Fw: HPH Sector Cybersecurity Advisory Bulletin

 
From: "Eastern Virginia Healthcare CoalitionListserv" <evhc@PROTECTED>
Subject: Fw: HPH Sector Cybersecurity Advisory Bulletin
In-Reply-To: (no subject)
Date: June 24th 2025
Please see the Healthcare and Public Health Sector Advisory Bulletin from the Office of Cybersecurity and Infrastructure Protection (OCIP) within the U.S. Department of Health and Human Services' (HHS) Administration for Strategic Preparedness and Response (ASPR). 

This bulletin highlights the importance of heightened vigilance, security and preparedness within the nation's healthcare infrastructure due to the increased risk of cyber-attacks carried out by state sponsored actors to compromise critical systems within health systems. 

The links in the bulletin contain useful information and resources to assist in situational awareness , planning, response and mitigation resources.


 

Chris Leonard
Regional Healthcare Coordination Center (RHCC) Manager

E-mail: cleonard@PROTECTED

Office: 757-963-0632 x324 I Cell: 757-513-4709

Toll Free: 844-757-TEMS (8367) I Fax: 757-963-2325

RHCC Activation: 844-757-7422

 

Eastern Virginia Healthcare Coalition

Tidewater EMS Council, Inc.

1104 Madison Plaza, Ste 101, Chesapeake, VA 23320

www.TidewaterEMS.org

 

 


From: Moss, James (VDH) <James.Moss@PROTECTED>
Sent: Tuesday, June 24, 2025 10:01 AM
To: hospcoord (VDH) <hospcoord@PROTECTED>
Cc: rhawkins@PROTECTED <rhawkins@PROTECTED>; Allen, Matthew <mallen@PROTECTED>
Subject: Fw: HPH Sector Cybersecurity Advisory Bulletin

FYSA

James R Moss
State Hospital Coordinator
Office of Emergency Preparedness
Virginia Department of Health
804-864-7034 (O)
804-221-2919 (C)

From: Healthcare & Public Health Sector Alert <donotreply@PROTECTED>
Sent: Tuesday, June 24, 2025 9:55 AM
To: Moss, James (VDH) <james.moss@PROTECTED>
Subject: HPH Sector Cybersecurity Advisory Bulletin
 
ASPR Masthead

The Healthcare and Public Health Sector Advisory Bulletin

Cybersecurity Edition

June 24, 2025

The Healthcare and Public Health (HPH) Sector Advisory Bulletin is produced by the Office of Cybersecurity and Infrastructure Protection (OCIP) within the U.S. Department of Health and Human Services' (HHS) Administration for Strategic Preparedness and Response (ASPR).
 

Increased Risk of Cyber Threats Against Healthcare and Public Health Sector 

Due to rising geopolitical tensions, The Department of Health and Human Services (HHS) is encouraging sector partners to prepare for the likelihood of increased cyber-attacks against healthcare entities by reviewing their vulnerability management strategy and contingency planning as well as adopting a heightened cyber-defense posture. While there is no current evidence of specific targeting against Healthcare and Public Health (HPH) Sector organizations, we know that the sector has historically been the victim of cyberattacks from a wide range of cyber threat actors during periods of conflict.

Multiple U.S. government agencies, including the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Agency (CISA), and the Department of Defense Cyber Crime Center (DC3), have warned of an increasing risk of cyber threats against the HPH sector due to Iranian-based cyber actors. On 6/22/2025, The Department of Homeland Security (DHS) issued a National Terrorism Advisory System (NTAS) Bulletin amid the Israel-Iran conflict. The bulletin was effective immediately and is valid through 9/22/2025. The NTAS highlights that both hacktivists and Iranian government-affiliated actors routinely target poorly secured US networks and Internet-connected devices for disruptive cyber-attacks. Additionally, if Iranian leadership were to issue a religious ruling calling for retaliatory violence against specific targets in the Homeland, it could increase the likelihood that a supporter of the Iranian regime is inspired to commit an act of violence in the Homeland.  Relevant to this, two Joint Advisories have been issued: Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks and Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Nation-State threat actors, sympathetic hacking groups, ransomware groups, and other cyber threat actors seek to take advantage of known conflicts. Iranian government-affiliated cyber threat actors, in particular, have been known to utilize brute force methods, such as password spraying and multi-factor authentication (MFA) ‘push bombing’, to compromise networks and obtain credentials. Distributed Denial of Service (DDoS) attacks, spear phishing, exploiting publicly known vulnerabilities, and leveraging multiple open-source tools are also common tactics that have been observed. 

Due to the interconnected nature of the HPH sector infrastructure, all owners and operators of HPH infrastructure, regardless of size, should review their vulnerability management strategy and contingency planning. Recommended actions include access restrictions, implementation of intrusion detection systems, and regularly back up of critical assets. The Cybersecurity and Infrastructure Security Agency (CISA) Shields Up: Guidance for Organizations site highlights ways to adopt a heightened posture when it comes to cybersecurity and protection of critical assets.

Organizations are also encouraged to adopt a heightened cyber-defense posture for the wide range of potential cyberattacks including ransomware, data breaches, denial of service (DoS), and website defacement as well as potential attacks against IT systems, Operational Technology, call centers, and supply chains. Suggested actions organizations can take include implementing and reviewing your recovery plan; updating all operating systems, software, and firmware; validating internal network access; filtering network traffic; disabling unused ports; requiring multifactor authentication; and verifying the availability of your designated crisis-response team.

Sector partners are encouraged to be vigilant and continue to implement strong cyber hygiene practices to defend against threats to our nation’s healthcare system. HPH organizations can look to the Healthcare and Public Health (HPH) Sector Cybersecurity Performance Goals (CPGs) to implement cybersecurity protections against the most common tactics, techniques, and procedures used against this sector. Visit the HHS Cyber Gateway for more tools and information on the HPH CPGs. 
 

Subscribe to HPH Sector Bulletins

Did a colleague forward you this HPH Sector Bulletin? HPH Sector bulletins inform stakeholders about the most significant issues facing the sector including cybersecurity, medical supply chains, and more. If you are interested in receiving HPH Sector bulletins, visit the CIP bulletins subscription webpage.
 

Comments and Questions

If you have any additional questions, we encourage you to contact us at hhscyber@PROTECTED.
 

Traffic Light Protocol (TLP) Designation: CLEAR

TLP: CLEAR information may be distributed without restriction.

 
Disclaimer: ASPR provides the above sources of information for the convenience of the HPH Sector community and is not responsible for the availability or content of the information or tools provided, nor does ASPR endorse, warrant or guarantee the products, services or information described or offered. It is the responsibility of the user to determine the usefulness and applicability of the information provided. 
 
This email was sent by: Administration for Strategic Preparedness and Response
400 7th Street, SW, Washington, DC, 20024 US

Privacy Policy

Update Profile      Manage Subscriptions      
Caution: This email originated outside of Virginia's Regional EMS Councils. Do not click links or open attachments unless you recognize the sender and know the content is safe. If you are unsure, please forward this e-mail to it.team@PROTECTED.

rss/atom
Fw: For very wide release.
Index
[EVHC] TRAINING OPPORTUNITIES PART 2
  • This mailing list is a public mailing list - anyone may join or leave, at any time.

  • This mailing list is announce-only.

Eastern Virginia Healthcare Coalition (EVHC) Listserv

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only. Email addresses collected through this mailing list are used explicitly for the distribution of news from the Eastern Virginia Healthcare Coalition.

We only collect email addresses through our Closed-Loop Opt-In system. We don't use your email address for any other purpose. We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently. All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.

Go back to Tidewater EMS Council