Identity and access management continues to be a top medical device cybersecurity challenge, says Clearwater security expert Mark Sexton. “A number of these devices cannot be integrated into normal technical controls, like Active Directory, that you use on your network to manage user access and monitor that activity,” he notes in an interview with Information Security Media Group.
The agency says threat actors are targeting organizations' IT help desks with phone calls from a local area code claiming to be revenue cycle or administrator employees. After gaining access, they divert legitimate payments.