NSA releases maturity guidance for the Zero Trust Network and Environment Pillar
On March 5, the National Security Agency (NSA) released a Cybersecurity Information Sheet (CSI) that details curtailing adversarial lateral movement within an organization’s network to access sensitive data and critical systems. The CSI, entitled Advancing Zero Trust Maturity Throughout the Network and Environment Pillar, provides guidance on how to strengthen internal network control and contain network intrusions to a segmented portion of the network using Zero Trust principles.
The network and environment pillar–one of seven pillars that make up the Zero Trust framework–isolates critical resources from unauthorized access by defining network access, controlling network and data flows, segmenting applications and workloads, and using end-to-end encryption.
This guidance expands on NSA’s previously released CSIs, Embracing a Zero Trust Security Model, Advancing Zero Trust Maturity Throughout the User Pillar, and Advancing Zero Trust Maturity Throughout the Device Pillar.
(Source: NSA)
Iranian national charged for multi-year hacking campaign targeting U.S. defense contractors and private sector companies
On Feb. 29, the Justice Department (DOJ) unsealed an indictment charging an Iranian national with involvement in a cyber-enabled campaign to compromise U.S. governmental and private entities.
From at least in or about 2016 through in or about April 2021, the Iranian national and co-conspirators were members of a hacking organization that participated in a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions.
These intrusions targeted more than a dozen U.S. companies and the U.S. Departments of the Treasury and State. The hacking group’s private sector victims were primarily cleared defense contractors, which are companies that support U.S. Department of Defense programs. In addition, the group targeted a New York-based accounting firm and a New York-based hospitality company.
In conducting their hacking campaigns, the group used spear phishing — that is, tricking an email recipient into clicking on a malicious link — to infect victim computers with malware.
In addition to spearphishing, the conspirators utilized social engineering, which involved impersonating others, generally women, in order to obtain the confidence of victims. These social engineering contacts were another means the conspiracy used to deploy malware onto victim computers and compromise those devices and accounts.
(Source: DOJ)
Update to National Cybersecurity Strategy Implementation Plan coming before the end of summer
Cybersecurity professionals can expect fresh reading materials in the coming months from the Office of the National Cyber Director, which aims to issue an update to the National Cybersecurity Strategy Implementation Plan before the summer is over, a White House cyber official said Tuesday.
The implementation plan outlines how the White House will accomplish the goals outlined in the national cybersecurity plan and is supposed to be a “living document” that is updated as initiatives are complete or new initiatives are added. The implementation plan 2.0 is expected “late spring, early summer,” said Brian Scott, deputy assistant national cyber director for cyber policy and programs.
Cybersecurity pros can also expect an update on software liability reform in the next implementation plan release. In its recently released National Cybersecurity Strategy, the Biden administration called on Congress to develop legislation to develop a software liability regime, one that would allow consumer and businesses to sue software makers if they fail to take proper care in designing the security of their tools. Software companies, if the White House has its way, will no longer be able to disclaim liability for the products they produce.
The Biden administration is currently looking at developing a framework around software liability. One aspect of the framework will be exploring how best to implement safe harbor incentives for companies that are developing code using secure methods. Companies that align with those best practices — which are still being explored — are less likely to face legal issues down the road.
(Source: Cyberscoop)
$100 million a day? Cash flow disruptions roil healthcare industry after cyberattack
The economic impact of the Change Healthcare cyberattack continues to come into focus, with experts saying some large industry players — such as hospital and pharmacy networks — are facing disruptions costing upwards of $100 million a day.
The Change Healthcare incident has disrupted the ability of healthcare organizations nationwide to handle insurance filings, particularly for pharmacy operations. The company last published an update publicly on Monday.
The CEO of the Florida Hospital Association has said that revenue problems will probably add up to $1 billion or more just in that state.
On Tuesday, the Department of Health and Human Services said the Centers for Medicare and Medicaid Services (CMS) would be making more information available for providers to receive "accelerated payments."
(Source: The Record)
American Ambulance Association: Summary of Change Healthcare cyberattack and HHS statement
On Feb. 21, 2024, UnitedHealth Group (UHG) disclosed that one of its subsidiaries was the victim of a ransomware attack. According to UHG, the cyberattack was perpetrated against Change Healthcare, an operating unit within UHG’s Optum subsidiary.
On March 5, 2024, the U.S. Department of Health and Human Services issued a statement detailing the steps HHS would be taking to avoid further disruptions to the health care system, which included permitting hospitals to submit requests for Medicare Accelerated Payments, similar to those issued during the early stages of the COVID-19 pandemic; however other providers/suppliers do not seem to have access to this workaround. HHS indicated that its Medicare Administrative Contractors (MACs) would be issuing specific guidance on how to request accelerated payments later this week.
The Potential Impact on EMS Providers
According to various reports, there are approximately 800 payers whose claims routing processes utilize Change Healthcare’s network. This impact may be felt directly, in the case of claims submitted directly by the provider to the payer, or indirectly, in the case of claims submitted through a clearinghouse.
The American Ambulance Association (AAA) encourages members to contact their clearinghouses to see which payers, if any, are being affected by the system interruption.
Optum has also established temporary alternative funding options. At this point it is unclear whether ambulance providers will be eligible for this alternative funding. Members are encouraged to check the Optum website for further updates.
(Source: AAA)
|