Adding the next layer of security: offensive cybersecurity research

Offensive cybersecurity researcher Vasilios Hioureas

With the recent reports about the cybersecurity vulnerabilities of PACS systems and networks, PARCA eNews reached out to cybersecurity expert Vasilios Hioureas, who is an offensive cybersecurity researcher for Malwarebytes. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware and exploits that escape detection by traditional antivirus solutions. Mr. Hioureas is a software engineer and analyst with more than 15 years experience in analyzing security weaknesses in a variety of systems. He previously held positions as Information Security Engineering Manager at ARES Management, malware analyst at Kaspersky Lab and software engineer for gaming developers. At Malwarebytes, Mr. Hioureas creates and tests exploit proofs of concept, cloud infrastructure vulnerabilities and leaks, and creates automated tools for discovery of public cloud infrastructure vulnerabilities. Mr. Hioureas has written and commented on a variety of cybersecurity issues for a number of online publications including ZDnet, Security Boulevard, Wired, and Digital Trends.

3D Scanners making their way into clinics and hospitals

Tech scans the cranium of a child – Image credit Sculpteo

PARCA eNews – May 15, 2020 – A lot has been written and featured in news about the 3D printing revolution and how such technology is being adapted to medicine to print everything from bone replacement parts to blood vessels and even human eyes.

Much less attention has been paid 3D scanners, which are being developed in conjunction with 3D printing. Currently being developed and experimented in academic research institutions, 3D scanning tools may soon make their way into hospitals, clinics and even doctors’ offices.

CISA and FBI issues top 10 cybersecurity exploits

PARCA eNews – May 12, 2020 – The Cybersecurity and Infrastructure Security Agency (CISA), the FBI released its latest list of cybersecurity exploits over the past 4 years. The technical guidance is intended to help IT security professionals at public and private sector organizations prioritize security efforts.

Healthcare IT professionals jump into the COVID-19 fray

Enli’s COVID-19 care coordination solution is a 

cloud-based patient tracking program

PARCA eNews – May 10, 2020 – With the COVID-19 outbreak spreading across the country like wildfire, healthcare IT professionals have jumped in with both feet developing more than 95 COVID-19 interoperability projects in just a few short weeks. 

As part to the Office of the National Coordinator’s Interoperability Proving Ground, the subset of interoperability projects focused specifically on COVID-19 mushroomed with projects ranging from care coordination tracking programs to COVID patient monitoring and tracking projects to assessment tools for determining whether a person should be tested along with links to the person’s local health authority for testing.

COVID--19 spurs uptick in cybersecurity attacks

PARCA eNews – May 8, 2020 – In a March 2020 consulting firm Deloitte issued a report entitled ‘COVID-19’s Impact on Cybersecurity’ showing that cybercriminals are capitalizing on the pandemic. 

The report issued by the company’s Cyber Intelligence Center noted a spike in phishing attacks, malware and ransomware attacks since the COVID-19 crisis has prompted companies, government agencies and private institutions conduct more business via remote computer connections. 

ONC and CDC compile a single-page COVID-19 resource page

PARCA eNews – May 7, 2020 – The Office of the National Coordinator in collaboration with the Centers for Disease Control and Prevention (CDC) has compiled a comprehensive list of resources for Health IT tracking, and dealing with the government response to the COVID-19 pandemic. The resources are aimed at providing clear direction for electronic health information exchanges and facilitate effective strategies to combat COVID-19 including:

AHA issues guidelines for secure working from home

PARCA eNews – May 2, 2020 – With many physicians and healthcare providers working from home and seeing patients via telehealth platforms, the American Hospital Association (AHA) and American Medical Association (AMA) published guidelines to ensure such communications remain safe from cyber threats and comply with privacy regulations.

Noting that cyber criminals are taking advantage of the COVID-19 crisis to target physicians and other health providers to gain access to patient records information.

To help providers to protect their computers and home networks, the organizations compiled a checklist of actions providers should take immediately to strengthen their cybersecurity. Acknowledging the checklist is not an exhaustive list of security measures, the list covers most of the basic measures IT professionals routinely use for office and clinic networks. It covers safeguards that need to be taken for passwords, web browsers, antivirus software, updated operating systems and firewalls.

ONC, CMS ease enforcement of Interoperability Final Rules in response to COVID-19 crisis

Don Rucker, MD National
Coordinator for Health
Information Technology (ONC)

PARCA eNews – April 21, 20220 – The Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare & Medicaid Services (CMS), in conjunction with the HHS Office of Inspector General (OIG) announced today compliance flexibilities regarding the implementation of the interoperability final rules announced on March 9, 2020. 

The relaxation of enforcement was a policy decision made as a result of the COVID-19 emergency.

Imaging practices impacted by COVID-19

Photo credit – Diagnostic and Interventional
Cardiology

PARCA eNews – March 24, 2020 – Because cardiovascular disease is the comorbidity that carries the highest death rate in COVID-19 patients, at about 10.5 percent, the use of cardiac imaging, places cardiovascular imagers in the front lines of COVID-19 patient care.

As cases of acute cardiovascular disease and cardiac complications caused by COVID-19 rose dramatically in early March and April, all the major cardiovascular imaging societies issued COVID-19 guidelines and lists of considerations for how to continue imaging operations safely under the threat of viral contamination for the duration of containment efforts.

FHIR lighting the way to patient record sharing

Grahame Grieve of Health Intersections, PTY LTD –
photo credit HiMSS 19

Grahame Grieve has been called the father of FHIR as the principal evangelist for the web-based standard for exchanging patient health records. The acronym stands for Fast Healthcare Interoperability Resources and over the past eight years it has slowly emerged as the standard of choice for sharing patient records as they move around the healthcare system. This past month the FHIR HL7 standard was given a big boost as the U.S. Office of the National Coordinator issued its final rules for interoperability requiring certain government health coverage plans to support a standardized API HL7 FHIR for patient information exchanges.