Department of Health and Human Services – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР

U.S. Warns of Increased Risk of Ransomware Attacks Targeting the Healthcare Industry | Dechert LLP

riskacademy — Sat, 31 Oct 2020 20:50:49 +0000

On October 28, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) issued a joint cybersecurity advisory (the Joint Cybersecurity Alert) to warn the healthcare sector that there is “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

The complete Joint Cybersecurity Alert provides specific details regarding this threat and can be found here.

Healthcare companies should be aware of the heightened risk of potential ransomware attacks targeting the sector. Below are some practical steps you can take right now to decrease the risk of attack and to be better prepared should your organization fall victim:

Review your cyber insurance coverage. Is it up to date and does it cover ransom?
Do you have a good incident response plan? If your company is still in WFH mode, be sure that all who may be activated in the event of an incident have a paper copy of the plan at home.
Do you have a way for senior management to communicate if your network systems are all down? We recommend setting up a secure texting…

Ransomware Activity Alert For the Healthcare Sector – by Adam Silverman

riskacademy — Thu, 29 Oct 2020 13:36:55 +0000

This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.

This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health Sector (HPH) to infect systems with Ryuk ransomware for financial gain.

CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.

Click here for a PDF version of this report.

Key Findings

CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the…