Cybersecurity Alert of Ransomware Activity in Healthcare

Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker.

Alert (AA20-302A)

Ransomware Activity Targeting the Healthcare and Public Health Sector

Alarming reports of cybercriminals targeting the healthcare sector with ransomware have caused widespread concern among healthcare providers. In a joint cybersecurity alert, the Federal Bureau of Investigation (FBI); the Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) warned, “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The recent threats have once again stressed the need for more robust cybersecurity measures.

Various tools and techniques are being used to lure victims into unwittingly revealing protected health information (PHI). Clinicians and employees in the healthcare sector must stay vigilant. Cybercriminals are reportedly using phishing emails with links that seem to be legit emails to lure victims and hold their data or systems hostage until a ransom is paid to a bitcoin wallet. The emails include links to websites which host the malware which may also be sent via an email attachment.

Cybersecurity Alert Recommendations

Basic Cybersecurity Alert Suggestions

Update systems, software and firmware as soon as patches are released by manufacturers.
Change passwords to networks and accounts regularly and avoid reusing passwords.
Look out for phishing emails from cybercriminals that may look legit.
Create a cyber-incident response plan to ensure continuity of service.
Identify critical assets such as medical records, telehealth and telework infrastructure, and create offline backups.
Maintain offline backups and undergo regular tests.
Configure antivirus solutions to do regular scans and download new software updates.
Make sure you know who to contact in the case of a suspected cyberattack.

Business Continuity Plan

CISA, FBI, and HHS encourage healthcare providers to minimize service interruptions by implementing business continuity plans which aim to maintain essential functions through emergencies.

Note that in the case of a ransomware attack, paying the ransom does not guarantee getting your systems or data back. CISA, FBI, and HHS do not recommend paying the ransom. To prevent this potentially catastrophic event from happening, start implementing precautionary measures. For technical details and guidance visit this link.

Other Cybersecurity Alert Considerations

Separate sensitive data from email servers by using a dedicated or separate server
Configure antivirus solutions to do regular scans and download new software updates.
Inspect accounts with administrative privileges and try to limit access controls whenever possible.
Focus on employee awareness to prevent them from falling prey to cyberattacks.

HIPAA Compliant Cybersecurity for Professionals

Must-know information about how to protect your telehealth practice from a ransomware attack. Operate w/ EYES WIDE OPEN.

Disclaimer: Telehealth.org offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Telehealth.org Privacy Policy and Terms and Conditions.