In recent years, the health care sector has become a prime target for ransomware attacks. The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released an advisory on April 5, listing the top 10 ransomware groups targeting this sector. Over the past six months, HC3 has tracked over 530 attacks against the U.S. health care sector, with nearly half of them being ransomware-related.
One notable threat is the BlackCat ALPHV group, which was the first to use the Rust programming language to bypass security controls not designed to detect Rust. These tactics are commonly used by Russia-associated groups that utilize phishing emails, exploitation of known vulnerabilities, and remote desktop protocols. Social engineering schemes also target health care IT help desks to bypass multi-factor authentication for password reset and new device enrollment.
To address these threats, HC3 Cyber Working Group will host an event called All Hands Across America on April 24. This event will bring together health care sector chief information officers and chief information security officers for regional networking, cyber threat briefings, and tabletop exercises. For more information on cyber and risk issues, contact John Riggi at jriggi@aha.org. To access the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.
