FBI, HHS warn of 'increased and imminent' cyber threat to hospitals

The Intelligence Service for Cybersecurity and Infrastructure, the Federal Bureau of Investigation and the U.S. The Department of Health and Human Services said they have “credible intelligence” that as the coronavirus pandemic hits new heights, cybercriminals are taking new aim at healthcare providers and public health agencies.


“Malicious cyber actors” may soon be plotting on a scale not yet seen in the American healthcare system to “infect networks with Ryuk ransomware for financial benefit.”

The agencies recommended that hospitals, practises and public health organisations take “timely and appropriate steps to protect their networks from these risks,” which they said involves targeting Trickbot malware, “sometimes leading to ransomware attacks, data theft, and healthcare services disruption,” just as hospitals are also difficult to respond to a third wave of the COVID-19 critique.

CISA, FBI and HHS offered some basic suggestions for how hospitals and healthcare organizations can shore up their defenses to help protect against ransomware and other cyberattacks:

  • Patch operating systems, software and firmware as soon as manufacturers release updates.
  • Check configurations for every operating system version for HPH organization-owned assets to prevent issues from arising that local users are unable to fix, due to having local administration disabled.
  • Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.
  • Use multifactor authentication where possible.
  • Disable unused remote access/Remote Desktop Protocol ports and monitor remote access/RDP logs. Read More form the source