Two new guidance resources - one from government regulators and the other from an industry council - aim to help healthcare sector firms strengthen their approaches to protecting sensitive patient information and critical IT systems. The publications come as the Biden administration is pushing the sector to up its cyber game.

As U.S. federal regulators fine-tune a strategy to push the healthcare sector into strengthening its cybersecurity posture, they are dusting off a HIPAA compliance audit program that's been dormant for the last seven years. A new round of HIPAA audits for regulated entities is in the works.

The health care sector should quickly implement patches or mitigations to address 21 new cyber vulnerabilities identified by the Cybersecurity and Infrastructure Security Agency in January, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center (HC3) advised this week.

The Department of Health and Human Services' Health Sector Cybersecurity Coordination Center on Wednesday issued its second alert about Akira in the last five months, warning that while the ransomware gang has only been operating since March 2023, it has become "a significant threat" to the U.S. public and private health sectors

Students in a cybersecurity program at Boise State University in Idaho are helping rural schools and governments monitor for cyberattacks.

The city of Coeur d'Alene announced Monday it had detected malware in its computer network the day before.

The Strengthening Cybersecurity in Health Care Act - introduced Friday by Sens. Angus King, I-Maine, and Marco Rubio, R-Fla. - is the latest congressional effort in recent months aimed at bolstering cybersecurity in the healthcare sector.

The emails the patients received from the threat actor contained accurate information and linked to a website in the Tor network hosting the stolen details, but access was not free. Visitors could pay $50 and trust the attacker's word on removing the details, or pay $3 to view information belonging to any other impacted individual.

The U.S. National Security Agency, U.S. cyber watchdog CISA, the FBI, and the Transportation Security Administration said that the group known as "Volt Typhoon" had quietly burrowed into the networks of aviation, rail, mass transit, highway, maritime, pipeline, water and sewage organizations.

Bustling main streets. Neighbors and business owners who greet you with your first name. Independence Day parades. These are some of the hallmarks of small-town American life. Increasingly, cyberattacks are joining the list as threat actors set their sights on small-town America’s critical infrastructure.

CISA offers an array of free resources and tools, such as technical assistance, exercises, cybersecurity assessments, free training, and more.