Cybersecurity Update

Advance Persistent Threats Targeting Health Care and Public Health Sector  The Health Sector Cybersecurity Coordination Center (HC3) issued a brief on Chinese or suspected Chinese Advance Persistent Threats (APTs) targeting entities within the Health Care and Public Health (HPH) sector. HC3 analysts predict that these threats will increase and recommend the following actions to mitigate risk: 

• Understand Chinese APT tactics, techniques, and procedures (TTPs), including historical attacks and targeted vulnerabilities

• Keep systems updated with the most recent patches and prioritize patching for the most at-risk systems based on the TTPs identified in the first bullet

• Increase the identification and ingestion of Chinese APT indicators of compromise

• Have and practice an incident response plan

Resources Health Industry Cybersecurity Protection of Innovation Capital Guide The Healthcare and Public Health Sector Coordinating Council Joint Cybersecurity Working Group issued a paper on the Health Industry Cybersecurity Protection of Innovation Capital Guide, which is a resource for security and risk practitioners. The paper highlights methods of cyber espionage that threaten health care innovation capital and makes recommendations for enterprise controls to protect essential data and prevent theft. 

COVID-19 Cyber Threats (PDF)