Cybersecurity News

Organizations should take steps to prevent access to ICS/SCADA devices to disrupt critical functions.

AHA’s national advisor for cybersecurity and risk speaks with leaders from University of Vermont Medical Center about the attack.

Private sector alerted to UPS device risk, public sector ransomware attacks.

The Senate Committee on Homeland Security and Governmental Affairs today voted to advance as amended the Healthcare Cybersecurity Act (S.3904),

AHA this week voiced support for the Healthcare Cybersecurity Act (S.3904), legislation that would improve collaboration and coordination between the Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services.

The Cybersecurity and Infrastructure Security Agency, FBI and Department of Energy yesterday urged the energy sector and other critical infrastructure organizations to take certain actions to reduce cyber risks.

President Biden yesterday urged an immediate hardening of private-sector cyber defenses “based on evolving intelligence that the Russian Government is exploring options for potential cyberattacks.”

The FBI and Cybersecurity and Infrastructure Security Agency recommended all organizations take action to prevent Russian state-sponsored actors from exploiting vulnerabilities in multifactor authentication (MFA) protocols and Windows print spooler. 

The Cybersecurity & Infrastructure Security Agency, FBI and U.S. Secret Service this week issued an updated advisory on the Russian-speaking Conti ransomware gang to include a list of over 100 domain names and naming characteristics used to distribute the ransomware and conduct attacks. 

In this special podcast, John Riggi, AHA’s national advisor for cybersecurity and risk, speaks with FBI Cyber Engagement and Intelligence Section Chief David Ring on the cybersecurity implications of the ongoing crisis in Ukraine.

The Cybersecurity and Infrastructure Security Agency and FBI Saturday

As Russia attempts to advance its political interests by its invasion of Ukraine through the use of its military, we have also seen stepped up cyberattacks attributed to Russia in recent days on major networks in Ukraine.

The AHA recommended hospitals and health systems take certain immediate steps to protect against increased cyber risks to the U.S. health system stemming from the ongoing military operations in the Russia/Ukraine region.

The Cybersecurity and Infrastructure Security Agency issued a rare “Shields Up” message recommending all U.S. organizations take immediate steps to enhance their ability to detect and protect against a cyber intrusion. The action follows a State Department advisory urging Americans to immediately leave Ukraine due to increased threats of Russian military action. 

Sophisticated, high-impact ransomware incidents against critical infrastructure organizations increased globally in 2021, according to a

The Government Accountability Office today extended to Feb. 11 its survey for HIPAA-covered health care entities and business associates on their experiences complying with the Department of Health and Human Services’ data breach reporting requirements and HHS efforts to improve the data breach reporting process. The AHA assisted GAO in developing the survey, which will inform a future GAO report to Congress on data breach reporting by covered entities, including any challenges reported by covered entities and HHS efforts to address them.

The AHA has released a guide to help health care governing boards work with their organization’s leadership team to set cybersecurity priorities and reduce cyber risks.

The Government Accountability Office is surveying health care entities and business associates covered by the Health Insurance Portability and Accountability Act through 4 p.m. ET Friday to learn more about their experiences complying with the Department of Health and Human Services’ data breach reporting requirements and HHS efforts to improve the data breach reporting process.

The Cybersecurity & Infrastructure Security Agency Sunday advised U.S. critical infrastructure organizations to review a Microsoft blog on malware identified in Ukraine and take action to strengthen their networks against potential cyber threats.

The Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency released recommendations to help health care and other critical infrastructure organizations prevent, detect and respond to common Russian state-sponsored cyber threats.