems.” As of Oct. 13, the statement was updated saying that “We have been managing a response to a cyberattack that has impacted some of our facilities. Patients continue to receive the highest quality of care, and we are providing relevant updates on the ongoing situation to our patients, employees, and caregivers. Patient care remains our utmost priority and we apologize for any inconvenience this matter has created.” Healthcare Innovation spoke with


cybersecurity expert and former Stanford Children’s Health CISO Chad Wilson, to get his perspective on the


incident. Wilson says his initial thought is that “It’s a disaster. And an unfortu- nate one. As a CISO, this is something you don’t want to see happen” Wilson adds that “A larger organi-


zation [like CommonSpirit] has more patients and families to take care of vs. a smaller organization.” He says that an incident like this at a larger organization also impacts more staff (than a smaller organization) that now have to do their jobs without the tools are resources they are accustomed to. Healthcare Innovation had the pleasure


of speaking with Richard Staynings, who teaches postgraduate cybersecurity and health informatics degrees at the University of Denver University College, and is a retained advisor to a number of governments and private companies, as well as the chief security strategist at the New York City-based Cylera, about the year overall and his thoughts for what’s to come in 2023. Staynings says that “Cybercrime and


attacks against healthcare have contin- ued to rise at almost an exponential rate this year. There was a massive increase between 2019 and 2020, and an even big- ger increase between 2020 and 2021, and I fully expect that when the 2022 fi gures come in, they be on that same trajectory, if not worse!” “We have seen a massive collapse


and re-alignment of organized crime groups since the Russian invasion of Ukraine in February. Prior to the war, these groups consisting of perpetrators located right across the Commonwealth of Independent States (CIS) were united


predominantly by their use of the Russian language. During the inva- sion, Ukrainian and other non-Russian members pulled out of many of these Russian led groups, and some even turned on their former gangs exposing their inner most secrets and the identi- ties of leaders. This break up caused a dip in attacks in March and April and was further hampered by many global ISPs cutting off their Internet pipes into Russia and thus their connectivity.” “Since the onset of war, many of


the leaders of these crime gangs, who operate under the eye of the Russian Mafi a, who in turn operate with impu- nity under the oligarchs and ultimately the Kremlin, have quit the profession, scared that Russia will collapse along with Putin’s protective umbrella. Many are worried that they might be iden- tifi ed, caught, and prosecuted. Most have taken their millions and ran, going deep underground. This has left a power vacuum in Russian cyber gangs where the young, fearless, and ruthless have taken over. This has led to reckless attacks including the targeting of healthcare providers. A ‘live today die tomorrow’, ‘get rich quick’ mentality now persists as many of those involved are scared of being conscripted by the Russian Army and being sent off to die in Ukraine. Some of these cybercrimi- nals have even turned their disdain for the Putin dictatorship in cyberattacks against the Kremlin, a very risky propo- sition indeed.” HI Staynings’ comments are continued online at hcinnovationgroup.com.


ADVERTISERS


WEBSITE


PAGE


Armis ...........................................................................armis.com .......................................................................................................IFC eVideon.......................................................................evideon.com/vibe-health ............................................................................... 7 HealthITq ....................................................................HealthITq.com ................................................................................................. 3 Medical University of South Carolina ..................web.musc.edu/innovation ............................................................................ 27 Pondurance ...............................................................pondurance.com......................................................................................... 5, 25 Protenus ..................................................................... protenus.com .................................................................................................. 11 Spectrum Enterprise ................................................ enterprise.spectrum.com/practices ..........................................................BC Synology America ....................................................synology.com/en-us ....................................................................................... 23 Veeam Software Corp. .............................................veeam.com ........................................................................................................ 9


NOVEMBER/DECEMBER 2022 | hcinnovationgroup.com 29

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32