HHS Releases Guidance on Preventing and Responding to Ransomware Attacks
July 5, 2016 09:08 AM
The U.S. Department of Health and Human Services (HHS), along with the Department of Justice and Department of Homeland Security, recently released guidance for organziations to prevent and respond to the occurrence of ransomware attacks. Health care and other organizations face an increasing threat of ransomware attacks, in which criminals encrypt or block access to important files and demand a ransom to release them. This most recent guidance follows the Federal Bureau of Investigation (FBI) releasing its own guidance earlier this year (see previous NAHC Report article here).
In a letter to organizations announcing the guidance, HHS Secretary Sylvia Mathews Burwell said it provides in-depth recommendations to both prevent and respond to ransomware attacks.
“Like leaders in all industries, I know you are concerned about cybersecurity. Even when we do our best, problems can occur,” she wrote in a letter announcing the new guidance. “To that end, I want to bring to your attention the increasing threat of ransomware—where an attacker gains access to your system and encrypts your data and holds it hostage until payment is received. Unlike many cyber threats—e.g., stolen data and compromised health information—ransomware is immediately disruptive to day-to-day business functions and, therefore, your ability to provide high quality health care. In recent events, several health care organizations have fallen victim to ransomware.”
In addition to outlining how to respond to ransomware attacks, Secretary Burwell highlighted how they can be prevented. “Ransomware attacks can be prevented,” she said. “Appropriate cybersecurity prevention measures, team member education, proper cyber hygiene, comprehensive backup and recovery procedures, and continuity planning are the best tools to combat ransomware. Just like health care professionals wash their hands before procedures, we need to develop the habit of keeping our systems and data healthy, secure, and recoverable.”
HHS recommends that any organization that is the victim of a ransomware attack contact law enforcement immediately. Organizations should contact a FBI Field Office Cyber Task Force (www.fbi.gov/contact-us/field/field-offices) or local U.S. Secret Service field office (www.secretservice.gov/contact/field-offices) immediately to report a ransomware event and request assistance. “These professionals work with state and local law enforcement and other federal and international partners to pursue cyber criminals globally and to assist victims of cyber crime,” she said. HHS also enourages victims to report cyber incidents to the FBI’s Internet Crime Complaint Center (www.ic3.gov).
View Secretary Burwell’s letter and the guidance here.