Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
Learn More
On July 14, 2020, Microsoft released a patch for CVE-2020-1147. If left unpatched the vulnerability, which affects Microsoft SharePoint, .NET Framework, and Visual Studio, could allow an attacker to run arbitrary code.
On 20 July, 2020, the first of what would become almost 4,000 unsecured and public-facing databases were completely destroyed. No explanation or ransom note was provided in what has been dubbed the ‘meow’ attacks. A number of recommendations on mitigating Meow attacks are available in the full…
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020.
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020. Emotet, the number one malware of 2019, infects new devices by enticing victims to execute malicious macros embedded in Microsoft Word documents. Once infected, the devices may be…
What is the Dark Web?
The FBI seeks to inform US companies in the healthcare, chemical, and finance sectors of potential targeting activity by the Chinese government against their business and operational components based in China.
Cyber criminals could exploit vulnerabilities in electronic logging devices (ELDs), which became required equipment in most commercial trucking operations as of 16 December 2019 due to a federal regulatory mandate.
The US Department of Justice (DOJ) indicted two People’s Republic of China (PRC) cyber actors for stealing hundreds of millions of dollars’ worth of trade secrets, intellectual property, and other high-value information from biotechnical, commercial, and government victims in the United States and…
Thanos ransomware, first noted in January 2020, is unremarkable apart from the RIPlace anti-ransomware evasion technique that is available as one of its paid-for features.