Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More
Dec 13, 2022
APT5 has demonstrated capabilities against Citrix® Application Delivery Controller™ (ADC™) deployments (“Citrix ADCs”).
Sep 16, 2021
AHA can help hospitals and health systems prepare for and mitigate cyber threats with John Riggi, a recognized expert, as a powerful resource.
Feb 8, 2023
HSCC shared their first HSCC CWG publication of 2023 - a white paper titled: “Health Industry Cybersecurity-Artificial Intelligence Machine Learning (HIC-AIM)” – an overview and discussion of 9 cybersecurity considerations for the implementation of A.I. in a clinical and enterprise environment.
Feb 8, 2023
Hear how Children’s National Hospital in Washington, D.C., developed a system allowing hospital staff members to protect patient safety in the event of a broad-based ransomware or malware attack. LISTEN NOW 
Feb 8, 2023
A new white paper from the Healthcare and Public Health Sector Coordinating Council (HSCC), a public-private partnership to mitigate risks to the sector, outlines nine cybersecurity concerns for artificial intelligence use in the clinical and enterprise environment and approaches to address them
Feb 8, 2023
Children’s National Hospital in Washington, D.C., has developed a system-wide “off” switch that staff can activate if it is clear that the hospital has come under a broad-based ransomware or malware attack.
Feb 6, 2023
On February 3, 2023, the French Computer Emergency Response Team (CERT-FR) identified a campaign targeting CVE-2021-21974, a security flaw impacting VMWare ESXi servers to deploy a new ransomware strain, identified as ESXiArgs ransomware. CERT-FR reported several compromises of VMWare ESXi…
Feb 6, 2023
n January 2023, vulnerabilities to the health sector have been released that require attention. This includes the monthly Patch Tuesday vulnerabilities released by several vendors on the second Tuesday of each month, along with mitigation steps and patches.
Feb 6, 2023
On January 27, pro-Russian hacktivists operating on cybercriminal forums threatened to demolish attack the networks of medical institutions in the United States, United Kingdom, and abroad.  The threats were purported to be a response to new aid packages providing security assistance for Ukraine.
Feb 6, 2023
A daily ransomware tracker as TLP:GREEN for purposes of increasing ransomware threat awareness.