FBI and HHS warns of cyberattacks to hospitals in USA

The joint cybersecurity advisory commissioned by the US Cybersecurity and Infrastructure Security and Agency (CISA), the Federal Bureau of INvestigation (FBI), and the Department of Health and Human Services (HHS) published an advisory that describes the tactics, techniques, and procedures (TTP) used by cybercriminals against targets in the healthcare and public health sector. In the advisory, the agencies stated to have credible information of an increased and imminent cybercrime threat to hospitals and healthcare providers in the USA. The key findings include that the agencies assess that malicious cyber actors are targeting the healthcare and public health sector with Trickbot malware, which often leads to ransomware attacks, data thefts, and the disruption of healthcare services. To mitigate potential threats, the agencies encouraged health systems and hospitals to maintain business continuity plans to minimise service interruptions. They also pressed health stakeholders to review or establish patching plans, security policies, user agreements, and business continuity plans in order to ensure that they address threats posed by malignant cyber actors.