Recently there has been a lot of news about cybercrime related to hospital IT systems. The American Hospital Association published a Special Bulletin recently updating hospitals of these attacks and the need to make sure that their IT systems are secure. This information comes from the Cybersecurity and Infrastructure Security Agency, the FBI and the Department of Health and Human Services. Take a moment to read the attached document, JOINT CYBERSECURITY ADVISORY Ransomware Activity Targeting the Healthcare and Public Health Sector for the latest information. The link is: joint cybersecurity advisory
It is critical that hospitals and health systems (1) circulate this information among their information technology and cybersecurity staff, and (2) work with other hospitals, the AHA and federal agencies to share and disseminate intelligence on this threat for the benefit of the entire field.
The government has requested that any suspicious, potentially related cyber activity or attacks be reported immediately to the FBI Cyber Watch 24/7 command center at 855-292-3937.
AHA continues to work closely with federal agencies to understand and mitigate the situation at hand.
The agencies are urging the health care sector to maintain business continuity plans — the practice of executing essential functions through emergencies (e.g., cyberattacks) — to minimize service interruptions and follow federal best practices in the areas of network security, ransomware and user awareness.
Additionally, system administrators are urged to immediately take steps to ensure current, air-gapped backups are in place for all sensitive or proprietary data, especially if there is any indication of a network compromise. According to the Department of Homeland Security, hospitals and health systems are advised to develop emergency contingency plans should the attackers target multiple hospitals simultaneously in the same region.
The government has advised that phishing emails are the primary methodology to deliver the malware into victim organizations, but not the exclusive methodology. Therefore, email security should be increased, and staff should be placed on heightened alert for suspicious emails. (Special Bulletin, AHA, 10/30/2020)