Cybersecurity
Cyber Threat Intelligence, Alerts and Reports
As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.
You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.
Cybersecurity & Risk Advisory
Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.
Headlines
Threat Level raised to Yellow (Elevated)
On December 15, 2020, the Health-ISAC Threat Intelligence Committee (TIC) evaluated the current Cyber Threat Level and has raised the Threat Level to Yellow (Elevated) due to ongoing threats and the recent SolarWinds breach impacting fewer than 18,000…
Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware® Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication. VMware released a patch for the Command Injection Vulnerability captured in CVE-…
In an alert this week, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) reminded health care providers and researchers to patch any vulnerabilities in their Picture Archiving Communication Systems that could expose patient records to unauthorized…
Picture Archiving Communication Systems (PACS) are widely used by hospitals, research institutions, clinics and small healthcare practices for sharing patient data and medical images. In 2019, researchers disclosed a vulnerability in these systems that if exploited could potentially expose patient…
The Hospital Robocall Protection Group (HRPG), a federal advisory committee, met today to present a report to the Federal Communications Commission recommending best practices that voice service providers, hospitals, and federal and state governments can follow to prevent unlawful robocalls from…
The agenda for the Hospital Robocall Protection Group Virtual Meeting held at the Federal Communications Commission, Washington, DC, Monday, December 14, 2020, 10:00 a.m. – 12:30 p.m. (EST).
A Federal Communications Commission advisory panel this week recommended best practices for voice service providers, hospitals, and federal and state governments to prevent unlawful robocalls from disrupting communications in hospitals.
Today’s Headlines:
Leading Story
Microsoft to Quarantine Compromised SolarWinds Binaries Today
Data Breaches & Data Leaks
Nothing to Report
Cyber Crimes & Incidents
Ransomware Attack Causing Billing Delays for Missouri City
Vulnerabilities & Exploits
Today’s Headlines:
Leading Story
Nearly 18,000 SolarWinds Customers Installed Backdoored Software
Data Breaches & Data Leaks
Spotify security vulnerability exposed personal data to business partners
Cyber Crimes & Incidents