On Oct. 28, the Department of Health and Human Services (HHS), along with the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), issued an alert about an increased and imminent cybercrime threat to U.S. hospitals and health care providers.
This threat involved malicious actors using Trickbot malware to compromise information technology (IT) systems, including by engaging in ransomware attacks, data theft, and the disruption of health care services. In the alert, CISA urged health care providers to ensure they take timely and reasonable precautions to protect their networks from these threats. The alert noted the attacks would be particularly challenging during the COVID-19 pandemic, and that health care administrators will need to balance risk when determining cybersecurity investments.
Health care providers should review the information contained in the alert, which includes:
- indicators of compromise that indicate a Trickbot attack;
- information about Ryuk ransomware attacks;
- network, ransomware, and user awareness best practices; and
- recommended mitigation measures.
Visit the America’s Essential Hospitals IT security resource page for more cybersecurity resources.