FBI gives suggestions on how to prevent healthcare hackers

In recent news, healthcare hackers such as “TheDarkOverlord” have been stealing private patient records and parading their spoils around the internet. He claims he will sell these private documents on the black market if ransom is not paid by the healthcare providers he hacked. This activity has caught the interest of the FBI, reports Information Management.

When contacted about information regarding the data theft, the FBI declined to comment on an ongoing investigation but did offer guidelines for healthcare providers in what they should implement to prevent another hack of this size.

The FBI guidelines are as follows:

  • Enhance employee awareness about malware threats and train appropriate individuals on information security principles and techniques.
  • Patch operating systems, software and firmware on devices. All endpoints should be patched as vulnerabilities are discovered. This precaution can be made easier through a centralized patch management system.
  • Ensure anti-virus and anti-malware solutions are set to automatically update and that regular scans are conducted.
  • Manage the use of privileged accounts by implementing the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary; they should operate with standard user accounts at all other times.
  • Configure access controls with least privilege in mind. If a user only needs to read specific files, he should not have “write” access to those files, directories or shares.
  • Disable macro scripts from office files transmitted via e-mail. Implement software restriction policies or other controls to prevent the execution of programs in common malware locations.
  • Regularly back up data and verify the integrity of those backups.
  • Secure backups and ensure they are not connected to the computers and networks they are backing up. Examples might be securing backups in the cloud or physically storing them offline.
  • Implement application whitelisting. Only allow systems to execute programs known and permitted by security policy.
  • Use virtualized environments to execute operating systems or specific programs.
  • Categorize data based on organizational value and implement physical/logical separation of networks and data for different organization units. For example, sensitive research or business data should not reside on the same server or network segment as an organization’s e-mail environment.
  • Require user interaction for end user applications communicating with websites uncategorized by the network proxy or firewall.
""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.