Resources tagged with:
H-ISAC Media mention

Podcast: Reflecting on the Change Healthcare cyberattack, one year later

TechTarget | Xtelligent Healthcare Strategies Podcast

The Change Healthcare cyberattack had widespread, unprecedented impacts across the healthcare sector in February 2024 and beyond. What has the sector learned since, and are providers better equipped to handle a similar incident today?

Featuring: Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center (Health-ISAC)

This episode covers

• Systemic security challenges that the Change Healthcare cyberattack exposed
• Lessons learned in the year since the Change Healthcare cyberattack, and how the sector has improved its cybersecurity efforts
• Ongoing cybersecurity risks to the healthcare supply chain

and more!

Listen to the podcast on Apple Podcasts here. Listen Here

Expert: ‘Predictions are Cloudy’ on How Kennedy Will Handle Cyber, Privacy Issues

Other Health Sector Cyber Issues

“Every four years there is a transition in the U.S. government, whether it is a new administration or existing one. There is turnover and some initiatives may be put on hold,” said Denise Anderson, president of the Health Information Sharing and Analysis Center.

“As a result, new staff and leadership have to be made aware of issues and partnerships within the sector, and actions can be temporarily placed on hold, slowed down, changed or eliminated as people come up to speed,” she said.

Threat actors often take advantage of transitions within government to execute malicious activity, she said. “These situations perfectly illustrate where ISACs and sector coordinating councils bring value as steady, reliable industry communities who serve to make sure that critical infrastructure sectors like health remain resilient in the face of threats.”

Read the full article in Data Breach Today. Click Here

Researcher Jason Sinchak on Recent Cyber Warnings About Contec CMS8000 Devices

A hidden reverse backdoor in low-cost vital sign monitors used globally in patient homes and healthcare settings is hardcoded with an IP address connecting to a Chinese government-funded education and research network, which poses serious potential privacy, safety and other concerns, said security researcher Jason Sinchak of ELTON.

Health-ISAC pulled quotes

While physiologic monitors, such as the affected Contec CMS8000 devices, do not provide life-saving or life-sustaining treatment, they are essential to monitor the condition of at-risk patients, said Phil Englert, medical device security vice president at the Health Information Sharing and Analysis Center (Health-ISAC).

“Patient monitors are monitored centrally to promptly notify caregivers of changes in a patient’s condition. Rapid response can be the difference between a good outcome and a bad outcome,” Englert said.

Healthcare providers are encouraged to evaluate the risks and potential impacts to clinical workflow and clinical outcomes before making changes to the connectivity of monitoring systems,” he said. “If connectivity is maintained, ensure adequate network access controls, segmentation and network traffic monitoring are in place to prevent, detect, and respond to unexpected communications or network activity,” he suggested.

Read the full article in Healthcare InfoSecurity. Click Here

With the right cloud management tools and readiness to share security responsibilities, healthcare organizations can enjoy the cloud’s benefits while maintaining a strong defensive posture.

As providers shift from traditional data centers to cloud-based environments, they are adapting their cybersecurity strategies to address the cloud’s unique challenges and opportunities.

A critical aspect of the transition is understanding that health systems must stay proactive in safeguarding their data. That can surprise organizations that expect cloud service providers to manage cybersecurity fully, says Errol Weiss, chief security officer for Health-ISAC, a global nonprofit information sharing and analysis center focused on security in healthcare.

Health systems moving to the cloud should be prepared for a shared responsibility model, Weiss says, with each party’s roles depending on the architecture and the cloud provider involved.

“There are varying levels of responsibility, and organizations need to plan for this, have the staff to adequately manage and run it, and have the tools to manage these differences,” he adds.

Read the full article in Health Tech. Click Here

The shape of AI regulation will be uncertain under the Trump administration this year, while healthcare companies will continue bolstering cyber defenses to withstand increasing attacks, experts say.

Cybercriminals continue to target healthcare

Cybersecurity proved to be a major challenge for the healthcare sector in 2024, and organizations are taking notice, experts say. But bringing the industry’s cyber protections up to snuff will take time — and hackers are unlikely to stop targeting healthcare firms.

The industry is coming off a year that included multiple high-profile attacks. In early 2024, the entire healthcare ecosystem struggled to manage the fallout from the cyberattack against Change Healthcare, a technology firm and claims processor owned by industry giant UnitedHealth.

The attack — which exposed data from a record-breaking 100 million Americans — was a “milestone event” that highlighted the interconnected nature of the sector, said Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center, or Health-ISAC.

“I think the wake-up moment there was how suppliers could have a single point of failure impact on delivery of healthcare,” Weiss said.

Read the full article in Healthcare Dive. Click Here

The New York Blood Center (NYBC) said it suffered a ransomware attack that disrupted operations and forced it to reschedule some operations.

Cyber attacks on blood donation centers have prompted the Health Information Sharing and Analysis Center (Health-ISAC) and the American Hospital Association (AHA) to issue a joint threat bulletin warning of potential supply chain disruptions.

“The recent ransomware attack on the New York Blood Center (NYBC) serves as a wake-up call for organizations across sectors, particularly those in critical services such as healthcare,” said Roei Sherman, Field CTO at Mitiga. “As one of the world’s largest independent blood collection and distribution organizations, this incident undermines not just their operational capacity but potentially jeopardizes public health.”

Read the full article in CPO Magazine. Click Here

Three vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) software are thought to be under active exploitation. The American Hospital Association (AHA) in conjunction with the Health Information Sharing and Analysis Center (Health-ISAC) has issued a cybersecurity advisory about the vulnerabilities and threat actor activity. Healthcare organizations have been advised to prioritize patching the vulnerabilities.

The vulnerabilities were identified by researchers at Horizon3 in December 2024 and were disclosed to SimpleHelp on January 6, 2025. Patches were released to fix the vulnerabilities on January 13, 2025, when the flaws were publicly disclosed. Within one week of the public disclosure, threat actors are thought to have started exploiting the vulnerabilities. 

Read the full article in The HIPAA Journal. Click Here

Health-ISAC published a whitepaper addressing the tasks needed to maintain the cyber resilience of medical devices and how the responsibilities may shift from party to party throughout the total product. As medical devices move through the lifecycle phases, the responsibility for tasks may transfer between the manufacturers and the customer. The Health-ISAC whitepaper identifies that communication between the two parties is essential as the device moves through the lifecycle so that tasks are coordinated, and security gaps within the product are reduced.

Titled ‘Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle,’ the white paper identified that medical devices go through four lifecycle phases, with varying levels of responsibilities placed on the medical device manufacturer and the healthcare delivery organization. Healthcare delivery organizations (HDOs) should perform more regular risk assessments going into end of life (EOL) and end of support (EOS) to determine if they can accept the risk of continued use. It also points out that the responsibility for maintaining a medical device’s cybersecurity posture evolves throughout the lifecycle of a device. 

Read the full article in Industrial Cyber. Click Here

Ransomware Attack on the Center Is the Latest Assault on Blood Supply Chain

Those earlier blood supply cyber incidents triggered several healthcare sector cybersecurity alerts from governments, authorities and industry groups, including a bulletin from the Food and Drug Administration and a joint advisory from the Health Information Sharing and Analysis Center and the American Hospital Association (see: Attacks on Blood Suppliers Trigger Supply Chain Warning).

“The ransomware attacks on Synnovis, Octapharma and OneBlood by Russian ransomware gangs caused massive regional disruptions to patient care,” said Errol Weiss, chief security officer at the Health ISAC. “The shortages of blood and plasma that these attacks brought delayed critical treatment and postponed important surgeries.”

“Healthcare systems should consider alternative suppliers and have multiple suppliers to create redundancy if mission-critical blood suppliers are impacted by a cyberattack,” he said.

Read the article in Healthcare Infosecurity or Bank InfoSecurity. Click Here

This article in Forbes covers the following topics:

Read the article in Forbes. Click Here

The Chinese AI startup’s vulnerabilities expose sensitive user data and jailbreaking risks, raising alarms for tech leaders.

“We are at risk of data breaches simply due to the ease of access and rapid deployment of AI models like DeepSeek. We must take proactive steps to avoid the chaos of unpreparedness,” urged Errol Weiss, Chief Security Officer at Health-ISAC.

The rapid evolution of AI technology needs to be met with equally mature security practices to prevent catastrophic outcomes. Continuous dialogue between AI development teams and cybersecurity experts can help bridge the gap between innovation and safety.

Read the full article in The Pinnacle Gazette. Click Here

New York Blood Center Enterprises is responding to a ransomware attack and has canceled some blood drives and other donation center activities as a result.

New York Blood Center Enterprises is responding to a ransomware attack that began on Jan. 26, 2025, and continues to disrupt its operations. New York Blood Center Enterprises said its operating divisions identified suspicious activity within its IT systems and immediately launched an investigation. The nonprofit, community-based organization supplies blood to approximately 200 hospitals across the Northeast.

Following the Octapharma and OneBlood cyberattacks, the American Hospital Association (AHA) and the Health Information Sharing and Analysis Center (Health-ISAC) released a joint bulletin warning the sector of the effects of critical supply chain outages on patient care.

Read the article in the TechTarget Network. Click Here