Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
Learn More
Rep. Brett Guthrie, R-Ky., addressed attendees of AHA’s 2024 Annual Membership Meeting and touched on many of the biggest issues in health care: cybersecurity; prior authorization and denials of care; extensions for expiring telehealth provisions; and how government and hospitals can work together…
Testifying April 16 before a House Energy and Commerce Subcommittee on Health hearing on addressing health care cybersecurity vulnerabilities in the wake of the Change Healthcare attack, AHA shared proposals and concerns for Congress and the Administration to consider.
John Riggi's testimony provides background regarding the cyberattack on Change Healthcare, gives an update on the current state of play, and outlines the impacts on hospitals, health systems and patients around the country.
Two Administration officials April 14 discussed how the federal government is working with hospitals and other parts of the health care sector to defend against cyber threats and mitigate cyberattacks.
Sen. Ron Wyden, D-Ore., expressed to AHA members frustration with the Change Healthcare cyberattack, which he believes jeopardized patients and their personal data.
The Change Healthcare cyberattack was a significant event that caught many off guard, said the Centers for Medicare & Medicaid Services Administrator Chiquita Brooks-LaSure, reiterating the agency’s commitment to supporting impacted hospitals. Brooks-LaSure stated the Administration is…
Today’s Headlines: Leading Story• Palo Alto Networks Patches Available NowData Breaches & Data Leaks • Ex-Employee Takes Responsibility for Hospital Data BreachCyber Crimes & Incidents• Russian Government-Backed…
On April 14, Palo Alto Networks released security updates for the critical unauthenticated remote code execution flaw CVE-2024-3400 affecting GlobalProtect.
A daily ransomware tracker at TLP:GREEN for the purpose of increasing ransomware threat awareness.
Executive SummaryOn April 12, 2024, Palo Alto Networks has warned of a command injection vulnerability (CVE-2024-3400) impacting its firewalls. The vulnerability can be exploited in an automated manner, and the company recommends that customers apply temporary mitigations. Palo Alto Networks is…