The Department of Health and Human Services today alerted the health care and public health sector to an Oct. 24 ransomware attack against at least 20 news and real estate websites in Eastern Europe and Japan. The malware campaign, called “Bad Rabbit” after the first two words on the ransom page, redirected victims to a fake Adobe Flash player update that contained the ransomware. According to HHS, the attack does not seem to be targeting the United States or health care sector, although some U.S. entities were affected. Many major anti-virus companies started detecting and blocking the Bad Rabbit malware campaign by Oct. 25, the agency said. Precautionary measures to mitigate ransomware threats include ensuring anti-virus software is up to date and implementing a data backup and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location, HHS said. For additional resources to reduce and manage cyber risks, visit