HC3 TLP White Alert: 2021 Trends Show Increased Globalized Threat of Ransomware

Executive Summary

In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally. Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally. This joint Cybersecurity Advisory provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

Report

Alert (AA22-040A) - 2021 Trends Show Increased Globalized Threat of Ransomware https://www.cisa.gov/uscert/ncas/alerts/aa22-040a

Impact to HPH Sector

As ransomware continues to act as a major cyber threat against the U.S. Healthcare and Public Health (HPH) Sector, it is extremely important to both know AND apply the information included in this Alert.

Reducing your organization’s attack surface to the greatest extent possible is the primary goal, and this Alert provides many ways to do that. Notably:

  • Digest the Technical Details to understand how cybercriminals’ actions are trending to adjust your own threat modeling.
  • Keep all operating systems and software up to date.
  • If you use RDP or other potentially risky services, secure and monitor them closely.
  • Use multi-factor authentication and strong, unique passwords.
  • Establish a robust data backup program and ensure all backup data is encrypted.
  • Consider signing up for CISA’s cyber hygiene services.

U.S. organizations should report incidents immediately to the FBI at a local FBI Field Office, CISA at uscert.cisa.gov/report, or the U.S. Secret Service at a U.S. Secret Service Field Office.

References

Links to numerous additional references and resources can be found in the above referenced report.

Contact Information

If you have any additional questions, please contact us at HC3@hhs.gov.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Special Bulletin
Red Cross, America’s Blood Centers, AABB Say U.S. Faces Critical Blood and Platelet Shortages
Public
Advancing Health Podcast
Going International: The FBI's Global Fight Against Cybercrime
Public
Advisory
American Hospital Association and Health-ISAC Joint Threat Bulletin - TLP White
Public
Advisory
Hospitals in Florida, Other States Impacted by Effects of Cyberattack on Blood-donation Nonprofit OneBlood
Member
Advisory
Ransomware Group Warns of Potential Cyberattack
Member
Advisory
New Resources and Offers for AHA Members to Bolster Cybersecurity Efforts
Public