Cybersecurity Saturday

Photo by Christine Sandu on Unsplash

Healthcare Dive reports that

  • The COVID-19 pandemic has created an upheaval in healthcare cybersecurity, according to a new report from CI Security, as the use of personal devices to conduct work tasks has boomed.
  • And despite the dramatic growth in telehealth services, “many healthcare organizations are still struggling to implement digital health initiatives in a secure manner,” according to the report. Telehealth became vulnerable to attack almost as soon as providers began relying on it to treat patients.
  • CI Security analyzed breaches publicly reported to HHS, and the results are grim. Breach reports were up 35.6% in the second half of 2020 compared to the first half, while the number of patient records that were breached increased more than 180%, although the bulk of those incidents are tied to business associates rather than providers directly. However, CI Security officials fear that the situation will continue to deteriorate in 2021 unless healthcare organizations take proactive steps.

On February 10, the House of Representatives Homeland Security Committee held a hearing on assessing cyberthreats and building resilience. Cyberscoop reports on the hearing here.

Chris Krebs, who served as the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, on Wednesday also hinted at the complexity of the security threats against American systems when he suggested a disgruntled employee was “very likely” behind a breach at a Feb. 5 water treatment facility in Florida. While a federal investigation into the incident — in which an attacker attempted to change the level of sodium hydroxide to a dangerous level for consumption — remains ongoing, Krebs also said an attacker outside the U.S. may have been the culprit.  “This is why we do investigations,” he said.

On the Solarwinds backdoor hack front, C4isrnet.com informs us that

Reacting to senators’ criticism of a disorganized response to a massive government hack, the White House said a top cybersecurity adviser is leading the recovery.

The news Wednesday [February 10] that Anne Neuberger, deputy national security adviser for cyber, is in charge of responding to the Russian breach pleased Senate Intelligence Committee leaders, who called the effort disjointed a day earlier and have pushed for more information about federal cybersecurity.

“The federal government’s response to date to the SolarWinds breach has lacked the leadership and coordination warranted by a significant cyber event, so it is welcome news that the Biden administration has selected Anne Neuberger to lead the response,” said Sens. Mark Warner, D-Virginia, and Marco Rubio, R-Florida, the committee chairman and vice chairman, respectively. “The committee looks forward to getting regular briefings from Ms. Neuberger and working with her to ensure we fully confront and mitigate this incident as quickly as possible.”

Before moving to a new cybersecurity-focused role on the National Security Council, Neuberger was the first director of the National Security Agency’s Cybersecurity Directorate, created in 2019 to provide the private sector key intelligence to bolster national cybersecurity.

Media reports noted that the Biden administration said Neuberger has been the point person on the federal response all along, but that role had not been known publicly.

Finally, Meritalk tells us about a cybersecurity colloquium held earlier this week.

The advent of new leadership in the White House and the still-unfolding impact of the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products are leading to a fresh consideration of options to improve Federal cybersecurity, panelists said on Feb. 9 at the Resiliency Colloquium event organized by MeriTalk, ACT-IAC, and the Partnership for Public Service.

Former Federal CIO Tony Scott, who moderated a panel discussion on cybersecurity, explained that the China-based hack of Office of Personnel Management (OPM) records came to light early in his tenure in 2015, and “caused us to look around and say what else do we need to worry about.”

Sean Connelly, who manages the Trusted Internet Connections (TIC) program at the Cybersecurity and Infrastructure Security Agency (CISA), recalled that the government’s response to the OPM hack included a burst of activity from the Office of Management and Budget (OMB) on improving security. “A lot of the discussions we are having across the Federal government echo some of those same tenets,” he said.

In a general way, Connelly mentioned that security discussions inside government currently include issues such as the surge in Federal teleworking, the use of home networks in that regard, and opportunities presented by cloud services. “A lot of different areas have come together now to move us forward” in a similar way as following the 2015 OPM breach, he said.