CISA, FBI and HHS warn of stepped up cybersecurity attacks on Healthcare

PARCA eNews – Dec. 10, 2020 – Increased cybersecurity activity targeting healthcare and public health agencies in the form of ransomware and malware attacks prompted a cybersecurity advisory from The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) in late October and early November.
The 22-page advisory provides technical details about the attacks, mitigations and best practices precautions for healthcare organizations to follow. The agencies noted that the cybercriminal enterprise behind TrickBot, which is likely also the creator of BazarLoader malware, has continued to develop new functionality and tools, increasing the ease, speed, and profitability of victimization. These threat actors increasingly use loaders—like TrickBot and BazarLoader (or BazarBackdoor)—as part of their malicious cyber campaigns.

The key findings of the the inter-agency assessment was that malicious cyber actors are targeting the HPH Sector with TrickBot and BazarLoader malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services. In addition, the agencies noted the added challenge of these threats as healthcare organizations cope with COVID-19 pandemic response.

The full joint cybersecurity advisory is available online.

Source: CISA press release