2 Minute Drill: Embracing Tech in Healthcare and Beyond
Episode 2223rd April 2024 • This Week Health: Newsroom • This Week Health
00:00:00 00:05:34

Transcripts

  Hey everyone, I'm Drex and this is the 2 Minute Drill brought to you exclusively by our partner, ORDR, the Connected Asset Visibility and Security Company. ORDR can bring nearly instant visibility to everything on your network with a minimal setup time from your team. Find out more at thisweekhealth.

com slash ORDR, that's O R D R. ThisWeekHealth. com slash order. On the two minute drill, we do at least three stories at least two times a week. All for one great community, the 229 cyber and risk community here at This Week Health. I try to keep the discussion mostly non technical, mostly plain English. So it's easy to share with your peers inside and outside of information services and information security.

Thanks for being with me today. Here's some of the stuff you might want to know about. I really like this council post from Forbes by Brian Greenberg called Workers of the World Unite, Embracing Technology in Every Job. The core takeaway is that practically every job now is a tech job, including carpentry and food services and retail, and of course, Healthcare.

I used to talk about this with my peers and my team as being comfortable with your uncomfortableness because the industry continues to grow and change and there's constantly new tools and new capabilities and generative AI and the list goes on and on and on. So our industry and our clinics and our hospitals and everything that touches healthcare will continue to integrate tech into the workflow and the integration process will continue to deepen and so where we.

Talk about people, process, and technology as separate things today. We may not be able to separate them as elements of our work or our mission so cleanly in the near future. It's a big reason why the security roles become so important. Feels like the top reason we lose our workflow these days and that we stop being able to take care of patients is because a cyber event has sort of ripped the guts out of a Clinical or business workflow, and all of that has tech deeply integrated.

So keep pushing on the security mission. It's not a separate thing anymore. It is the mission. And if nobody has said thanks for your help today, I'll do it. Thanks. Here's an interesting one. You know, cyber's hit the big time mainstream when you see 60 Minutes cover the ransomware gang Scattered Spider, and they actually do a pretty nice job covering some of the complicated ins and outs of social engineering and the shadowy corners of the dark web and the interesting relationship that has bloomed between native English speaking cyber gangs and Russian e crime syndicates.

It's a good story. They do it all in just 13 minutes. It's totally worth the watch. And yes, finally, of course, I'm gonna say a couple of things about Change Healthcare. The Wall Street Journal now is reporting that the bad guys were inside Change for more than a week before they detonated the ransomware bomb that we all know about now.

They go on to report that the cyber gang, ALF V, got into change using a compromised ID and password on an application that did not have multi factor authentication. And from there, the bad guys were off to the races, moving laterally, meaning they hopped across the network, looking for the crown jewels of data.

So it's likely that's the time period where the bad guys downloaded all the data that they've been holding for a secondary ransom. And by the way, The clock reportedly ran out on the demand for change to pay more ransom. Or the cyber gang who was holding that four terabytes of data, that cyber gang Ransomhub, was going to put that data up for auction.

But it's been weirdly quiet. And while Ransomhub leaked a lot of the file names to let everyone know that they had really important data, now it appears that the data, the files, the names may have been scrubbed off their page on the dark web late in the weekend. I've heard this from a few folks now. I wonder what that means.

But I don't know. I'll keep asking questions though, and if I hear more on the situation, I'll keep you posted. And if you know something I don't, it's okay to hit me up via email at Drex at ThisWeekHealth. com or on Signal, non attribution, because just like you, I'm just trying to understand what's going on.

All this fun stuff is at ThisWeekHealth. com slash news. Go there. That's where I post all these stories and a whole bunch more. Uh, you can keep up or you can catch up thisweekhealth. com slash news. One more thing. Yesterday we released the first official long form cyber podcast from This Week Health.

It's called Unhack the Podcast. And my cohost, Shana Hofer, uh, we dove into, uh, how the Bad guys are using AI and how the good guys are using AI too. So it's really interesting and a good story. All that's on the new show, Unhack the Podcast. Find it wherever you get your podcast. Just look for this week health conference.

You'll find Unhack the Podcast and a bunch of other shows that I'm pretty sure you'll like in that channel. Feel free to dig in. Thanks again to our partner, Order, the exclusive sponsor of the Two Minute Drill. You can see them at RSA in May, or you can check out Order AI Chasm for yourself in person. I appreciate you giving me a bit of your time today.

And that's it for the Two Minute Drill. Stay a little paranoid. I'll see you around campus.

Chapters

Video

More from YouTube