[LINK] Should Australia should ask Microsoft and Google etc the same questions?
Stephen Loosley
stephenloosley at outlook.com
Thu Jun 13 13:26:52 AEST 2024
US secures Microsoft, Google commitments for free rural hospital cyber
services
By David DiMolfetta, Cybersecurity Reporter, Nextgov. JUNE 10, 2024
https://www.nextgov.com/cybersecurity/2024/06/us-secures-microsoft-google-commitments-free-rural-hospital-cyber-services/397232/
US secures Microsoft, Google commitments for free rural hospital cyber
services
The White House is hoping more tech and cyber firms will sign on.
Microsoft and Google will commit free and low-cost cybersecurity
resources to some 2,100 rural hospitals across the U.S. as part of a
White House-led initiative to bolster the healthcare sector’s
cybersecurity posture.
The commitments announced by deputy national security advisor for cyber
and emerging technology Anne Neuberger follow a slew of recent
cyberattacks on the healthcare sector that have crippled prescription
routing supply chains, snarled claims processing and forced ambulances
to divert away from certain hospitals.
Microsoft will offer grants and discounts of up to 75% on security
products tailored for smaller care centers, as well as larger rural
hospitals already using the company’s services. It will also provide its
most advanced security suite for free for one year, offer gratis
cybersecurity assessments for qualified providers and provide training
for hospital staff.
In parallel, Google will offer free endpoint security consulting and
stand up a funding pool to assist hospitals with software migration. It
will also launch a pilot program to help the hospitals develop
customized security packages that address their unique infrastructure needs.
The National Security Council reached out to multiple firms to gauge
interest in providing the services. Microsoft and Google “were the two
that raised their hands” but the White House is hoping more will get
involved, said Neuberger in a Sunday call with reporters to preview the
announcement.
Hospitals receiving the services span the country, from Maine to Texas
and the Midwest. Rural hospitals, defined as being more than 35 miles
from another hospital, have become a top issue for NSC because patients
have to travel further to access care if they are impacted by a cyber
intrusion.
“What we’re trying to do is help the most vulnerable hospitals and,
frankly, the hospitals that typically have the least resources,”
Neuberger said. The Biden administration is preparing to roll out
minimum cybersecurity standards for hospitals but the U.S. faces a
likely challenge of pushing unwanted regulations on the private sector.
“Part of the challenge for us we find is that we see people often want
it both ways,” she said. “They don’t want regulation. They don’t want
the government saying they need to do some key things to stay safe. But
as attacks rise — without those key steps — companies are more
vulnerable than they need to be.”
A February cyberattack on UnitedHealth’s Change Healthcare unit caused
massive cascading impact in what was arguably the largest cyberattack on
the U.S. healthcare industry to date. Some 36% of respondents to a
recent American Medical Association survey experienced claim payment
suspensions, while 32% said they were unable to submit claims
altogether. It highlighted how a “single point of failure” can enable
one cyberattack alone to cause hampering effects on a number of people.
A separate hack into Ascension’s healthcare network last month has
crippled multiple hospitals’ operations over the past several weeks,
forcing ambulances to divert as staff take systems offline.
Healthcare infrastructure is a treasure trove for hackers because it
often contains digital repositories of sensitive patient information
that, if pilfered, can be sold to other criminal cyber operatives for
use in extortion or fraud schemes.
Hackers frequently target hospitals by quietly injecting malware into
their networks that holds sensitive data or essential systems hostage in
exchange for a ransom payment, known as ransomware. Paying cyber ransoms
is a difficult decision and hotly debated topic, as victims have to
deliberate in a matter of days or hours over whether cybercriminals will
keep their promise to return stolen data once payments are made out.
A February intelligence community analysis says cyberattacks against the
healthcare sector skyrocketed 128% in 2023, with 258 known victims that
year versus 113 in 2022.
--
More information about the Link
mailing list