Last week, the White House announced plans to ban sales of new antivirus software from Kaspersky Lab, after years of opposition to the Russia-based company and concerns that its tools themselves pose risks. security risks to U.S. critical infrastructure, including health care.
The Biden administration alleges that Kaspersky’s privileged access to US IT systems — installed on computers used by health care organizations, state government agencies and others — could have allowed Kaspersky to steal critical data or secretly deploy malware.
“Russia has demonstrated it has the ability and…intent to exploit Russian companies like Kaspersky to collect and weaponize Americans’ personal information, and that’s why,” the U.S. Department of Commerce said. Why are we forced to take the action we are taking today? Foreign Minister Gina Raimondo on June 20, according to Reuters.
For its part, Kaspersky – which maintains that it is a private company with no government ties and plans to fight the ban in court – countered that the decision was based on current tensions between America and Russia, and based on “theoretical, or rather theoretical, concerns.” rather than a comprehensive assessment of the integrity of Kaspersky’s products and services.”
The new rule bans downloads of Kaspersky software – including updates, licenses and white-label versions of the product – starting September 29.
Kaspersky has been a concern for federal regulators since 2017, when the U.S. Department of Homeland Security first banned the company’s antivirus tools from federal networks, citing concerns that Russian intelligence agencies could force the company to collect data and intercept communications from agencies using the software.
The average breach cost is nearly $11 million
Meanwhile, a new report this week from fraud prevention company KnowBe4 has highlighted – for anyone who may not have noticed – the “severe cybersecurity crisis” affecting the healthcare industry. health care.
The company’s new International Healthcare Report finds that hospitals and other healthcare organizations are facing a serious increase in ransomware around the world – but particularly in the United States, with the number of attacks affecting U.S. facilities up 73%.
Among other findings from the new study:
- Over the past three years, the healthcare industry has seen a significant increase in the cost of cyberattacks, with the average cost of a breach now approaching $11 million – making the healthcare industry Health is by far the costliest area for cyber attacks.
- Healthcare organizations worldwide saw an average of 1,613 cyberattacks per week in the first three quarters of 2023, a sharp increase year-over-year.
- Ransomware attacks accounted for more than 70% of successful cyber attacks over the past two years.
- Between 79% and 91% of cyber attacks, depending on the industry, begin with phishing or social engineering tactics, allowing bad actors to gain unauthorized access to accounts or servers.
“Healthcare remains a top target for cybercriminals looking to exploit the life-or-death situations hospitals face,” said Stu Sjouwerman, CEO of KnowBe4. “With patient data and critical systems held hostage, many hospitals feel like they have no choice but to pay exorbitant ransoms.
“This vicious cycle can be broken by prioritizing comprehensive security awareness training to empower employees and foster a positive security culture as a strong defense against phishing and social engineering attacks.”
HIMSS candidate for ISC2 board
In other news, our colleague Lee Kim, who serves as senior director of cybersecurity and privacy at HIMSS (HIMSS is the parent company of Healthcare IT news), has announced his candidacy for the board of directors of ISC2, one of the largest cybersecurity-focused membership organizations.
She hopes any ISC2 members reading this will consider supporting her in this effort by voting for her campaign. Voting is open through July 2 on the ISC2 member portal.
Lee really knows her stuff and is the driving force behind the invaluable HIMSS Cybersecurity Survey each year. She notes that she is the only ISC2 board nominee from a nonprofit organization and the only one focused on the healthcare industry.
“I am very excited to be running for the ISC2 board,” Kim told HITN. “This comes at the right time because we need to prepare for the future of AI, virtual, hyperscale and quantum.
“It’s important that people vote for someone from a nonprofit focused on health care,” she added. “We know how to convene, collaborate and create change for the common good.”
Mike Miliard is executive editor of Healthcare IT News
Email the writer: [email protected]
Healthcare IT News is a HIMSS publication.
