HHS Cybersecurity Update

News of the recent worldwide cyberattack on the health sector in the UK has generated interest and inquiry in the US. The US Department of Health and Human Services (HHS) has taken the lead on collecting and disseminating useful information to healthcare constituencies since the discovery of this malicious attack on Friday. Although this iteration of the threat appears to be contained, ACHC encourages all healthcare providers to be vigilant in protecting against and reporting any cyber threats. Below is the update released by HHS.

 

We would like to flag for the community that a partner noted an exploitative social engineering activity whereby an individual called a hospital claiming to be from Microsoft and offering support if given access to their servers. It is likely that malicious actors will try and take advantage of the current situation in similar ways. Additionally, we received anecdotal notices of medical device ransomware infection.

How to request an unauthenticated scan of your public IP addresses from DHS

The US-CERT’s National Cybersecurity Assessment & Technical Services (NCATS) provides integrated threat intelligence and an objective third-party perspective on the current cybersecurity posture of the stakeholder’s unclassified operational/business networks. NCATS security services are available at no cost to stakeholders. For more information, please contact NCATS_INFO@hq.dhs.gov.

If you are the victim of ransomware or have cyber threat indicators to share, please contact law enforcement immediately.

  1. Contact your FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cybercriminals globally and to assist victims of cybercrime.
  2. Report cyber incidents to the US-CERT and the FBI’s Internet Crime Complaint Center.
  3. For further analysis please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at HCCIC_RM@hhs.gov.

For the most up-to-date information from the U.S government on cybersecurity issues, visit:

Other Resources:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s