Blog

ICSMA-25-030-01 - Contec Health CMS8000 Patient Monitor

CISA Warns of Critical Vulnerabilities in Contec Health CMS8000 Monitors

Roey Vilnai, VP Data

Jan 31, 2025

Maria Guillen, Director of Growth Marketing

Strengthening Healthcare Security: How NDR Fits Into Your Defense Strategy

Learn how Network Detection and Response (NDR-H) enhances healthcare security by bridging gaps, boosting defenses, and protecting critical systems from advanced threats

Dec 4, 2024

What the End of Windows 10 Means for Healthcare Security

Support for Windows 10 will end in 2025 and many healthcare settings are not ready. Learn more about operating system end-of-life and how to prepare.

Oct 17, 2024

NDR vs. IDP/ IDPS

IDP and IDPS prevent unauthorized network access but don't detect suspicious activity that occurs after network access has been granted.

Sep 24, 2024

NDR vs. XDR

XDRs can provide endpoint protection and some network insights to devices with common operating systems but that's not enough to protect healthcare settings.

Sep 12, 2024

NDR vs. MDR

MDRs provide valuable services to healthcare organizations but they don't cover many of the devices used every day in healthcare settings.

Aug 28, 2024

NDR vs. EDR For Healthcare

EDR alone isn’t enough for hospitals. Adding network detection and response can add resilience and depth to cyber defenses.

Aug 8, 2024

Chad Holmes, Security Evangelist

Protecting ePHI in a Globalized Healthcare Landscape

ePHI, or electronic protected health information, refers to any digital data that relates to an individual's health status, medical history, or treatment provided by a healthcare provider.

Apr 9, 2024

Peter Kelly, Global Head of Customer Success & Chad Holmes, Security Evangelist

The Unexpected Benefits of Network Analysis

From removing ransomware to identifying exposed ePHI, network analysis in healthcare environments is more powerful than originally thought

Feb 24, 2023

Cynerio Data Confirms: Attacked Hospitals Usually Get Victimized Again

A Cynerio survey of 517 hospitals found that 76 percent of ransomware-attacked hospitals get attacked again. Improved IoMT security is needed.

Chad Holmes

Aug 3, 2022

What the JekyllBot:5 Vulnerabilities Tell Us About Healthcare IoT Security

JekyllBot:5 vulnerabilities discovered by Cynerio in Aethon TUG robots point to wider failures in healthcare IoT cybersecurity.

Apr 12, 2022

Don’t Just Count Devices – Defend Them with Active Attack Detection

It’s not enough to get visibility into devices; hospital security staff need tools to effectively mitigate and remediate the risks and attacks on IoT.

Daniel Brody

Mar 7, 2022

Visibility Is Not Enough: Key Takeaways from Cynerio’s 2022 State of Healthcare IoT Device Security Report

Even with all the ongoing investment hospitals are making in good faith towards their cybersecurity, our data shows that critical risks remain active in many of the medical devices that hospitals rely on for providing patient care, and ransomware attacks have more than doubled year-over-year as the pandemic has continued. Clearly something is amiss when it comes to what is being offered by most of the healthcare IoT cybersecurity space, since threats are only getting more numerous and causing more damage.

Daniel Brody

Jan 19, 2022

Daniel Brodie, Cynerio CTO

Introducing Cynerio IoT Attack Detection and Response for Healthcare

According to a Ponemon Institute research report released last month on cyberattacks in healthcare, the root cause of a data breach was equally liable to be due to an insecure medical or other IoT device as caused by a phishing attack.

Oct 27, 2021

Cybersecurity Awareness Month: The Top 5 Questions Our Customers Ask Us

Some of the greatest challenges faced are among those professionals looking for innovative, new and effective ways to address ever-increasing cybersecurity threats. With this in mind, Cynerio has collated a list of five questions frequently asked by our customers that should be asked about every new cybersecurity product, approach or technology you encounter.

Chad Holmes

Oct 19, 2021

Daniel Brodie, Cynerio CTO

Empowering Small Hospitals with Cynerio Now!

"Small hospitals have been particularly susceptible to cyber attacks during the COVID-19 pandemic. To help rapidly ease the burden of cybersecurity related to IoT and medical devices, Cynerio Now! for Small Hospitals is now available."

Oct 6, 2021

CISA Alert: BadAlloc Vulnerability Affecting BlackBerry QNX RTOS

CISA issued an alert (AA21-229A) on August 17, 2021, stating that BlackBerry has publicly disclosed that its QNX Real-Time Operating System (RTOS) is affected by a BadAlloc vulnerability. As of today, there are no known devices directly impacted by the BadAlloc vulnerability but the situtation remains fluid.

Aug 19, 2021

White Paper: Outdated Vendor Firmware as a Driver for Adopting Zero Trust Security in Healthcare

Devices running outdated vendor firmware may represent an even bigger threat to connected medical and IoT devices than outdated operating systems (OS).

Jun 9, 2021

White Paper: Ransomware as a Driver for Adopting Zero Trust Security in Healthcare

In healthcare, there are myriad reasons to implement a Zero Trust security architecture, but our research has shown that Zero Trust is the only way the industry's three most prominent threats can be effectively mitigated in the short and long term.

May 27, 2021

White Paper: Understanding the Basics of Zero Trust

Securing healthcare organizations and connected medical and IoT devices is full of unique challenges, but research shows that a Zero Trust infrastructure is the safest and fastest way to tackle them.

May 12, 2021

New Research: Outdated Vendor Firmware and Unsecured Services Leave Healthcare Environments Highly Vulnerable to Cyber Attack

Cynerio researchers studied hundreds of threats driving healthcare organizations to consider adopting a Zero Trust approach after concluding that the three most common threats to healthcare organizations today are ransomware, outdated vendor firmware, and unsecured services.

Apr 26, 2021

Unpacking Ryuk Ransomware’s Threat to Healthcare

Ryuk ransomware can prevent healthcare professionals from accessing patient records and continues to disrupt critical and life-saving treatments.

Mar 17, 2021

SolarWinds Breach: What Healthcare Organizations Need to Know

The biggest and most sophisticated cyber attack in history affects every major industry, from government to healthcare, and has prompted CISA to urge federal agencies to shut down all systems running SolarWinds products immediately.

Dec 23, 2020

A Peek into Our Webinar: Applying Zero Trust Security to Sensitive Healthcare IoT Environments

Here’s a sneak peek into Cynerio’s webinar with Carahsoft on how hospitals and other healthcare organizations can safely apply the Zero Trust framework to their networks to protect themselves from every kind of threat, from device-level vulnerabilities to targeted ransomware attacks.

Dec 21, 2020

Threat Intel: New Critical Treck TCP/IP Stack Vulnerabilities Discovered

CISA released an advisory (ICSA-20-353-01) on December 18, 2020 regarding four new vulnerabilities found in the Treck TCP/IP stack with a combined CVSS v3 base score of 9.8.

Dec 18, 2020

Alert: Medical Device Vendors Update Advisories on Products Affected by the Windows Bad Neighbor Vulnerability

Following the Microsoft advisory issued on October 13, 2020 regarding the Bad Neighbor vulnerability, BD, Philips, and Carestream have released information on affected devices.

Dec 8, 2020

Ransomware vs. Healthcare: Why Cybersecurity Is Patient Security

In the first half of 2020, cyber attacks against healthcare surged by 300%. In particular, ransomware attacks, jumped by 109% across the US, and that's after healthcare providers had already suffered a 350% increase in ransomware attacks in the last quarter of 2019.

Sep 30, 2020

Containing Healthcare Costs in the New COVID Reality

Today's healthcare industry is not the one we knew at the beginning of 2020. New and complex challenges have arisen with the advent of the COVID pandemic, starting with the suspension of nonessential procedures, which constitute healthcare organization's primary revenue source.

Sep 24, 2020

Rise in Cyber Attacks on Healthcare Institutions Increases Patient Mortality

Earlier this month, a ransomware attack against Duesseldorf University Hospital directly led to the death of a patient when the hospital was forced to reroute emergency patients to another facility 20 miles away.

Sep 22, 2020

White Paper: 5 Reasons Network Segmentation Is Difficult for Hospitals

Healthcare organizations have become hackers' favorite targets. Over 93% of healthcare organizations have reported a cyber incident and healthcare stands as the most targeted industry, accounting for 4 out of 5 breaches.

Aug 5, 2020

White Paper: How Network Segmentation Protects Your Patients

The best way to protect any network is by segmenting it. Unsegmented networks present hostile parties with a large attack surface that can be difficult to manage and protect.

Jul 2, 2020

Undocumented Default Passwords Discovered on IoMT Devices Provide a Backdoor into Clinical Networks

New threat intelligence research by Cynerio has revealed that certain passwords are repeatedly used across hospitals in different health systems, in every clinical setting, and across all departments and device types—providing a backdoor into otherwise secure clinical networks.

Jun 11, 2020

Cynerio Podcast: COVID, Telemedicine & the Internet of Targets

In a recent podcast, Cynerio spoke with Dr. John Halamka, emergency medicine physician and president of the Mayo Clinic Platform to talk about the post-COVID "New Normal" and how we can expect the healthcare industry to evolve from here.

Jun 8, 2020

A Peek Into Our Webinar: 3 Ways You Haven’t Thought of for Using Automation in Healthcare

Take a peek into Cynerio's webinar with HealthITSecurity for a practical overview of 3 use cases demonstrating how hospitals can leverage emerging healthcare automation technologies to secure IoMT devices, safeguard patients, and ensure business continuity.

May 7, 2020

Cynerio Keeps It Cool

Cynerio was just named a Gartner Cool Vendor, making it the only medical-first IoT security platform to hold the title. Granting this award to a platform focused on safeguarding medical technologies only goes to show how critical the nascent Internet of Medical Things (IoMT) cybersecurity industry is.

May 7, 2020

Part 2: Coronavirus’s Impact on Healthcare IT: Supporting Real-Time Needs of Hospitals in Crisis

Just like the best way to limit the spread of disease among people is to practice social distancing, the best way to protect your medical devices is to separate, or segment them, from each other. Think of healthcare network segmentation as social distancing for medical devices.

Apr 27, 2020

MDS2 Forms: Unpacking the Gold Standard Guideline of Medical Device Security

After a long and grueling procurement process, your hospital finally receives a new supply of ventilators. Along with the devices, the vendor also sends along bundles of booklets: troubleshooting manuals, warranty information, and every Biomed and Clinical Engineer's favorite go-to doc: the device's MDS2 form.

Apr 2, 2020

A Peek Into Our Webinar: Medical Device Security Lifecycle Management

To help shed some light on medical device security lifecycles and to help adapt to unforeseeable changes in the healthcare industry, Cynerio partnered with the Biomed/CE publication, TechNation, and led a webinar on the essential ins and outs of managing the medical device security lifecycle. Here’s a quick peek at the highlights.

Mar 31, 2020

Part 1: Coronavirus’s Impact on Healthcare IT: Supporting Real-Time Needs of Hospitals in Crisis

The influx of patients caused by today’s COVID-19 Coronavirus pandemic is crippling health systems worldwide and placing unprecedented strain on vulnerable hospital IT networks.

Mar 19, 2020

Is Your Hospital Prepared for Windows 7 End of Life?

Data breaches in the healthcare sector cost the US $4 billion in 2019. When Microsoft ended support for Windows XP in 2014, the healthcare sector suffered the most.

Feb 5, 2020

Cynerio honored as Gold winner in the 11th Annual 2019 Golden Bridge Awards® in the Medical Information Security Category

Today we announced that our IoMT cybersecurity solution has been selected as a Gold winner in the 11th Annual 2019 Golden Bridge Awards in the Medical Information Security Category.

Sep 29, 2019

Healthcare Cybersecurity has its own award category At last!

Today we announced that our IoMT cybersecurity solution has been selected as the winner of the Healthcare Analytics Innovation Award from MedTech Breakthrough...

Jun 11, 2019

Medical device risk mitigation is perhaps the most pressing issue for healthcare CIOs

Hackers see hospitals as treasure troves; they hold our most sensitive data, including medical records, financial information...

John Halamka

Oct 16, 2018

Cisco and Cynerio partner to improve medical device security

Healthcare organizations face new cybersecurity challenges as the rising number of cyber-attacks impact services and put patient safety at risk.

Cynerio Research

Sep 19, 2018

A deeper dive into healthcare hacking and medical record fraud

The number of patient medical record breaches reported due to hacking or unauthorized access events has been climbing over the past years...

Cynerio Research

Jul 18, 2018

Healthcare Hacking Trends on the Dark Web

One of the many troubling trends in dark web black markets is the buying and selling of PHI – protected health information...

Cynerio Research

Jun 11, 2018

Medical device vulnerabilities

A series of 23 worrisome vulnerabilities in popular GE medical devices has recently been listed in an advisory by ICS-CERT – the US government...

Apr 17, 2018

Cynerio delivers innovative medical device protection

Rambam Health Care Campus commonly known as Rambam Hospital, is piloting Cynerio’s cutting edge cybersecurity technology...