Due to international incidents involving WannaCry ransomware infections, the U.S. Department of Health and Human Services (HHS) and U.S. Computer Emergency Readiness Team (US-CERT) released a series of alerts and informational resources throughout this week.
General recommendations for end-users in healthcare facilities:
- Only open emails from people you know and that you are expecting. The attacker can impersonate the sender, or the computer belonging to someone you know may be infected without his or her knowledge.
- Don’t click on links in emails if you weren’t expecting them — the attacker could camouflage a malicious link to make it look like it is for your bank, for example.
- Keep your computer and antivirus up to date — this adds another layer of defense that could stop the malware.
Recommendations regarding Remote Desk Protocol (RDP) services:
- If you do not need RDP, disable the service on the computer. There are several ways of doing this based on which version of Microsoft Windows you are using.
- If RDP is needed, only allow network access where needed. Block other network connections using Access Control Lists or firewalls, and especially from any address on the Internet.
Victims of ransomware attacks are encouraged by HHS to contact law enforcement immediately:
- FBI Field Office Cyber Task Force (ransomware event reporting and assistance)
- US-CERT (cyber incident monitoring)
- FBI's Internet Crime Complaint Center
- HHS’ Healthcare Cybersecurity and Communications Integration Center (analysis and health care-specific alert sharing)