May 12, 2017. The US Department of Health and Human Services (HHS) is monitoring a significant cyber attack that has focused primarily on health systems in Europe. At this point the agency is assessing impact to US health systems and providers as some information suggests this attack may have spread to other industries and regions. Until more is known ACHC advises all to remind their associates and staff of safe and robust cyber security practices. The agency has provided some resources to assist in recognizing threats as well as how to handle suspicious activity. Monitor ACHC’s Twitter page (https://twitter.com/achc) for current information affecting health care providers. Below is the advisory sent by HHS.
Dear HPH Sector Colleagues,
HHS is aware of a significant cyber security issue in the UK and other international locations affecting hospitals and healthcare information systems. We are also aware that there is evidence of this attack occurring inside the United States. We are working with our partners across government and in the private sector to develop a better understanding of the threat and to provide additional information on measures to protect your systems. We advise that you continue to exercise cyber security best practices – particularly with respect to email.
Laura Wolf,
Critical Infrastructure Protection Lead
HHS-ASPR-OEM
Additional information on ransomware provided by HHS Office for Civil Rights can be found at:
Cyber Newsletters:
https://www.hhs.gov/sites/default/files/hippa-cyber-awareness-monthly-issue1.pdf
https://www.hhs.gov/sites/default/files/hipaa-cyber-awareness-monthly-issue3.pdf
https://www.hhs.gov/sites/default/files/february-2017-ocr-cyber-awareness-newsletter.pdf
Ransomware Guidance:
https://www.hhs.gov/sites/default/files/RansomwareFactSheet.pdf
