Want to better understand what the Office of the National Coordinator for Health IT’s (ONC) Information Blocking Rule (IBR) is, how it works and why we need it? In this episode of the Faegre Drinker on Law and Technology Podcast, host Jason G. Weiss sits down with Faegre Drinker partners Jeff Ganiban and Doriann Cain, and associate Alex Eschenroeder to discuss all things IBR.
Expected in September 2022, the final draft of the HHS Office of Inspector General’s (OIG) first IBR enforcement rule is aimed at two of the three actor types defined in the IBR: Health IT Developers of Certified Health IT and Health Information Networks / Health Information Exchanges. Under the Cures Act, each IBR violation by a Health IT Developer of Certified Health IT or Health Information Network / Health Information Exchange would be subject to penalties of up to $1 million. The expected rule will establish how the OIG intends to assess and enforce these penalties. (Unfortunately, there is still no guidance on when we can expect a rule regarding the penalties that will apply to IBR violations by Health Care Providers.)
Continue reading “What Is the Information Blocking Rule? – Faegre Drinker on Law and Technology Podcast”
I have written multiple times about the danger of disruptionware to both Information Technology (IT) networks as well as Operational Technologies (OT) networks of victims globally. As discussed here, many different nefarious tools make up the disruptionware “tool kit.” These tools include, but are not limited to:
- Bricking capabilities tools
- Automated components
- Data exfiltration tools
- Network reconnaissance tools
The most well-known and most used of all these tools is ransomware malware. Ransomware attacks have grown exponentially over the past few years. Dozens of ransomware gangs are launching ransomware attacks and terrorizing and extorting businesses throughout the world. This has included specific attacks against the U.S. energy sector as well as U.S. infrastructure projects.
Continue reading “Disruptionware VII: The Evolution of Disruptionware and the Growth of Ransomware as a Service (RaaS)”
Disruptionware attacks have become increasingly more common over the last few months. Just last month, I wrote about a dangerous disruptionware attack against a Florida Water Treatment Center that could have been a mass casualty event. For more information on these types of attacks, please refer to our posts on different types of disruptionware attacks and how disruptionware attacks work.
Continue reading “Disruptionware VI: Cyber-Attack against Colonial Pipeline Illustrates Continued Vulnerability of American Energy and Infrastructure Targets”
We have posted four previous articles discussing the foundation and structure of what a disruptionware attack is, how their attack matrix works, possible defenses to disruptionware attacks and industries that are very susceptible to these attacks. Disruptionware has proven over the last year that it is a growing and dangerous cyber threat to our data, our businesses and possibly our lives.
Disruptionware attacks typically involve ransomware and they aim to encrypt and hold the victim’s data hostage. Such attacks are usually financially motivated, and, to date, there have fortunately been only a few known examples where the disruptionware attack has resulted in threats to health and safety or caused loss of life. When such significant collateral damage has occurred, it typically appears to have been inadvertently caused.
Continue reading “Disruptionware V: Malicious Cyber Actors Attack a Florida Water Treatment Facility”
Over the past few months, I have written about the threat first identified by the Institute for Critical Infrastructure Technology (ICIT) called disruptionware. We have previously described what disruptionware is, how it works, and outlined some of the defenses that can be used to defend against a multitude of disruptionware attacks. Many may have thought the immediate notifications of the threat posed by this new concept of disruptionware had been adequately made public and sufficiently identified. Unfortunately, disruptionware continues to impact new sectors.
According to ICIT, disruptionware is an evolving category of malware designed to “suspend operations within the victim organization through the compromise of the availability, integrity and confidentiality of the data, systems, and networks belonging to the target.” Recently, ICIT identified a new threat from disruptionware that will likely have a seriously adverse effect on the American energy sector. ICIT goes so far as to refer to disruptionware in the context of an attack on the U.S. energy grid as a “weapon of mass destruction.”
Continue reading “Disruption IV: The New Threat Disruptionware Poses to the American Energy Sector”
In the first blog in this series, we defined “Disruptionware” and showed how it was growing as a threat to many types of industries throughout the country and the world. The threat was especially noticeable within the healthcare industry and for government institutions. In our second blog, we talked about the different types of tools and attack matrixes that Disruptionware uses to cripple and/or damage unsuspecting businesses and how destructive those attacks can be. This third and final discussion will delineate what businesses can do to defend themselves against a Disruptionware attack and what cyber defenses are at their disposal to alleviate the damages caused by this new and dangerous attack medium.
Continue reading “Disruptionware III: Protect Your Business from a Disruptionware Cyber Attack”