Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA鈥檚 commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA鈥檚 National Advisor for Cybersecurity and Risk.

Learn More

Guides/Reports
Guides/Reports

HC3 Threat Brief: Intelligence Briefing Remote Desktop Protocol Exploitation, TLP White November 21, 2019
Guides/Reports
Guides/Reports

H-ISAC Report: Hacking Healthcare - TLP White, December 3, 2019
In this edition of Hacking Healthcare, we give you an update on yet another case of cyber insurance falling short of covering an expected cost. We then explore the possibility of Iran creating a 鈥渨hite list鈥 for foreign websites. Finally, we discuss the potential impact of China stepping up鈥
FBI TLP Alert
FBI TLP Alert

FBI PIN 20191120-001 TLP Green: Risks of Using Unmanned Aircraft Systems
   
FBI TLP Alert
FBI TLP Alert

FBI PIN 20191119-001 TPL Amber: Cyber Actors Likely Targeting the Automotive Industry
   
FBI TLP Alert
FBI TLP Alert

FBI PIN 20191028-001 TLP Green: Unknown Cyber Actors Attempted to Exploit SQL Injection Vulnerabilities
    From October 2018 to July 2019, the FBI identified unknown cyber actors attempting to exploit multiple US cleared defense contractor (CDC) websites with two types of SQL injection attacks in an effort to steal database data. These methods of attack are likely indicative of鈥
FBI TLP Alert
FBI TLP Alert

FBI PIN 20191015-001 TLP Green: Denial of Service Caused by Unknown Cyber Actors鈥 Brute Force Attempts
    The FBI has recently observed brute force attempts against Office 365 accounts of US cleared defense contractors (CDCs). If accounts are successfully compromised, actors can conduct activities such as monitoring traffic, creating other accounts, or moving laterally across a company鈥
FBI TLP Alert
FBI TLP Alert

FBI PIN 20190917-001-TLP Green: Cyber Criminals Use Social Engineering and Technical Attacks
    The FBI has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks. This PIN explains these methods and offers mitigation strategies for organizations and entities using multi-factor authentication in their security鈥
Guides/Reports
Guides/Reports

THE 405(d) POST - November 21, 2019
In This Issue: A Word From the Task Group By: Lee Barrett, 405(d) Task Group Member HICP in the Spotlight: Ransomware Happening Around Us HHS Ransomware Resources 405(d) Events and Announcements Coming Soon: Social Media!
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, November 12, 2019
In this edition of Hacking Healthcare, we explore insider threats and the various ways they can negatively impact organizations. First, we analyze how the convergence of geopolitics and insider threats have led GitLab to consider banning individuals of certain nationalities from critical positions鈥
Guides/Reports
Guides/Reports

TLP White: PIN 20191107-001: Cyber Actors Leverage Subscription-based Commercial Databases, November 7, 2019
Summary: The FBI has observed cyber actors leveraging commercial databases to obtain victim targeting information to perpetuate Business Email Compromise (BEC) fraud against construction companies and their vendors.
Subscribe to Cybersecurity