According to the U.S. Cybersecurity and Infrastructure Security Agency (“CISA“), the potential hostilities between Russia and Ukraine are likely to spill over into cyber warfare. In this month’s CISA Insights:
Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies,… More
On October 28, 2020, a joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures used by cybercriminals against targets in the healthcare and public health sectors to infect their systems with Ryuk ransomware for financial gain.
CISA,… More
Editor’s note: This is the fourth in a continuing end-of-year series. See our previous posts on trade secrets, state regulation and law enforcement, and HIPAA compliance. Our last two posts will focus on the energy industry, and federal regulation and law enforcement.
In 2016, new and alarming cybersecurity threats emerged, raising concerns in government, the business world,… More
On July 11, 2016, the HHS Office of Civil Rights (OCR) released guidance on HIPAA covered entities’ responsibilities in a ransomware attack, a type of cyber-attack that has targeted the health care sector extensively in recent months. This guidance comes in the wake of a June 20, 2016 “Dear Colleague” letter from HHS Secretary Sylvia Burwell highlighting ransomware issues. The most notable of OCR’s statements is that ransomware attacks often constitute breaches subject to the HIPAA Breach Notification Rule.… More