On October 28, 2020, a joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures used by cybercriminals against targets in the healthcare and public health sectors to infect their systems with Ryuk ransomware for financial gain.
CISA, FBI, and HHS state they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.
CISA, FBI, and HHS believe malicious cyber actors are targeting
healthcare entities with Trickbot malware, often leading to
ransomware attacks, data theft, and the disruption of healthcare
services.
These issues are particularly challenging for healthcare
organizations during the COVID-19 pandemic.
We are seeing such threats to our own clients. To address this threat, IT teams should double-down on internal alerts, education, and securing backups (as the attackers are now looking to disable backups as part of their ransom strategy). You also should consider running a table-top exercise to simulate your response to such an attack.
To view Foley Hoag's Security, Privacy and The Law Blog please click here
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.