The Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the U.S. Department of Health and Human Services are warning of an imminent threat to U.S. hospitals and healthcare providers.
The agencies have credible information that malicious cyber actors are targeting the healthcare and public health sectors with malware such as Ryuk, Conti, TrickBot, and BazarLoader. The use of this malware can result in ransomware attacks, disruption of healthcare services, and data theft.
According to a CISA press release:
CISA, FBI, and HHS have released AA20-302A Ransomware Activity Targeting the Healthcare and Public Health Sector that details both the threat and practices that healthcare organizations should continuously engage in to help manage the risk posed by ransomware and other cyber threats. The advisory references the joint CISA MS-ISAC Ransomware Guide that provides a ransomware response checklist that can serve as a ransomware-specific addendum to organization cyber incident response plans.
CISA, FBI, and HHS are sharing this information in order to provide a warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats. CISA encourages users and administrators to review CISA’s Ransomware webpage for additional information.