Joint Cybersecurity Advisory from CISA/FBI/HHS

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

A joint Cybersecurity Advisory has been issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures used by cybercriminals against targets in the healthcare sector to infect systems with ransomware with a coordinated wave of attacks.

As of this writing, at least five healthcare providers that had been hit with ransomware were still experiencing downtime, some for more than a week.  Only Universal Health Services, once of the first confirmed attacks, had successfully brought systems back online after more than three weeks of remediation and recovery.

The financial impact to the affected providers and any impacts on patient health have not been disclosed.

Although the joint warning was about targeted attacks on healthcare, the reality is the all organizations are at risk, and should take proactive steps, including:

  1. Evaluate your organization’s risk based on the controls you have in place.  If you are an IT service provider, help your customers perform a risk review. Our online ransomware risk calculator can be used to identify risk areas.
  2. Address the high risks as soon as possible!  Often simple changes in configuration and access can be made for minimal cost and effort that can greatly reduce your ransomware risk.
  3. Check your cyber coverage!  Ransomware is a specific threat that may have coverage limitations that you need to be aware of.  Your best protection is prevention.


Tracy Fox
+ posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Foresite Cybersecurity Announces Pivot to Open XDR & Compliance Platform