{"id":13107,"date":"2017-04-18T19:58:10","date_gmt":"2017-04-18T19:58:10","guid":{"rendered":"https:\/\/digital-sentinel.com\/?p=13107"},"modified":"2017-04-18T19:59:07","modified_gmt":"2017-04-18T19:59:07","slug":"fbi-warning-healthcare-providers","status":"publish","type":"post","link":"https:\/\/digital-sentinel.com\/regulation\/fbi-warning-healthcare-providers\/","title":{"rendered":"FBI Warning for Healthcare Providers"},"content":{"rendered":"
The\u00a0FBI has\u00a0issued new guidance<\/a> specifically applicable to medical and dental facilities regarding the cybersecurity\u00a0risk of File Transfer Protocol (\u201cFTP\u201d) servers operating in \u201canonymous\u201d mode.\u00a0 FTPs are\u00a0routinely\u00a0used to transfer information between network hosts.\u00a0 As further described in the guidance, when an FTP server can be configured to permit anonymous users (through the use of a common user name like \u201canonymous\u201d and without the use of a password)\u00a0to gain access to the information stored on the server, which might include sensitive information about patients.\u00a0 In addition to potentially directly compromising the security of the stored information,\u00a0a hacker could use the FTP server in anonymous mode to launch a cyber attack on the entity.<\/span><\/p>\n The FBI provides the following specific guidance, which Covered Entities and Business Associates should heed:<\/p>\n The FBI recommends medical and dental healthcare entities request their respective IT services personnel to check networks for FTP servers running in anonymous mode. If businesses have a legitimate use for operating a FTP server in anonymous mode, administrators should ensure sensitive PHI [Protected Health Information] or PII [Personally Identifiable Information] is not stored on the server.<\/b><\/p>\n <\/p>\n Coupled with recent advice from FBI Director James B. Comey on ransomware, which we blogged about here<\/a>, this latest guidance from the FBI\u00a0demonstrates the seriousness the potential cybersecurity threats facing healthcare entities.<\/p>\n","protected":false},"excerpt":{"rendered":" The\u00a0FBI has\u00a0issued new guidance specifically applicable to medical and dental facilities regarding the […]<\/p>\n","protected":false},"author":3,"featured_media":13109,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[35,31,29],"tags":[36,33],"yoast_head":"\n