Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA’s commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA’s National Advisor for Cybersecurity and Risk.

Learn More

HC3 Analyst Note
HC3 Analyst Note

HC3 Analyst Note TLP Green: Re-Emergence of Emotet Botnet Poses Threat to HPH Sector, July 27, 2020
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020.
HC3 Analyst Note
HC3 Analyst Note

Analyst Note: Re-Emergence of Emotet Botnet Poses Threat to HPH Sector
The Emotet botnet, administered by the cybercrime group TA542, emerged from a five-month hiatus on July 13, 2020. Emotet, the number one malware of 2019, infects new devices by enticing victims to execute malicious macros embedded in Microsoft Word documents. Once infected, the devices may be…
Other Cybersecurity Reports
Other Cybersecurity Reports

HC3 Threat Briefing TLP White – The Dark Web and Cybercrime

What is the Dark Web?
FBI TLP Alert
FBI TLP Alert

FBI Alert TLP White: Chinese Government-Mandated Tax Software Contains Malware, Enabling Backdoor Access.
The FBI seeks to inform US companies in the healthcare, chemical, and finance sectors of potential targeting activity by the Chinese government against their business and operational components based in China.
FBI TLP Alert
FBI TLP Alert

FBI PIN TLP White: Electronic Logging Device Cybersecurity and Best Practices
Cyber criminals could exploit vulnerabilities in electronic logging devices (ELDs), which became required equipment in most commercial trucking operations as of 16 December 2019 due to a federal regulatory mandate.
FBI TLP Alert
FBI TLP Alert

FBI Flash TLP White: Indictment of Chinese Cyber Actors associated with the Ministry of State Security (MSS)
The US Department of Justice (DOJ) indicted two People’s Republic of China (PRC) cyber actors for stealing hundreds of millions of dollars’ worth of trade secrets, intellectual property, and other high-value information from biotechnical, commercial, and government victims in the United States and…
HC3 Analyst Note
HC3 Analyst Note

HC3 Analyst Note TLP Green: Thanos Ransomware Now Using RIPlace Anti-Ransomware Evasion Technique July 21, 2020
Thanos ransomware, first noted in January 2020, is unremarkable apart from the RIPlace anti-ransomware evasion technique that is available as one of its paid-for features.
Headline
News

AHA leader offers ransomware preparedness tips
Ransomware attacks on hospitals are “threat-to-life crimes” because they directly threaten a hospital’s ability to provide patient care, writes John Riggi, AHA senior advisor for cybersecurity and risk.
HC3 Sector Alert
HC3 Sector Alert

HC3 Sector Alert TLP White Cybersecurity Vulnerabilities of Interest to The Health Sector July 20, 2020
In recent days, a significant number of vulnerabilities in common information systems relevant to the healthcare sector have been disclosed to the public. These vulnerabilities are from Microsoft, Adobe, Oracle, Cisco and Google, as well as others.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, July 15, 2020
This edition of Hacking Healthcare explores the full scope of China’s intelligence gathering operations against healthcare entities in the United States and its allies in the wake of COVID-19 and outlines some practical and inexpensive ways to boost security.
Subscribe to Cybersecurity