The FBI and U.S. Department of Health and Human Services (HHS) recently issued alerts warning healthcare systems of the ransomware group LockBit. The group reportedly operates as an affiliate-based Ransomware-as-a-Service (RaaS) and uses a variety of tactics to create challenges for defense and mitigation.
The group claims that it does not attack healthcare organizations, but the agencies warn all healthcare facilities to be cautious as all ransomware continues to act as a major threat against the healthcare sector.
HHS suggests that healthcare facilities take these steps to reduce attack surface areas to the greatest extent possible:
Use the included indicators of compromise (IOC) in threat hunting and detection programs.
Use multi-factor authentication and strong passwords.
Establish a robust data backup program.
Consider signing up for CISA’s cyber hygiene services.
CRAB Alert: The EVS Role in Preventing Infection
Why Hospital Waiting Rooms Aren't Going Away
Ground Broken on Mount Sinai Tisch Cancer Hospital
Design, Compartmentation, Training: How Defend-in-Place Strategies Can Protect Patients
Milestone Marked with Topping Out Ceremony for BayCare Hospital Manatee