The United States Department of Health and Human Services (HHS) has sent several messages in the last few days regarding a significant international cyber security issue affecting hospitals and healthcare information systems. As there is evidence of this attack occurring inside the U.S., HHS has advised that healthcare providers continue to exercise cyber security best practices.
In their communication, HHS also provided access to several resources to guide healthcare providers in the event of a cyber attack. LAMMICO shares these resources and advises our policyholders to review them:
If you are the victim of ransomware or have cyber threat indicators to share
If your organization is the victim of a ransomware attack, please contact law enforcement immediately for reporting, assistance and so local, federal and international agents can pursue cyber criminals worldwide.
- Contact your FBI Field Office Cyber Task Force immediately to report a ransomware event and request assistance.
- Contact US-CERT and FBI's Internet Crime Complaint Center to report cyber incidents.
- For further analysis and healthcare-specific indicator sharing, please also share these indicators with HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) at HCCIC_RM@hhs.gov.
Find the most up-to-date information from the U.S. government
- Overall Cyber Situational Awareness information from the US-CERT National Cyber Awareness System
- NCCIC Portal - for those who have access
- FBI FLASH: Indicators Associated With WannaCry Ransomware
Find the latest Microsoft Security Information
Visit the Microsoft Update Catalog for the latest security updates.
To request an unauthenticated scan of your public IP addresses from DHS
The US-CERT’s National Cybersecurity Assessment & Technical Services (NCATS) provides integrated threat intelligence and provides an objective third-party perspective on the current cybersecurity posture of the stakeholder’s unclassified operational/business networks.
- NCATS focuses on increasing the general health and wellness of the cyber perimeter by regularly and broadly assessing known external vulnerabilities and configuration errors, enabling proactive mitigation prior to exploitation.
- Attributable data is not shared or disseminated outside of DHS or beyond the stakeholder; non-attributable data is used to enhance situational awareness.
- NCATS security services are available at no cost to stakeholders. For more information, contact NCATS_INFO@hq.dhs.gov
ASPR TRACIE: Healthcare Cybersecurity Best Practices
A May 12, 2017 HHS message including information on how to protect from email-based and open RDP ransomware attacks can be found on the TRACIE Portal.
ASPR TRACIE also has “the best and promising healthcare cybersecurity practices available in our Technical Resources domain” according to HHS. Issue 2 of The Exchange (released in 2016) highlights lessons learned from a recent U.S. healthcare system cyber attach and features articles that demonstrate how collaboration at all levels helps healthcare facilities take action to prevent, respond to, and recover from cyber attacks.
This video, “Cybersecurity and Healthcare Facilities”, features subject matter experts describing last year's cyber attack on MedStar, steps to prevent and mitigate attacks, and what the federal government is doing about it. The Cybersecurity and Information Sharing Topic Collections include additional annotated resources.
LAMMICO shares these resources so that our policyholders can proactively prevent or respond to a cyber threat. However, know that in the event of a claim resulting from a cyber attack, LAMMICO includes basic limits of Medefense™ Plus/Cyber Liability insurance in most policies, and also offers the option to purchase higher limits of protection through our subsidiary agency, Elatas Risk Partners. For more information on your cyber liability coverage, please contact Carly Thames at 225.906.2062 or firstname.lastname@example.org.