This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health Sector (HPH) to infect systems with Ryuk ransomware for financial gain. Download the PDF.
While there are significant benefits for care delivery and organizational efficiency from the expanded use of networked technology, Internet-enabled medical devices and electronic databases for clinical, financial and administrative operations, networked technology and greater connectivity also increase exposure to possible cybersecurity threats that require hospitals to evaluate and manage new risks in the context of federal privacy rules and related polices.
Hospitals can prepare and manage such risks by viewing cybersecurity not as a novel issue but rather by making it part of the hospital’s existing governance, risk management and business continuity framework.
Hospitals also will want to ensure that the approach they adopted remains flexible and resilient to address threats that are likely to be constantly evolving and multi-pronged.
This web page provides resources for hospital leaders as well as the latest updates from federal officials to help manage cyber threats.
Additional Key Cybersecurity Resources
Joint Cybersecurity Advisory TLP White: North Korean Advanced Persistent Threat Focus: Kimsuky, October 27, 2020
HC3 Threat Brief TLP White: COVID-19 Cyber Threats (Update), (August 13, 2020)
FBI Cybersecurity Advisory TLP White: Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware, August 2020
Current Malware Threats Targeting the Healthcare And Public Health (HPH) Sector, June 16, 2020
FBI & CISA PSA: People’s Republic of China (PRC) Targeting of COVID-19 Research Organizations, May 13, 2020
Joint Activity Alert: Top 10 Routinely Exploited Vulnerabilities, May 13, 2020
CISA Insights COVID-19 Disinformation Activity, May 8, 2020
HC3 Cyber Alert TLP White: Quantitative Risk Management for Healthcare Cybersecurity, May 7, 2020
CISA: Guidance for Securing Video Conferencing, May 1, 2020
CISA: Telework Guidance and Resources, May 1, 2020
Health Industry Cybersecurity Information Sharing Best Practices - March 2020
Draft: Data Integrity Identifying and Protecting Assets Against Ransomware and Other Destructive Events - January 2020
The 405(d) Post Vol 3 - January, 2020
The 405(d) Post Vol 2- November, 2019
Members-Only: Theft of Intellectual Property: Threats to Medical Research and Innovation
Members-Only Cybersecurity Alerts and Resources