By HFT Editorial Staff

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) is reminding healthcare facilities and other organizations to remain vigilant this holiday season as ransomware and other cyberattacks are on the rise. The advisory is based on previous observations on the timing of high impact ransomware attacks than a specific threat reporting.

In the last three years, more than 200 hospitals have fallen victims to cyberattacks, but only 65 percent of healthcare facilities officials believe their organizations have the appropriate security tools and resources, as Healthcare Facilities Today previously reported. Less than one-half of healthcare facilities conduct routine monitoring and risk mitigation processes, such as vulnerability assessments— 33 percent — or infrastructure auditing — 48 percent.

“While we are not currently aware of a specific threat, we know that threat actors don’t take holidays,” says Jen Easterly, CISA’s director. “We will continue to provide timely and actionable information to help our industry and government partners stay secure and resilient during the holiday season. We urge all organizations to remain vigilant and report any cyber incidents to CISA or FBI.”

CISA and the FBI recommend that organizations start implementing best practices to prevent cyberattacks. These include:

• implementing multi-factor authentication for remote access and administrative accounts
• mandating strong passwords and ensuring they are not reused across multiple accounts
• ensuring remote desktop protocol or other potentially risky services are secure and monitored
• reminding employees not to click on suspicious links, and conducting exercises to raise awareness
• reviewing and, if needed, updating incident response and communication plans that list actions an organization will take if impacted by a ransomware incident.