HHS Secretary, Meltdown fallout, and Russia
TLP White
We may have a new HHS Secretary, there’s fallout from meltdown, and more from Russia. All on this week’s Hacking Healthcare:
Hot Links –
- Azar for HHS: Last week, Alex Azar testified[1] before Senate Finance as a nominee to be the next HHS Secretary. He listed four priorities in his testimony, none of which touched on the cybersecurity and resilience of the sector. A passing comment would have been nice, but we also got nothing on this subject during Tom Price’s hearing.[2] Better learn quick as the threat is only getting worse: “Ransomware Attacks Against Healthcare Orgs Increased 89 Percent in 2017”[3]
- HHS Meltdown: We failed to reference a bulletin[4] from the HCCIC in last week’s edition on the Meltdown and Spectre It is good to see the HCCIC generating product. However, recommendations given in this document may be misconstrued as regulatory guidance. It would be good to see future bulletins to clarify such guidance.
- Russia Russia Russia: Last week, the Senate Foreign Relations Committee published an important report on Russia’s global campaign against democracy. The 200-page report looks at different techniques the Kremlin has used against established and emerging democracies around the world. The report acknowledges the cyber-threat that Russia poses to the critical infrastructure of the U.S. and its allies. One of the recommendations is to impose a muli-lateral regime of escalating sanctions against the perpetrators of cyber-attacks.[5]
[1] https://www.finance.senate.gov/imo/media/doc/09Jan2018AzarSTMNT.pdf
[2]http://www.thisweekinimmigration.com/uploads/6/9/2/2/69228175/hearingtranscript_senatefinancepriceconfirmationhearing_2017-01-24.pdf
[3] https://www.healthcare-informatics.com/news-item/cybersecurity/report-ransomware-attacks-against-healthcare-orgs-increased-89-percent-2017
[4] https://content.govdelivery.com/attachments/USDHSCIKR/2018/01/05/file_attachments/939003/HCCIC-2018-001-Spectre-Meltdown-3.pdf
[5] https://www.foreign.senate.gov/imo/media/doc/FinalRR.pdf
As a reminder, this is the public version of the Hacking Healthcare blog. For additional in-depth analysis and opinion, become a member of H-ISAC.
Read full blog below: