HHS on May 15 released a third update for its "International Cyber Threat to Healthcare Organizations" guidance.
The new guidance — which is updated from its second version, which was released May 13 — includes links to additional cybersecurity resources. It also details how IT personnel in healthcare organizations can apply to InfraGard, a nonprofit affiliated with the FBI, to receive healthcare intelligence. InfraGard oversees the Cyber Health Working Group, which enables health IT personnel to collaborate to exchange threat information.
The document also restates its existing guidance on how an organization can request a scan of its public IP address from the National Cybersecurity Assessment & Technical Services, a program of the Department of Homeland Security's U.S. Computer Emergency Readiness Team. The scan assesses an organization's operational and business networks for external vulnerabilities and configuration errors to reduce cybersecurity risk.
If an organization is infected with ransomware, HHS recommends it contact a local FBI Field Office Cyber Task Force to report the incident and request assistance. The organization should also report the ransomware to U.S.-CERT, FBI's Internet Crime Complaint Center and HHS' Healthcare Cybersecurity and Communications Integration Center, according to the document.
Click here to view the full guidance.