In light of last week’s ransomware attacks overseas targeting hospitals and other providers, HHS is notifying providers in the United States of a warning issued by the United States Computer Emergency Readiness Team (US-CERT) regarding a coordinated, global ransomware attack targeting various organizations, including health care organizations.
Ransomware is a type of malicious software that infects a computer and restricts users’ access to data stored on the computer until a ransom is paid to unlock it. Ransom payments are usually demanded in the form of bitcoin, an electronic currency characterized by anonymous transactions.
US-CERT discourages individuals and organizations from paying a ransom, since payment does not guarantee access will be restored, and there is no way for victims who pay the ransom to enforce the implicit agreement for restored access.
The particular type of ransomware involved in this most recent attack is called WannaCry. US-CERT has a webpage with detailed information regarding WannaCry as well as recommendations for protecting yourself, such as installing designated software patches, enabling strong spam filters, performing regular and automatic virus and malware scans, and managing use of administrator accounts.
Providers are advised to notify law enforcement upon discovery of a WannaCry intrusion. US-CERT also lists steps to defend against ransomware generally, such as implementing data back-up and recovery plans, scrutinizing links in emails, refraining from opening attachments in unsolicited emails, downloading only trusted software, and enabling automated patches for operating systems and web browsers.
From the HHS Update issued 16 May 2017:
Where can I find the most up-to-date information from the U.S. government?
Healthcare and Public Health-directed Resources: