An Important Cybersecurity Alert for Hospitals and Healthcare Providers: Ryuk Ransomware Attack Warning

We encourage hospitals and healthcare providers to review this cybersecurity advisory and recommendations for mitigation from Beazley. This information is quoted below:  

“Multiple federal agencies issued a public cybersecurity advisory yesterday about an imminent ransomware attack against the healthcare and public health sector this weekend. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have credible information suggesting an Eastern European threat group plans to launch a widespread Ryuk ransomware attack.”  

“Overall, Ryuk is activated after a precursor form of malware such as a Trickbot is on a computer system, and that malware drops in the encryption malware.”

Additional resources and recommended reading are below:

“Here are some recommendations from BBR, the CISA, the FBI and HHS for hospitals and healthcare systems to implement ASAP:

  • Establish and practice out of band, non-VoIP, communications
  • Rehearse IT lockdown protocol and process, including practicing backups
  • Ensure backup of medical records, including electronic records, and have a 321-backup strategy – have hard copy or remote backup or both
  • Expedite patching response plan within 24 hours
  • Prepare to maintain continuity of operations if attacked
  • Review plans within the next 24 hours should you be hit
  • Check that your anti-virus and endpoint detection and response (EDR) are running; a stopped state may indicate compromise
  • Power down IT where not used
  • Consider limiting use of personal email
  • Be prepared to reroute patients
  • Ensure proper staffing for continuity
  • Know how to contact federal authorities when phones are down, or email has been wiped
  • Consider limiting/powering down non-essential internet facing IT services
  • Limit personal email services
  • Be prepared to re-route patients if patient care is disrupted due to IT outage
  • Ensure sufficient staffing to maintain continuity of operations with disrupted IT networks
  • Report all potentially related cyber incidents to the FBI 24/7 CyberWatch Command Center at 855-292-3937″

For more information, download the full cybersecurity advisory from the FBI.

Rose & Kiernan, Inc. uses Beazley for a large number of our clients. If you have any questions or concerns, please reach out to Rose & Kiernan, Inc. here or by calling 800-242-2433.

Post a Comment

Your email address will not be published. Required fields are marked *