Compliance Today (January 2021)
The newly created Cybersecurity and Infrastructure Security Agency issued a joint alert with the Federal Bureau of Investigation and the U.S. Department of Health & Human Services regarding “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”
The alert, released October 28, also includes information on tactics, techniques, and procedures used to penetrate networks, such as details on specific malware TrickBot, BazarLoader, and Conti. The alert provides specifics on how the malware makes its way into systems, hides from administrators, and replicates itself to infect other systems. The information is very useful, especially as resources are stretched thin due to the ongoing pandemic.
1 Cybersecurity & Infrastructure Security Agency, “Alert AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector,” Alert, last revised November 2, 2020, https://bit.ly/3mHnuc5.
2 Jane Anderson, “Agencies Warn of New Ransomware Targeting Health Care Organizations,” Report on Patient Privacy 20, no. 11 (November 2020), https://bit.ly/2Ui98CU.