Connect with us

Health Care

CISA, FBI Warn Critical Infrastructure: Stay Vigilant Over the Holidays

Published

on

The U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation issued a reminder this week to critical infrastructure partners that bad actors are unlikely to take a break for the holiday season.

Although neither CISA nor FBI have identified specific threats looming, they noted that previous incidents over U.S. holidays have set a concerning precedent.

“Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways – big and small – to disrupt the critical networks and systems belonging to organizations, businesses and critical infrastructure,” said the agencies in a joint bulletin.

WHY IT MATTERS

As CISA and the FBI pointed out, holidays such as Thanksgiving often mean offices are closed, and security professionals may be less attentive. Still, they said, organizations can take several actions to try and proactively protect against cyberattacks.

They recommended that all entities, especially critical infrastructure partners, to implement best practices, including:

Identifying IT security employees for weekends and holidays who would be available to surge during these times in the event of an incident
Implementing multi-factor authentication for remote access and administrative accounts
Mandating strong passwords and ensuring they are not reused across multiple accounts
Ensuring remote desktop protocol is secure and monitored
Reminding employees not to click on suspicious links, and conducting exercises to raise awareness

The agencies also urged organizations to stay vigilant against known cybercrime techniques, such as phishing scams, fraudulent sites spoofing reputable businesses and unencrypted financial transactions.

“Finally – to reduce the risk of severe business/functional degradation should your organization fall victim to a ransomware attack – review and, if needed, update your incident response and communication plans,” said the agencies, directing organizations to ransomware awareness resources regarding holidays and weekends. “These plans should list actions to take – and contacts to reach out to – should your organization be impacted by a ransomware incident.”

THE LARGER TREND

This isn’t the first time CISA and the FBI have issued a holiday ransomware warning.

Before Labor Day weekend, the agencies raised similar concerns, pointing to attacks on critical infrastructure on Mother’s Day, Memorial Day and Independence Day.

It also seems, however, that hackers need no special occasion to cause a ruckus. This year has seen a rise in cyber attacks and data breaches in the healthcare sector, with more than 40 million patient records compromised by incidents reported to the federal government in 2021.

ON THE RECORD

“As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the FBI are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you,” said the agencies in the bulletin.

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

Original Article: healthcareitnews.com

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Health Care

Apple Sues NSO Group, Accusing It of Spying on Users in New Lawsuit

Published

on

Apple announced this week that it was suing NSO Group, an Israeli surveillance technology company, in federal court for allegedly accessing users’ devices without authorization.

In addition to damages, the tech giant is seeking to block NSO Group from accessing or using any Apple products, or developing spyware that could be used on Apple products in the future.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability,” said Craig Federighi, Apple’s senior vice president of software engineering, in a statement. “That needs to change.”

Apple devices are “the most secure consumer hardware on the market,” he contended, but “private companies developing state-sponsored spyware have become even more dangerous.

“While these cybersecurity threats only impact a very small number of our customers, we take any attack on our users very seriously, and we’re constantly working to strengthen the security and privacy protections in iOS to keep all our users safe,” Federighi added.

NSO Group offered a statement to Healthcare IT News in response to requests for comment.

“Thousands of lives were saved around the world thanks to NSO Group’s technologies used by its customers,” said NSO Group representatives. “Pedophiles and terrorists can freely operate in technological safe-havens, and we provide governments the lawful tools to fight it. NSO Group will continue to advocate for the truth.”

WHY IT MATTERS

NSO Group says its surveillance technology is used by government intelligence and law enforcement agencies to track criminals.

But as Apple outlines in its complaint, the company’s spyware has reportedly been used against journalists, human rights activists, dissidents, public officials and others.

This month, the U.S. Department of Commerce included the NSO Group in its Entity List for “engaging in activities that are contrary to the national security or foreign policy interests of the United States.” Specifically, the agency said that NSO Group had enabled foreign governments, via its spyware, to “maliciously target” individuals such as embassy workers and academics and to “conduct transnational repression.”

In its complaint, Apple zeroed in on “FORCEDENTRY,” an exploit for a vulnerability used to break into a victim’s device and install NSO Group’s Pegasus spyware product.

The company accused attackers of creating Apple IDs to send malicious data to a victim’s device, which then allowed NSO Group or its clients to surreptitiously deliver Pegasus.

“On information and belief, Defendants provide consulting and expert services to their clients, assist them with their deployment and use of Pegasus, and participate in their attacks on Apple devices, servers and users,” according to the complaint. Although Apple has not observed any evidence of successful remote attacks against devices running iOS 15 or later, it said that each attack carries substantial costs for the company, including the necessity to redirect resources.

“In the meantime, on information and belief, Defendants continue with their pernicious efforts to target and harm Apple and its customers by infecting, exploiting, and misusing Apple devices and software,” said the complaint.

The company also announced that it would be contributing any damages from the lawsuit, plus an extra $10 million, to organizations pursuing cybersurveillance research and advocacy.

“At Apple, we are always working to defend our users against even the most complex cyberattacks,” said Ivan Krstic, head of Apple Security Engineering and Architecture, in a statement.

“The steps we’re taking today will send a clear message: In a free society, it is unacceptable to weaponize powerful state-sponsored spyware against those who seek to make the world a better place.”

THE LARGER TREND

Nation-states have increasingly relied on sophisticated software to carry out governmental objectives.

As Errol Weiss, H-ISAC chief security officer, pointed out in an interview with Healthcare IT News earlier this month, cyber-offensive capabilities have now become the norm, not the exception.

“A few years ago, you could count maybe a few dozen countries that had a decent, offensive cyber capability. And now it’s probably the opposite,” he said. The U.S. government has raised the alarm about these developments, most recently regarding an Iran-sponsored hacker group targeting healthcare.

ON THE RECORD

“Our threat intelligence and engineering teams work around the clock to analyze new threats, rapidly patch vulnerabilities, and develop industry-leading new protections in our software and silicon,” said Apple’s Krstic in a statement.

“Apple runs one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from abusive state-sponsored actors like NSO Group,” he said.

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

Article: healthcareitnews.com

Continue Reading

Health Care

French Researchers Reveal Chatbot Skills to Override Vaccine Hesitancy

Published

on

A team of French cognitive scientists has addressed the urgent issue of vaccine hesitancy within many EU countries and proposes a new approach. With a study published in October this year, the researchers successfully demonstrated that the reluctance to be vaccinated could be decreased by deploying chatbot technology.

WHY IT MATTERS

The chatbot study involved researchers from the Centre National de la Recherche Scientifique (CNRS), the French National Institute of Health and Medical Research INSERM and ENS-PSL.

The study, published in the Journal of Experimental Psychology: Applied, found that interaction with a chatbot developed by CNRS, ENS-PSL and INSERM was able to reduce vaccination refusal by 20 per cent within a test group of 338 participants.

In the control group, which received only brief information about the COVID-19 vaccination, there were no comparable results in terms of general views and willingness to vaccinate.

THE LARGER TREND

Although nearly three-quarters of all adult Europeans are now fully vaccinated against COVID-19, there remain huge disparities in vaccination rates across countries.

According to the vaccine tracker of the European Centre for Disease Prevention and Control (ECDC) as of 25 November 2021, individual EU countries such as Portugal (81.5 per cent), Ireland (76.2 per cent) and Denmark (76 per cent) have already made great progress in immunising their populations with a full COVID-19 vaccination, while the vaccination rate of other countries such as Germany, France or Austria continues to stagnate at below 70 per cent.

In other parts of Europe, especially in the south-west, the vaccination rates are significantly lower than 50 per cent. In Slovakia (45.7 per cent), Romania (37.3 per cent) and Bulgaria (24.7 per cent), very few people have received the double COVID-19 vaccine dose.

These vaccination backlogs are not only due to vaccine shortages, but in many cases a result of existing scepticism of many Europeans.

The researchers from France now hope that technology-based communication, such as chatbots, could have a positive impact on these figures in the future.

ON THE RECORD

“It remains to be shown whether the effects of chatbot interaction are lasting, and whether they are the same across age groups, and among those most resistant to vaccination”, emphasised the authors of the study with predominantly young and well-educated participants.

They added: “Half of the experimental group later tried to persuade others to get vaccinated, with three-quarters of them stating they drew information provided by the chatbot to do so.”

Source: healthcareitnews.com

Continue Reading

Health Care

Roundup: Medanta Adopts Qure.ai’s X-ray Software, India to Open a Medical Cobotics Centre, and More Briefs

Published

on

Medanta taps Qure.ai for AI-driven chest x-ray analysis

Medanta, a multi-speciality medical group in India, has partnered with Qure.ai to implement the latter’s artificial intelligence software to enhance chest x-ray analysis.

The hospital group will be adopting the qXR software which automatically analyses chest x-rays and spots findings for better diagnosis and treatment. The AI tool can detect 30 abnormalities of the lungs, pleura, heart, bones and diaphragm.

“Medanta strives to deliver world-class healthcare through its high-end medical equipment and superior infrastructure. State-of-the-art technology is an essential aspect of healthcare delivery,” Dr Naresh Trehan, chairman and managing director of Medanta, was quoted as saying in a news report.

The Qure.ai software has also been adopted by Fujifilm Corporation for its portable X-ray FDR Xair system. Through its recent partnership with AstraZeneca Malaysia, the startup has brought its x-ray software to some primary care clinics in Malaysia to support the early detection of lung cancer there.

Medical cobotics centre to be launched in India

The I-Hub Foundation for Cobotics at the Indian Institute of Technology – Delhi (IIT Delhi) and iHub Anubhuti at the Indraprastha Institute of Information Technology – Delhi (IIITD) have signed a memorandum of understanding to set up India’s first medical cobotics centre.

The two government-backed university technology hubs have been developing advanced technologies in robotics and collaborative robots (cobotics), digital health, sensing and computing technologies for robotic-assisted surgeries, training, and medical procedures.

According to a press statement, the Medical Cobotics Centre (MCC) at IIITD will be a tech-enabled medical simulation and training facility for young resident doctors, as well as other healthcare professionals, paramedical staff, technicians, engineers, and researchers.

It will also serve as a validation centre for research outcomes in the area of healthcare cobotics and digital health. This upcoming facility will establish partnerships with companies, undertake research, and work toward the commercialisation of technologies.

MMC’s training programmes will be at multiple levels and cohort-specific, such as urology, neurology, and laparoscopy, but will be initially limited to minimally invasive surgeries. Experts from All India Institute of Medical Sciences in New Delhi and other medical colleges will be consulted for these programmes and invited as guest faculty to conduct them.

The first batch of trainees is targeted to be inducted around April-May next year. They will be initially trained with basic training simulators while advanced surgical robots will come in the next phase.

Moreover, the centre will also be a place for various technology innovation hubs under the Indian government’s National Mission on Interdisciplinary Cyber-Physical Systems to “showcase their medical-related projects and products with applications,” according to IHFC CEO Ashutosh Dutt Sharm and IHFC Project Director Subir Kumar Saha.

Philips Foundation backs cardiac rehab programme in Singapore

Philips Foundation is funding one of the centres run by social service agency Singapore Heart Foundation that provides subsidised cardiac rehabilitation services.

The year-long project of Royal Philips’ non-profit organisation aims to reduce the mortality rate of cardiac incidences and help lower a patient’s risk of hospital readmission.

Specifically, it intends to close the gap in patients’ lack of participation in rehab programmes, which is considered a huge barrier in the secondary prevention of heart diseases. It was reported that only between 6%-15% of Singaporean patients attend cardiac rehabilitation programmes.

SHF-Philips Foundation Heart Wellness Centre is one of the social services’ three centres that provide cardiac patients and at-risk individuals with access to heart health.

Philips’ support, according to SHF Heart Wellness Centres Chairman Dr Tan Yong Seng, will provide SHF with the “resources required to continue providing affordable and quality support to the patients in need, as well as give our team the capacity to focus on raising awareness on the importance of cardiac rehab[ilitation] and drive higher participation in our programmes”.

Under the partnership, 20 sites in Singapore will be equipped with the Philips HeartStart automated external defibrillators (AED) and 500 persons will be trained in giving cardiopulmonary resuscitation (CPR) and AED over a year.

“Through the heart wellness centre’s education initiatives, the AED roll-out and the CPR training, we want to equip individuals and communities with the knowledge and resources to reduce the mortality rates of cardiac incidences in Singapore,” Philips Singapore Country Manager Ivy Lai said.

Original Source: healthcareitnews.com

Continue Reading

Trending

RLER.com