Cybersecurity Government Intelligence Reports

The American Hospital Association (AHA) Cybersecurity and Risk Advisory Service share cybersecurity government intelligence reports that are vital to the security of hospitals and health systems.

Royal is a human-operated ransomware that was first observed in 2022 and has increased in appearance. It has demanded ransoms up to millions of dollars. Since its appearance, HC3 is aware of attacks against the Healthcare and Public Healthcare (HPH) sector.
The FBI and CISA have released a joint security advisory to disseminate known Indicators of Compromise (IOC) and Tactics, Techniques, and Procedures (TTPs) that have been associated with the Cuba Ransomware actor.
Executive Summary Lorenz is human-operated ransomware that has been in operation for approximately two years. In that time, HC3 is aware of the compromise of healthcare and public sector targets. It is used to target larger organizations in what is called “big-game hunting”, and publishes data…
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch (FCEB) organization where CISA observed suspected advanced persistent threat (APT) activity.
In October 2022, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches.
The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight hacktivism activity and encourage organizations to implement the recommendations in the Mitigations section to reduce the likelihood and impact of distributed denial of service1 (DDoS) attacks.