We’re here to make sure you stay in the know about the latest in cybersecurity and healthcare trends. Our goal is to provide you with the information and headlines you need to stay informed and confident as a Healthcare Cyber Defender. Feel free to use this valuable resource to enhance your presentations and gather essential data points.
Growth in the Number of Healthcare Records Compromised per Breach
In our monthly cyber briefing, Steve Cagle, Clearwater’s CEO, reviewed the current rate of healthcare records breached. The totals are increasing because of some significant breaches in September. Stemming from the MOVEit vulnerability, Nuance Communications’ notification of breach included 1.2M individuals, adding to this trend of a larger number of records per breach.
Ransomware Attacks in the US and Healthcare-Focused
“Over the last 12 months, education and healthcare were the most beleaguered sectors in the US outside of services. They received so many attacks that if they were countries, they would be the fourth and sixth most attacked in the world.”
Another recent ransomware headline and one of the latest victims is a large Michigan health provider. Suspicious activity led to an investigation and subsequent partial IT shutdown of 14 locations. The threat actors claim to have stolen 6 TB of data – 2.5 M records.
FBI Cyber Division Notification
Dual Ransomware Happening Closely Together
The FBI recently observed a concerning pattern of dual ransomware attacks happening closely together. In these incidents, cybercriminals employed two distinct ransomware variants against their target companies. These variants included AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal, and were used in different combinations. This dual ransomware approach resulted in a damaging mix of data encryption, data theft, and financial losses due to ransom payments. Subsequent ransomware attacks on already compromised systems could pose a significant threat to the affected organizations.
Sign up to receive these alerts directly here: https://delivery.fbi.gov/subscribe
SEC Ruling for Cybersecurity Risk Management and Incident Disclosure now in Effect
- Beginning 12/18/23
- Disclosure of material cyber incidents on 8-K
- 4 days from determining a material incident
- “Materiality” must be determined “without delay”
- All fiscal year periods ending on or after 12/15/23
- Disclose risk management and governance information in relation to cybersecurity, including board proficiency and oversight of cybersecurity risks on 10-K
Cisco Issued a Zero-Day Notice and Subsequent Update Regarding Multiple Vulnerabilities in Their IOS XE Software Web UI Feature
Read the details, including summary, affected products, indicators of compromise and workarounds on Cisco’s site.
CISA Added Two Known Exploited Vulnerabilities to Their Catalog
According to CISA’s website, based on evidence of active exploitation, it added the following two known vulnerabilities to its catalogue of known vulnerabilities:
- CVE-2023-4966 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
- CVE-2021-1435 Cisco IOS XE Web UI Command Injection Vulnerability