2 Minute Drill: Ransomware Revelations and Cybersecurity Updates - Navigating New Terrain
Episode 115th March 2024 • This Week Health: Newsroom • This Week Health
00:00:00 00:03:08

Transcripts

  Hey everyone, I'm Drexan. This is the two and a half minute drill. We do at least three security stories at least two times a week. All for one great community, the 229 Cyber and Risk Community here at This Week Health. I try to make this a mostly English, mostly non technical update. That means it's okay to share it with everyone in your organization.

Here's some stuff you might want to know about. The news from Change Healthcare appears to get more drama ish as reports start to flow that perhaps there's been a ransomware payment made to the Ransomware as a Service affiliate partner of Black Cat, a. k. a. AlfV. The cyber thugs responsible for the attack.

And to make it even more complicated, it now appears that Black Cat themselves then stole all the Bitcoin from the affiliates wallet before shutting down their own servers. Maybe as part of an exit scam. There's really no honor amongst thieves. And by the way, change has no comment on these reports.

There's a lot more about this innovative ransomware as a service model in plain English. In Friday, March 1st, two and a half minute drill. Now here's a couple of other stories that didn't get the attention they deserved while we were all distracted by the Change Cyber event and the VIVE conference last week.

First, the National Institute of Standards and Technology, or NIST, released version 2. 0 of their cybersecurity framework. Most, if not all, health systems and a number of other organizations have built their cyber programs based on the framework. It has a Whole new section on governance, which is focused on how to organize and make good decisions about security strategy.

And second, the Health Sector Coordinating Council released their five year plan. I did a first episode of Unhack the Podcast with HSCC Executive Director Greg Garcia last week prior to the release of the five year plan at Vive. Totally worth the read. Go check it out. Before I stop, let me go back to the Change Healthcare Alleged Ransomware Payment story.

I can only imagine what kind of effect this payment thing is going to have to motivate cyber thugs to attack healthcare organizations. The one thing to remember about all of this is this. To cybercrime organizations, Your organization is an ATM. They don't care about your hospital or you or patients or families.

And if that makes you mad, good. Join the club. There's so much more going on in cyber right now. I drop all of these stories here and a whole bunch more at ThisWeekHealth. com slash news. Go there and read and learn and share. And I'm headed to the HEMS conference next week. I'd love to catch up with you in person.

Drop me a note at DrexitThisWeekHealth. com and check out the 229 cyber risk community at ThisWeekHealth. com slash security. Please like and share this post, tag your friends, and that's it. for today's two and a half minute drill, mostly on time today. Stay a little paranoid. I'll see you around, Hems.

Chapters

Video

More from YouTube