Change Healthcare Cyberstorm and Apple’s Zero-Day Sprint

The Daily Decrypt
The Daily Decrypt
Change Healthcare Cyberstorm and Apple’s Zero-Day Sprint
Loading
/

Today, we explore the repercussions of the massive cyberattack on Change Healthcare, highlighting CMS’s steps to alleviate the crisis and the call for greater support from the AMA and AHA. We also unravel Apple’s swift action against two critical zero-day vulnerabilities, CVE-2024-23225 and CVE-2024-23296, shedding light on the implications for device security and the importance of staying updated. Join us as we dissect these cybersecurity challenges, emphasizing the balance between profit and protection in the tech and healthcare sectors.

Music by Jered Jones: https://www.jeredjones.com/
Logo Design by Zack Graber: https://www.zackgraber.com/

Original Articles:

  • For detailed insights on Apple’s zero-day patches, visit https://www.helpnetsecurity.com/2024/03/06/cve-2024-23225-cve-2024-23296/
  • Change Healthcare: https://www.cybersecuritydive.com/news/change-healthcare-cyberattack-cms-provider-flexibilities/709406/

cybersecurity, healthcare attack, Apple vulnerabilities, CMS healthcare support, AMA and AHA advocacy, digital security measures, technology updates, kernel and RTKit flaws, device protection strategies, cyber resilience in healthcare

Search Phrases:

  • Cybersecurity challenges in the healthcare sector
  • How Apple addressed zero-day vulnerabilities
  • CMS response to Change Healthcare cyberattack
  • AMA and AHA’s stance on healthcare cybersecurity
  • Protecting devices from kernel and RTKit vulnerabilities
  • The importance of updating iOS and iPadOS for security
  • Strategies for enhancing digital security in healthcare
  • Navigating cyber threats in the technology sector
  • Understanding the impact of cybersecurity on healthcare providers
  • Best practices for device security and software updates

Transcript:

Mar 7

[00:00:00] announcer: Welcome to The Daily Decrypt, the go to podcast for all things cyber security. Get ready to decrypt the complexities of cyber safety and stay informed. Stand at the frontier of cyber security news, where every insight is a key to unlocking the mysteries of the digital domain. Your voyage through the cyber news vortex starts now.

[00:00:29] offsetkeyz: Good morning, every one quick episode today, we’re just going to be talking about the cyber attack on change healthcare. And how it exposes the bitter truth about the healthcare sectors vulnerability. Leaving a sour taste in the mouths of providers nationwide. Meanwhile, apple finds itself bobbing in hot water, patching up a pair of zero day vulnerabilities that could have left users’ data ripe for the picking.

It’s an apple joke.

[00:01:00]

[00:01:07] offsetkeyz: All right. So as you may or may not have heard change healthcare, which is a subsidiary of United health care.

He

has been out due to a cyber attack and it’s left a significant mark on the healthcare sector.

This outages caused widespread disruption of services for nearly two weeks now. It isn’t just a glitch in the system. It’s a full blown outage affecting provider’s ability to receive payments, verify coverage. Submit authorization requests and exchange clinical records. All pretty critical elements in receiving. And distributing healthcare.

But here’s the twist. In the face of this digital debacle, the centers for Medicare and Medicaid services or CMS has stepped in with a lifeline. Rolling out flexibilities to aid providers, grappling with the financial fallout. From urging Medicare advantage plans to loosen [00:02:00] prior authorization requirements to offering advanced funding. And accelerated payment requests.

CMS is acting to alleviate some of the pressure. Yet voices from the American medical association AMA. And the American hospital association, a H a. I argue that these measures are just the tip of the iceberg pressing for further action to support the health care providers at the helm.

So if you’re a healthcare provider, These flexibilities could offer a temporary reprieve yet the call for additional financial support underscores the severity of the situation. For patients it’s. Uh, behind the scenes glimpse into the challenges your healthcare providers may be facing.

So, as I’ve mentioned in previous episodes,

These attacks on the healthcare sector are. Unacceptable.

Specifically in America.

The greed behind these healthcare corporations really upsets me. And it’s pretty commonly known. That the cost of healthcare has gone [00:03:00] up exponentially in the last few decades.

Given that the cost has gone up so much. The profit margins have also increased by. A huge amount. Now we’re in this era of. Cyber attack becoming.

Common ground, especially amongst healthcare providers. Yet.

They’re still getting hit. What that tells me is that. Most of their profits are going into their pockets instead of into their cyber security division. Y. Because they care about profits more than they care about the people they’re serving.

And it makes sense, right? In this beautiful land of America, . We prioritize profit margins over. The health and welfare of our people, of our community. And the people who make these decisions are so rich. Whether it be members of Congress. Or CEOs of healthcare companies that they don’t. They literally cannot understand.

What. The people, their [00:04:00] customers.

Are going through. They don’t even care about understanding. They have a monopoly on the system. The government requires healthcare.

And that usually comes through your employer who picks the healthcare provider for you. And then you’re stuck with those prices.

Your stuck with getting the healthcare they think you deserve.

I’m really sorry about the rant, but it really upsets me.

How messed up. This is. Health insurance providers. If you’re listening, please. pour. Four times as much money as you are into your cybersecurity for the sake of the people you’re trying to serve.

[00:04:35] transition: Thanks for watching!

[00:04:41] offsetkeyz: All right, so let’s bring it back to a lighter note. We’re going to call this second and final segment. An apple a day, keeps the hackers at bay. Or does it.

In a nutshell, Apple’s digital orchard was found. With a couple of rotten spots to zero day vulnerabilities, which is tech speak for security [00:05:00] flaws, unknown to the vendor until they’re exploited.

If you want more information, these are CVE 2024. 2 3, 2, 2, 5, and 2, 3, 2, 9, 6. These weren’t just any old bugs. They were actively exploited vulnerabilities, allowing attackers to bypass the very walls meant to protect the kernel or the core of the operating system. And RT kit. Apple’s realtime operating system.

So that sounds like bad news, but the good news is. iOS and iPad. 17.4, carry fixes for these vulnerabilities.

They’ve been patched, please make sure to just. Update your iPhone, your iPad. When you go to sleep and when you wake up, Hey, you don’t have to worry about it.

All right. Quick episode today. That’s all we’ve got. Thanks so much for listening.

If you’ve been enjoying this, please just leave us a comment anywhere you consume social media, YouTube. Instagram Twitter. We’d love to hear from you.

And we’ll be taking tomorrow off. So we’ll talk to [00:06:00] you more next week.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.