The White House announced this week that it will ban the sale of new antivirus software from Kaspersky Lab. This follows years of opposition to the Russian-based company, and concerns that its tools pose a threat to critical U.S. Infrastructure, including healthcare.
The Biden Administration claims that Kaspersky has privileged access to American IT Systems – it is installed on computers used in healthcare organizations, state governments agencies and elsewhere – which could allow it to exfiltrate data or stealthily install malware.
“Russia has demonstrated it has the capability and… the intention to exploit Russian businesses like Kaspersky in order to collect and weaponize personal information of Americans, and that is the reason we are compelled today,” said U.S. Secretary of Commerce Gina Raimondo June 20, as reported by Reuters.
Kaspersky, which maintains it is a privately owned company with no government ties and plans to challenge the ban in court, countered the decision by stating that the decision was made based on the current tensions between Russia and the U.S., and “theoretical fears, rather than a comprehensive evaluation on the integrity of Kaspersky’s products and services.”
Starting Sept. 29, the new regulations prohibit downloading of Kaspersky products, including updates, licenses and white-labeled versions.
Since 2017, Kaspersky has caused concern among federal regulators. Department of Homeland Security banned Kaspersky’s antivirus tools from federal networks in 2017, citing fears that Russian intelligence agencies might force the company to collect data and intercept communications of the agencies using the software.
Average breach cost nears $11M
A new report from phishing prevention firm KnowBe4 this week shines a harsh light – for those who may not have noticed yet – on the’severe cybercrisis’ affecting the healthcare sector.
The new International Healthcare Report from the company shows that hospitals and other healthcare organizations are facing an increase in ransomware attacks worldwide, but especially in the U.S. with a 73% rise in attacks against U.S. facilities.
The new research has also revealed:
- In the last three years, cyberattacks have cost the healthcare industry a lot of money. The average cost is now $11 million, making healthcare the most expensive sector for cyberattacks.
- In the first three-quarters of 2023, healthcare organizations around the world saw an average of 1,613 attacks per week. This is a significant increase from the previous year.
- Ransomware attacks have accounted for 70% of successful cyberattacks over the past two years.
- Depending on the sector, 79% to 91% of cyberattacks began with phishing and social engineering tactics. These techniques allow bad actors access to accounts or server without authorization.
“The healthcare industry remains a prime target of cybercriminals who are looking to take advantage of the life-or death situations hospitals face,” said KnowBe4’s CEO Stu Sjouwerman. “With critical systems and patient data held hostage, hospitals feel they have no choice but pay exorbitant amounts of ransom.
“This vicious circle can be broken by prioritizing security awareness training for employees to empower them and cultivate a security culture that is positive as a strong defence against phishing and other social engineering attacks.”
HIMSS candidate for ISC2 Board
In other news, our colleague Lee Kim, who serves as senior principal of cybersecurity and privacy at HIMSS (HIMSS is the parent company of Healthcare IT News), has announced her candidacy for the board of directors of ISC2, one the biggest cybersecurity-focused membership organizations.
She hopes that any ISC2 member who reads this will consider supporting this campaign by voting. Voting will be open until July 2nd on the ISC2 Member Portal.
Lee is a real expert and she is the driving force of the HIMSS cyber security survey every year. She says that she is the only ISC2 candidate with a healthcare focus, and also the only one from the nonprofit sector.
Kim tells HITN, “I am happy to be a nominee for the ISC2 Board of Directors.” “This is a great opportunity as we need to prepare for an AI future, virtual, meta, and quantum-based future.
She adds, “It is important that people vote a candidate from a non profit that focuses on the healthcare industry.” “We know how convene, collaborate and effect change for the greater benefit.”
Mike Miliard is the executive editor of Healthcare IT News
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News, a HIMSS magazine.