Latest Ransomware Trends: Lessons to Learn

Learning From Difficult Recoveries and Advice in Government Alerts … Clearly, there are no guarantees that all data will be recoverable after a ransomware attack, says Keith Fricke, principal consultant at tw-Security. “Confidence is usually high that backed-up data can be fully restored as long as ransomware-encrypted files have not become part of the backup, […]

Read More

Health Data Breaches in 2020: Ransomware Incidents Dominate

Blackbaud, Magellan Health Incidents Trigger Numerous Breach Notifications … “Ransomware continues to be a lucrative business for criminals,” says Keith Fricke, principal consultant at tw-Security. “Until targeted organizations implement security controls that effectively hamper the overall earnings of ransomware attacks, the criminals will continue using ransomware as a revenue generator.” … Phishing scams remain a […]

Read More

A Tale of Two Hacker Incidents

Healthcare Organizations Facing More Cyberthreats … Keith Fricke, principal consultant at tw-Security, predicts: “The fourth quarter of 2020 will bring a spike in criminal phishing campaigns due to the holiday season, an election year and possibly more hurricane-related destruction prompting charitable agencies seeking donations.” … Healthcare organizations need to be well-prepared to prevent, detect and […]

Read More

Lifespan Health System Hit With $1 Million HIPAA Fine

Hefty Penalty After Theft of Unencrypted Laptop … “Additionally, sometimes the problem is that if the administrative console for managing device encryption cannot definitively prove that a lost or stolen device was encrypted, an organization in that situation has to assume the worst and declare a breach,” notes Keith Fricke, principal consultant at tw-Security. … […]

Read More

Health Data Breach Trends: A Mid-Year Assessment

Biggest Incidents Have a Wide Variety of Causes … Because some recent business associate breaches – such as the Magellan ransomware incident – have affected multiple healthcare organizations, “it’s clear how interconnected we are,” notes Susan Lucci, senior privacy and security consultant at tw-Security. “With multiple points of connectivity, it is likely that if one […]

Read More

A Tale of 2 Health Data Breaches: Persistent Challenges

Protecting Legacy Systems, Email Proves Difficult for Many … Keeping legacy information systems secure from ransomware attacks, as in the RDH breach, and other intrusions is an ongoing challenge, says Tom Walsh, president of consulting firm tw-Security. “Retired legacy systems normally have limited access and are no longer considered a critical application,” Walsh says. “Therefore, […]

Read More

Ransomware Attacks Hit 2 More Healthcare Organizations

Security Advisers Offer Risk Mitigation Tips … Healthcare organizations should take a number of critical steps to prevent falling victim to ransomware, says Tom Walsh, president of consulting firm tw-Security. “The most important step in prevention of ransomware is workforce awareness,” he says. “Because phishing emails are common and getting more sophisticated, employees could be easily […]

Read More

The Insider Threat – Lessons From 3 Incidents

How to Detect, Prevent Inappropriate Access by Authorized Users … For hospitals and clinics, trying to identify unauthorized access to patient information “is like looking for a needle in a haystack,” says Tom Walsh, president of the consultancy tw-Security. “That’s why an advanced audit tool – application/program – is needed. It acts like a large […]

Read More