HHS Updates on International Cyber Threat to Healthcare Organizations

PUBLISHED: May 18, 2017
Relevant to: Ambulatory Care, Behavioral Health, Clinical Lab, Home Health, Hospice, Hospitals, Long Term Care, Medical Office/Clinic

The US Department of Health and Human Services (HHS) has issued several updates about the recent international cyber threat to healthcare organizations. HHS is highlighting the following:

  • A partner noted an exploitative social engineering activity whereby an individual called a hospital claiming to be from Microsoft and offering support if given access to their servers. It is likely that malicious actors will try and take advantage of the current situation in similar ways.
  • Anecdotal notices have been received of medical device ransomware infection.

HHS is reminding all organizations that if they suspect or are the victim of a ransomware attack, please contact law enforcement immediately:

  • Please contact your FBI Field Office Cyber Task Force (www.fbi.gov/contact-us/field/field-offices) immediately to report a ransomware event and request assistance. These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber-crime.
  • For further analysis and healthcare-specific indicator sharing, please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at HCCIC_RM@hhs.gov

Want to read the full alert and receive alert emails?

Browse Additional Alerts