Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Rebecca Zisser/Axios

Over 32 million people have had their protected health information breached this year, in 311 hacking incidents against health care providers that are under investigation by the Department of Health and Human Services.

The big picture: Complex, bloated hospital systems are a glaring weak spot in U.S. cybersecurity — and there are limits on the government's power to help.

Hospitals are vulnerable because they maintain so many systems at once — medical records, billing records and also internet-connected medical devices — that get further entangled after mergers, which have been spiking for at least a decade.

  • "Hospitals do make an attractive target for cyber bad guys," said John Riggi, a senior cybersecurity adviser for the American Hospital Association.
  • Attackers know hospitals are open 24/7, have a vastly complex network and can't afford interruptions to public health.

"Cybercriminals know they are a soft target where they can access patient records and social security numbers and other information," Suzanne Schwartz, a deputy director in the FDA's device center, tells Axios.

  • Security firm Forescout has uncovered broken-down protections in hospital systems that make patient records vulnerable. The firm works with one of the largest health care providers in the New York area, Forescout's Tom Dolan said.

Threat level: Some vulnerabilities aren't as hard to fix as they might seem, experts said.

  • Riggi explains he has heard medical device manufacturers tell hospitals to buy total replacements for machines that may only need a security software update.
  • "And the hospital won't, because that costs a crap-load of money," Dolan said, noting hospitals can make 30-year investments in equipment like MRI machines.

What's next: The AHA doesn't make its own cybersecurity guidelines and the FDA's are limited. The agency is seeking more legal authority over device security, and the AHA wants FDA guidelines to be made mandatory.

  • The FDA's cybersecurity oversight in hospitals is limited only to medical devices — not the other internet-connected devices that hospitals are also full of.
  • The FDA's ability to work with medical device-makers to tackle cybersecurity has improved drastically since the 2017 WannaCry attack, Schwartz said — but hospitals still have weaknesses that are left unaddressed.

The bottom line: The AHA and security vendors like MedCrypt and Forescout recommend that hospitals use network segmentation or medical devices with built-in security features.

Go deeper: What your hospital knows about you

Go deeper

Students vandalize and steal from schools for viral TikTok challenge

TikTok logo displayed on a phone screen in Krakow, Poland on July 18, 2021. Photo: Jakub Porzycki/NurPhoto via Getty Images

A viral TikTok challenge is leading students nationwide to shatter mirrors, steal fire alarms and intentionally clog toilets, The Washington Post reports.

Driving the news: Dubbed the the “Devious Licks challenge, students are showing off their "devious licks" on TikTok — with a sped-up version of "Ski Ski BasedGod" by rapper Lil’ B playing in the background.

Axios-Ipsos poll: People of color face more environmental threats

Expand chart
Data: Axios/Ipsos poll; Note: ±2.5% margin of error; Chart: Sara Wise/Axios

Americans of color are much less likely than white Americans to experience good air quality or tap water or enough trees or green space in their communities, and they're more likely to face noise pollution and litter, a new Axios-Ipsos poll finds.

The big picture: Our national survey shows Black and Hispanic Americans are more likely than their white counterparts to live near major highways or industrial or manufacturing plants — and to have dealt in the past year with water-boil notices or power outages lasting more than 24 hours.

17 hours ago - Health

FDA advisory panel recommends Pfizer boosters for those 65 and older

A healthcare worker prepares a dose of the Pfizer-BioNTech Covid-19 vaccine at the Key Biscayne Community Center on Aug. 24, 2021. Photo: Eva Marie Uzcategui/Bloomberg via Getty Images

A key Food and Drug Administration advisory panel on Friday overwhelmingly voted against recommending Pfizer vaccine booster shots for younger Americans, but unanimously recommended approving the third shots for individuals 65 and older, as well as those at high-risk of severe COVID-19.

Why it matters: While the votes are non-binding, and the FDA must still make a final decision, Friday's move pours cold water on the Biden administration's plan to begin administering boosters to most individuals who received the Pfizer vaccine later this month.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!