Mitigations for Ransomware Attacks on the HPH Sector

ASPR TRACIE has recently shared the following information with resources on mitigating security risks.

The Healthcare and Public Health Sector is seeing an increase of ransomware attacks across the sector. Please take all necessary precautions to mitigate the risk of being impacted. Ransomware attacks involve using a type of malware that encrypts the victim’s data, making the system inaccessible until a ransom is paid. Oftentimes, the attacker will not bother to unlock the user’s data even after a ransom is paid. Please see the following resources from HHS Health Sector Cybersecurity Coordination Center (HC3), DHS Cybersecurity and Infrastructure Security Agency (CISA), and from the FBI for additional information:

• FBI Flash (May 5, 2020)

• Ryuk Update (January 30, 2020)

• Quick reference infographic on ransomware, click here.

• CISA Insights which summarizes key mitigation steps, click here.

• CISA’s comprehensive library for ransomware has a number of products ranging from training to mitigation best practices, click here.

Additional Resources:

• ASPRtracie.hhs.gov

• 844-5-TRACIE (844-587-2243)

• askasprtracie@hhs.gov