In the wake of an ongoing international ransomware attack that hit health care organizations across the United Kingdom, the Department of Health and Human Services (HHS) shared guidance about how health care organizations in the United States can protect themselves against this cyber threat.

The U.S. Computer Emergency Readiness Team defines ransomware as a type of malware that infects computers and restricts access to files until a ransom is paid. Malware often is spread through attachments and links in phishing emails, which masquerade as emails from a familiar source. Hackers recently have used remote desktop protocol (RDP) servers that are open to the internet to log into users’ systems.

To protect against ransomware, HHS urges internet users to:

  • only open email from people you know and from whom you are expecting to receive mail;
  • avoid clicking links in emails that were not expected;
  • keep computers and antivirus software up to date; and
  • disable RDP if possible or only allow network access where needed.

Victims of ransomware should contact law enforcement immediately and report cyber incidents to the U.S. Computer Emergency Readiness Team (US-CERT) and Federal Bureau of Investigation’s (FBI’s) Internet Crime Complaint Center.

HHS is working to secure its systems and coordinate with the Department of Homeland Security and FBI. HHS requests that organizations contact the department at cip@hhs.gov if patient care or supply chain distribution are effected by ransomware.

More information on ransomware is available in an HHS ransomware fact sheet and on the US-CERT website, which will be updated regularly.

Contact Director of Policy Erin O’Malley at eomalley@essentialhospitals.org or 202.585.0127 with questions.