What The White House Urges You to Do to Protect Against the Threat of Ransomware

Mary Madison, RN, RAC-CT, CDP
Clinical Consultant – Briggs Healthcare

On June 2, 2021, the Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology issued a 3-page letter to Corporate Executives and Business Leaders with the same title/subject as this blog.   Below are some key excerpts from that letter:

  • Federal Government is stepping up to do its’ part, working with like-minded partners around the world to disrupt and deter ransomware actors. These efforts include disrupting ransomware networks, working with international partners to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies towards ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds.
  • All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location. But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy. Much as our homes have locks and alarm systems and our office buildings have guards and security to meet the threat of theft, we urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat.
  • To understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.

Additional Resources:

FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks (May 12, 2021)

CISA Ransomware Guidance and Resources

Below are a variety of resources that you can use to keep your healthcare facility protected from ransomware attacks:

·  CISA Ransomware Guide

·  DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks

·  FBI Ransomware Webpage

·  FBI IC3 Webpage for Ransomware

·  NIST’s Tips and Tactics for Dealing with Ransomware

·  HHS HC3 Homepage

·  405(d) Ransomware Threat Flyer

·  405(d) Spotlight Webinar- Ransomware

·  405(d) Ransomware Cyber Awareness Flyer

·  Ransomware Task Force: Combatting Ransomware Report

·  Software Engineering Institute Resources for Preparing and Responding to Ransomware

In addition to these materials, the HHS Office for Civil Rights’ Fact Sheet: Ransomware and HIPAA provides further information for entities regulated by the HIPAA Rules.