HHS alerts health sector to monkeypox-themed phishing campaign

Sep 20, 2022 - 03:14 PM
aha-medicaid-data-900x400

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday alerted the sector to a monkeypox-themed phishing campaign targeting health care providers. The alert recommends organizations implement certain protective actions.

“This alert reminds us that our cyber adversaries, foreign-based criminal gangs and hostile nation-state intelligence services, continue to prey on our culture of care by sending phishing emails based upon current urgent health care issues,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “These insidious emails targeting well-intentioned health care workers lure the recipients to click on malicious links, download malware and provide credentials, ultimately leading to the theft of patient data or hospital funds. Last week, the FBI issued an alert identifying a scheme in which stolen employee credentials were being used to divert and steal millions of dollars in hospital funds. In this multi-faceted and complex cyber threat environment, multi-factor authentication, phishing tests and verbal authentication for payment instruction changes are essential.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

Related News Articles

Headline
AHA-supported cybersecurity bill introduced in House
AHA yesterday thanked Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Pa., for introducing a House companion to the Healthcare Cybersecurity Act (S.3904/H.…
Blog
Proofpoint Press Release on Cybersecurity Survey does a Disservice to Health Care Providers
A survey released in early September from Proofpoint, Inc., and the Ponemon Institute, on cybersecurity in health care raises important issues but appears to…
Headline
CDC issues monkeypox infection control advisory for clinicians 
The Centers for Disease Control and Prevention yesterday recommended clinicians adhere to all recommendations to prevent monkeypox transmission in health care…
Headline
FDA reports potential cybersecurity risk with insulin pump system
The communications protocol for the Medtronic MiniMed 600 Series Insulin Pump System could allow an unauthorized person to access the pump to deliver too much…
Headline
FBI: Cyber criminals targeting health care payment processors  
Cyber criminals are increasingly targeting health care payment processors to redirect payments intended for health care providers to accounts they control,…
Headline
Study suggests monkeypox risk ‘very low’ for exposed health care workers
Only seven of 313 Colorado health care personnel exposed to monkeypox patients this May through July developed symptoms and none developed monkeypox during the…