Cybersecurity

Cyber Threat Intelligence, Alerts and Reports

As part of the AHA鈥檚 commitment to helping hospitals and health systems prepare for and prevent cyber threats, we have gathered the latest government cyber threat intelligence and alerts and Health Information Sharing and Analysis Center (H-ISAC) reports.

You may be asked to enter your AHA member credentials to view certain reports and intelligence alerts.

Cybersecurity & Risk Advisory

Learn how AHA can help hospitals and health systems prepare for and mitigate cyber threats through the expertise of John Riggi, AHA鈥檚 National Advisor for Cybersecurity and Risk.

Learn More

H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, February 4, 2020
In this edition of Hacking Healthcare, we begin by examining a milestone in the integration of Artificial Intelligence/Machine Learning (AI/ML) into drug treatment development. Next, we brief you on new developments in Huawei鈥檚 ongoing saga to avoid a European ban and what it may mean for EU-US鈥
FBI TLP Alert
FBI TLP Alert

FBI Alert: CP-000118-MW TLP Green: YARA Rules to Identify Kwampirs Malware
On 06 January 2020, the FBI disseminated the FLASH message 鈥淜wampirs Malware Indicators of Compromise Employed in Ongoing Cyber Supply Chain Campaign Targeting Global Industries鈥 (CP-000111-MW). FLASH message CP-000111-MW provided indicators of compromise for the two identified modules of the鈥
Guides/Reports
Guides/Reports

Coronavirus Themed E-mail Phishing

Recently, malicious cyber threat actors have been leveraging the current news cycle to launch Coronavirus themed cyberattacks at their targets.
Headline
News

HHS alerts health sector to coronavirus-related phishing campaigns

Cyber criminals are using the 2019 novel coronavirus to launch malicious phishing campaigns, the Department of Health and Human Services鈥 Office of the Assistant Secretary for Preparedness and Response reported.
Guides/Reports
Guides/Reports

CISA Alert: AA20-031A: Detecting Citrix CVE-2019-19781
National Cyber Awareness System: AA20-031A: Detecting Citrix CVE-2019-19781<
FBI TLP Alert
FBI TLP Alert

FBI Flash: Unidentified Cyber Actors Exploit Citrix Vulnerability to Gain Access to Networks
      Beginning mid-January 2020, unidentified cyber actors have used a Citrix vulnerability, CVE-2019-19781, in an attempt to exploit hundreds of U.S. networks, to include private companies, educational institutions, healthcare-related infrastructure, and local and federal鈥
Other Cybersecurity Reports
Other Cybersecurity Reports

THE 405(d) Vol 3 POST Newsletter - January 2020
Cyber Security for the Small Medical Practice in Ten Minutes.
H-ISAC: White Reports
H-ISAC: White Reports

H-ISAC Report: Hacking Healthcare - TLP White, January 29, 2020
In this edition of Hacking Healthcare, we begin with an Idaho National Lab researcher that is shedding light on just how little we know about the threat of ICS (Industrial Control Systems) vulnerabilities.
Guides/Reports
Guides/Reports

HC3 Intelligence Briefing Zeppelin Ransomware - TLP White January 23, 2020
HHS Cybersecurity Program Office of Information Security - HC3 Intelligence Briefing: Zeppelin Ransomware
Headline
News

FDA alerts providers to cyber vulnerabilities in certain GE medical devices
The FDA alerted health care providers to cybersecurity vulnerabilities in certain GE Healthcare clinical information central stations and telemetry servers that may allow an attacker to remotely take control of these medical devices and silence, generate and interfere with alarms for connected鈥
Subscribe to Cybersecurity