Security Notification Update: Increased Cybercrime Threats to U.S. Hospitals and Healthcare Providers

Tips & Tricks

Back to Tips & Tricks

In a joint alert sent on October 28th, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the U.S. Department of Health and Human Services said they have “credible information” that cybercriminals are taking new aim at healthcare providers and public health agencies even as the coronavirus pandemic reaches new heights.

To quote the agencies press release, “CISA, FBI and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers,” officials said. “Malicious cyber actors” may soon be planning to “infect systems with Ryuk ransomware for financial gain” on a scale not yet seen across the American healthcare system.

The agencies recommended that hospitals, practices and public health organizations take “timely and reasonable precautions to protect their networks from these threats” which they said include targeting with Trickbot malware, “often leading to ransomware attacks, data theft, and the disruption of healthcare services” just as hospitals are also hard-pressed to respond to a third wave of the COVID-19 crisis.

The CISA, FBI and HHS agencies offered fundamental guidelines for how hospitals and healthcare organizations can harden their defenses to help protect against ransomware and other cyberattacks:

  • Patch operating systems, software and firmware as soon as manufacturers release updates.
  • Check configurations for every operating system version for HPH organization-owned assets to prevent issues from arising that local users are unable to fix, due to having local administration disabled.
  • Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.
  • Use multifactor authentication where possible.
  • Disable unused remote access/Remote Desktop Protocol ports and monitor remote access/RDP logs.

In combination with the government agencies suggestions, DI is recommending that our customers follow our guidelines for the best practices in securing your Instrument Manager applications, as described in our Secure Configuration Guidance White Paper located within IM help.

Please let us know if you have any questions or concerns. As always, we are committed to ensuring your protection, and recommend the continued adherence to application configuration best practices.

More Tips & Tricks Articles

Tips & Tricks

TCP/IP Keep-Alive

Data Innovations’ (DI’s) Instrument Manager (IM) offers connectivity that enables integration with virtually any instrument, LIS, or EMR/EHR regardless of...

Instrument Manager, Tips & Tricks

Following Driver Updates in My DI Community

Overview

Data Innovations (DI) provides ways to stay up to date on the latest driver updates.The first way is right through...

Instrument Manager, Tips & Tricks

Net Gateway Startup Issues (Error 5023)

Overview

When IRIS and Instrument Manager (IM) are starting after a server shuts down or restarts, the .NET gateway is not...

Tips & Tricks

How to Install Instrument Manager™ Core Software

NOTE These instructions apply for Data Innovations’ North American customers. If this is your first time installing IM, please contact Data...

Tips & Tricks

How to help Data Innovations help you when requesting Support

Data Innovations' Tips & Tricks are intended to promote the effective and productive use of Instrument Manager. Fortunately, Instrument Manager...

Tips & Tricks

Evaluation Rules for Clinical Ranges Precaution

When building an Autoverification Rule Set it's common to include evaluation rules for Clinical Ranges. These rules typically set test...

Tips & Tricks

Instrument Manager System Preventative Maintenance (volume 1)

Instrument Manager is a robust software application with a proven track record of operational stability. However, as with any software...

Tips & Tricks

Instrument Manager System Preventative Maintenance (volume 2)

This month's Tips & Tricks is the second installation of Preventative Maintenance recommendations intended to help you maintain a stable...

Ready to learn more?