The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is encouraging organizations to familiarize themselves with the growing threat of ransomware — malicious software that blocks access to a computer system until an amount of money (ransom) is paid — and to take steps to avoid the threat. HHS recently provided links to online government resources to help healthcare facilities protect their computer systems from the ransomware threat, including:
• Cybersecurity and Infrastructure Security Agency (CISA) ransomware guidance and resources.
• CISA ransomware guide.
• DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks.
• FBI ransomware webpage.
• FBI IC3 webpage for ransomware.
• National Institute of Standards and Technology Tips and Tactics for Dealing With Ransomware.
• HHS HC3 homepage.
• Ransomware threat flyer.
• Spotlight webinar — ransomware.
• Ransomware cyber awareness flyer.
• Ransomware Task Force: Combatting Ransomware Report.
• Software Engineering Institute resources for preparing and responding to ransomware.
The White House has issued a memo with recommended best practices for organizations to drive down their cyber security risks.