No announcement yet.

JOINT CYBERSECURITY ADVISORY - Ransomware Activity Targeting the Healthcare and Public Health Sector

  • Filter
  • Time
  • Show
Clear All
new posts

  • JOINT CYBERSECURITY ADVISORY - Ransomware Activity Targeting the Healthcare and Public Health Sector

    October 28, 2020

    This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK?) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques.


    This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health Sector (HPH) to infect systems with Ryuk ransomware for financial gain.

    CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.

  • #2
    Building wave of ransomware attacks strike U.S. hospitals


    By Christopher Bing, Joseph Menn

    WASHINGTON/SAN FRANCISCO (Reuters) - Eastern European criminals are targeting dozens of U.S. hospitals with ransomware, and federal officials on Wednesday urged healthcare facilities to beef up preparations rapidly in case they are next.

    The FBI is investigating the recent attacks, which include incidents in Oregon, California and New York made public just this week, according to three cybersecurity consultants familiar with the matter.

    A doctor at a hospital in Oregon told Reuters that the facility was functioning on paper after an attack and unable to transfer patients because the nearest alternative was an hour away.


    • #3
      Date 28.10.2020

      Coronavirus: Cyberattack blamed for delay in Germany's health data

      The Robert Koch Institute (RKI) had to delay publishing coronavirus numbers on Wednesday due to a cyberattack on its website. It was the second such attack on the RKI in less than a week.

      The Robert Koch Institute (RKI), Germany's national institute for disease control, was the target of a cyberattack that delayed publication of daily coronavirus numbers on Wednesday. The attack was the second in less than a week.