Cardiac Monitoring Software Firm Hit With Cyberattack – Source: www.govinfosecurity.com

Fraud Management & Cybercrime
,
Healthcare
,
Industry Specific

CardioComm Says Business Operations Will Be Affected for Days or ‘Longer’

Marianne Kolbasuk McGee (HealthInfoSec) •
July 26, 2023    

Toronto, Canada-based CardioComm Solutions Inc., which sells cardiac monitoring and electrocardiogram software globally, said it is dealing with a cyberattack that could affect the company’s business operations “for days and potentially longer.”

See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense

In a statement Tuesday disclosing the attack, the company said it is working with third-party cybersecurity experts and authorities in a “comprehensive investigation” to determine the source and extent of any potential data breach resulting from the incident.

“There is no evidence that customers’ health information was compromised as a result of this attack since CardioComm’s software is designed to run on each client’s own server environments,” the company said.

CardioComm does not collect patient health information from its clients, but the entity will offer identity theft monitoring in case employees’ personal information was compromised in the incident, the company said.

CardioComm’s corporate website appeared to be offline Wednesday as the company was responding to the incident.

A note posted on the website said the company had been experiencing downtime to its services, including Global Cardio 3, GEMS Flex 12, GEMS Home Flex upload, and HeartCheck CardiBeat/GEMS Mobile ECG/RPM’s ability to record and upload.

CardioComm did not immediately respond to Information Security Media Group’s request for comment and for additional details about the cybersecurity incident.

Other Problems

The cyberattack is the latest set of problems confronting CardioComm. In May, the TSX Venture Exchange suspended trading of the company’s securities after a cease trade order was issued by the Ontario Securities Commission.

The CTO was issued after CardioComm had missed a deadline to file its annual financial statements for the financial year ended Dec. 31, 2022, the company said.

“Although unexpectedly delayed by the security incident, the company continues to work with its auditor to finalize the required filings, which are anticipated to be filed prior to the end of the 90-day cease trade order term, following which the company will apply for reinstatement for trading on the TSX Venture Exchange,” CardioComm said in its statement.

While public details of CardioComm’s cybersecurity incident are scant, based on the information revealed so far it appears that the company’s back-end servers, and not its cardiac device software, were attacked, said Dror Liwer, co-founder of cybersecurity company Coro.

“Always have redundancy in your system, with firewalls between instances,” he recommends to organizations facing similar threats. “If one instance is infected or goes down, the other can kick in.”

Other lessons are also emerging from the CardioComm attack, said Erich Kron, a security awareness advocate at security firm KnowBe4.

“As more devices and services, especially those that are healthcare-related, move to third parties and are managed electronically, the importance of securing systems and being able to run them with very little downtime is becoming more apparent than ever,” he said.

“These organizations that supply critical services to individuals, hospitals or physicians need to put a significant amount of effort into securing systems through both technical and human security controls, while also ensuring that if things do go bad, they can function well or be recovered very quickly, even when systems have been taken offline,” Kron said.