Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
Ransomware has been one of the highest-profile cybercrimes of 2016, and the FBI has been at the heart of many investigations. Jay Kramer, a supervisory special agent with the bureau, discusses what he's learned about defending against ransomware in this video interview.
In the wake of recent cyberattacks on the financial sector, the Insurance Regulatory Authority of India plans to develop by March 2017 a comprehensive cybersecurity framework offering guidance for insurers. Security experts weigh in on the priority areas that need IRDAI's attention.
In recent weeks, many more hacker attacks - including some ransomware assaults - on healthcare entities large and small have been added to the federal tally of major breaches, continuing a trend that started in 2015.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.
The online advertising industry has a malware problem that, in part, has driven increased use of ad-blocking software. It's facing a complicated task: Clean up the security problems or face possible regulation.
The proposed guidance from the National Highway Traffic Safety Administration focuses on hardening a vehicle's electronic architecture against cyberattacks and to ensure vehicle systems take appropriate actions even if an attack succeeds.
A recent breach reported by an Arlington, Texas-based pediatric clinic serves as the latest reminder of the substantial risks ransomware poses to patient data. The clinic offers advice to others based on difficulties it experienced in the response to the attack, and security experts also provide insights.
As cyberattacks on healthcare entities continue to surge, federal regulators are urging organizations to safeguard network-attached storage devices and other gear that supports or enables file transfer protocol services.
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
Britain has launched a new National Cyber Security Center to help U.K. organizations better respond to cybersecurity incidents. But Brexit is imperiling intelligence-sharing arrangements that help the U.K. battle attacks and track cybercriminals.
A new cyberattack trend report from Europol notes that while online criminals continue to refine their capabilities, old and unsophisticated attacks too often still succeed, thanks to poor digital hygiene and a lack of security by design and user awareness.
The Department of Health and Human Services is gearing up for its first-ever round of HIPAA compliance audits of business associates, and is also developing new guidance aimed at helping organizations deal with a surge in cyber threats.
The cybercrime sector involves a rapidly growing services economy that provides everything from bulletproof hosting and stresser/booter DDoS on demand, to ransomware-as-a-service and sites that offer to launder bitcoins via a process known as tumbling.
Is recently issued guidance from federal healthcare regulators clarifying when a ransomware attack needs to be reported starting to have an impact? Two recent breach notifications could be an early indication that the answer is yes.