Cybersecurity

Cybersecurity vulnerabilities and intrusions pose risks for every hospital, and its reputation.

Joint Cybersecurity Advisory: Ransomware Activity Targeting the Healthcare and Public Health Sector

This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health Sector (HPH) to infect systems with Ryuk ransomware for financial gain. Download the PDF

While there are significant benefits for care delivery and organizational efficiency from the expanded use of networked technology, Internet-enabled medical devices and electronic databases for clinical, financial and administrative operations, networked technology and greater connectivity also increase exposure to possible cybersecurity threats that require hospitals to evaluate and manage new risks in the context of federal privacy rules and related polices.

Hospitals can prepare and manage such risks by viewing cybersecurity not as a novel issue but rather by making it part of the hospital’s existing governance, risk management and business continuity framework.

Hospitals also will want to ensure that the approach they adopted remains flexible and resilient to address threats that are likely to be constantly evolving and multi-pronged.

This web page provides resources for hospital leaders as well as the latest updates from federal officials to help manage cyber threats.

Additional Key Cybersecurity Resources

Joint Cybersecurity Advisory TLP White: North Korean Advanced Persistent Threat Focus: Kimsuky, October 27, 2020

HC3 Threat Brief TLP White:  COVID-19 Cyber Threats (Update), (August 13, 2020)

FBI Cybersecurity Advisory TLP White: Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware, August 2020

Current Malware Threats Targeting the Healthcare And Public Health (HPH) Sector, June 16, 2020

FBI & CISA PSA: People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations, May 13, 2020

Joint Activity Alert: Top 10 Routinely Exploited Vulnerabilities, May 13, 2020

CISA Insights COVID-19 Disinformation Activity, May 8, 2020

HC3 Cyber Alert TLP White: Quantitative Risk Management for Healthcare Cybersecurity, May 7, 2020

CISA: Guidance for Securing Video Conferencing, May 1, 2020

CISA: Telework Guidance and Resources, May 1, 2020

Health Industry Cybersecurity Information Sharing Best Practices - March 2020

Draft: Data Integrity Identifying and Protecting Assets Against Ransomware and Other Destructive Events - January 2020

The 405(d) Post Vol 3 - January, 2020

The 405(d) Post  Vol 2- November, 2019

Members-Only: Theft of Intellectual Property: Threats to Medical Research and Innovation

Members-Only Cybersecurity Alerts and Resources

Cyber Threat Intelligence

This section contains publicly available Cyber Threat Intelligence reports including FBI and TLP-White reports. For access to restricted distribution reports please sign in to see members-only cybersecurity resources.     /* reset */ .cc_tabs ul.a-container { margin: ...

Cybersecurity and Risk Advisory Services

At present, John Riggi, senior advisor for cybersecurity and risk, is available to provide: Strategic Cybersecurity and Risk Advisory Services Related To: Cyber threat and risk profile of the organization Information security and risk mitigation strategy development and integration w...

Related Resources

Special Bulletin
Member
Federal agencies this morning are providing new information on an imminent ransomware threat to U.S. hospitals.
Special Bulletin
Member
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS)…
Issue Landing Page
The number of large-scale data breaches at American health care organization increased 65% from 2010 to 2016. As a result, federal agencies are increasing…
Guides/Reports
Trusted insiders, both witting and unwitting, can cause grave harm to your organizations facilities, resources, information, and personnel. Insider incidents…
Standards/Guidelines
Public
Agent Tesla is an established Remote Access Trojan (RAT) written in .Net. A successful deployment of Agent Tesla provides attackers with full computer or…
Webinar Recordings
Public
This guide provides participants with instructions and helpful tips for the Health Sector Cybersecurity Coordination Center (HC3) Cybersecurity Threat Briefing…