Skip to main content

Ransomware Alert: Cybercriminals Targeting Healthcare and Public Health Sector

By September 7, 2020February 19th, 2021Cyber Insurance

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. Due to this threat, CISA, FBI and HHS are asking healthcare providers to take timely and reasonable precautions to protect their networks from these threats. While the threat is imminent for hospitals and healthcare providers, cyberattacks on all business types have increased greatly in the remote work environment created by COVID-19.

Axis Insurance and the law firm of BakerHostetler recently provided these recommendations to follow in light of these potential attacks:

  • Establish and practice out of band, non-voice over internet protocol, communications
  • Rehearse IT lockdown protocol and process, including practicing backups.
  • Ensure backup of medical records, including electronic records and have a 321-backup strategy–have hard copy or remote backup or both
  • Expedite patching response plan within 24 hours
  • Prepare to maintain continuity of operations if attacked
  • Review plans within the next 24 hours should you be hit
  • Power down IT where not used
  • Consider limiting use of personal email
  • Be prepared to reroute patients
  • Ensure proper staffing for continuity
  • Know how to contact federal authorities when phones are down, or email has been wiped
  • Consider limiting/powering down non-essential internet facing IT services
  • Limit personal email services
  • Be prepared to re-route patients if patient care is disrupted due to IT outage
  • Ensure sufficient staffing to maintain continuity of operations with disrupted IT networks
  • Report all potentially related cyber incidents to the FBI 24/7 CyberWatch Command Center at 855-292-3937

For more information about this increased and imminent cyber threat, please read the attached joint cybersecurity advisory coauthored by CISA, FBI, and HHS. This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals to infect systems with ransomware for financial gain.

Please give your Rue Advisor a call at 609-586-7474, email us at, or reach out here to learn how more about how a cyber liability policy may help protect you and provide you with the resources you need to counter these emerging cybersecurity risks.

Scott Harrigan

About Scott Harrigan

Scott started his career in insurance in 1988 and joined Rue Insurance in 2004 as a Marketing Specialist focusing on creating effective risk financing and risk transfer programs for companies and non-profit organizations. In addition to this he is a member of the Rue Insurance educational team that provides ongoing professional development in critical insurance concepts and programs to Rue employees. About Scott | More Posts by Scott