Healthcare and Public Health Cybersecurity
ASPR Serves as the Sector Risk Management Agency for the Health Care and Public Health Sector to Protect Patient Health and Safety
#StopRansomware: Interlock
The Interlock ransomware group is aggressively targeting healthcare facilities. Read the full Interlock Cybersecurity Advisory from the FBI, CISA, HHS, and MS-ISAC to learn how you can protect your facility from the ongoing ransomware attacks.
Read the Advisory
The Healthcare and Public Health (HPH) sector continues to experience increasingly sophisticated cyberattacks that exploit complex, interconnected IT systems at hospitals and health care facilities. Nationwide, health care and public health IT infrastructures suffer from many common vulnerabilities: underfunded cybersecurity programs, vulnerable legacy systems, a growing need for skilled cybersecurity professionals, and network-connected medical technologies, including medical devices.
These cyberattacks against the HPH sector are growing both in numbers and severity, with the frequency of cyberattacks on hospitals and health systems more than doubling from 2016 to 2021. The HPH sector experienced a 42 percent increase in ransomware attacks in 2022 compared to 2021. The cost of an average health care data breach has reached $10.93 million, according to a report from IBM Security. That's an 8% jump from a year ago, when the average cost topped $10 million for the first time. In health care, cyber risks are patient risks - unlike other more typical industries impacted by cybersecurity threats (e.g., energy, finance), disruptions in health care could cost lives.
ASPR has worked with our partners in HHS, across the federal government, and with industry to develop resources to help hospitals and health care facilities protect themselves and their patient's from cyber attacks.
ASPR leads the HHS divisions and works with our public and private partners to provide guidance and support to help enhance cybersecurity for the health care and public health sectors.
Learn more about ASPR's role in cybersecurity
Subscribe to ASPR's
Cybersecurity Bulletins
Get information on cyber incidents, news, resources, engagement opportunities, and security updates sent right to your inbox.
Stay Informed. Subscribe Today.
Learn to Improve Cybersecurity and Cyber Defense
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Overview of HHS recommendations to help the health care and public health sectoraddress cyber threats.
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
This plan outlines a path for achieving two significant changes: the need for more capable actors in cybersecurity and the need to increase incentive to make investments in long-term resilience.
Focuses on the effects of a cyber incident on the health care operational environment; one that impacts the ability to effectively care for patients and maintain business practices and readiness during such an event. It covers many strategies and principles relevant to a range of cybersecurity incidents and health care facilities included disruptions associated with a large-scale cyberattack.
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
This resource highlights findings and issues affecting the cybersecurity resiliency of U.S. hospitals to better identify the biggest threats facing hospitals and assess their cybersecurity capabilities relative to commonly accepted cybersecurity practices.
Provides HPH Sector organizations interested in information sharing with a set of guidelines and best practices for efficient and effective information sharing.
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
An objective, data-driven all-hazards risk assessment for use by public and private organizations within the HPH sector to inform emergency preparedness planning, risk management activities, and resource investments. This tool enables the user to estimate the human, property, and business impacts to a facility that may result from 67 internal and external threats, including cyber threats.
Updated in 2022, this collection of resources can help stakeholders (including practitioners, facility executives, information technology professionals, and emergency managers) better protect against, mitigate, respond to, and recover from cyberattacks to ensure patient safety and operational continuity.
The 405(d) program has developed a tailored list of must-read resources for health care practitioners and IT professionals at health care organizations of all sizes. Just indicate your role and the size of your organization, and the 405(d) program will provide you with a customized list of resources to help you improve your organization's cybersecurity posture.
This tool for smaller to mid-sized health organizations is focused on supply chain cybersecurity risk management.
This checklist from the HHS Office of the National Coordinator for Health Information Technology (HHS/ONC/IT) helps separate fact from fiction.
HHS/ONC/IT provides its top ten tips for strengthening cybersecurity and provides information to help you get started on implementation.
