Alert: Recent Cybersecurity Threats Impacting Healthcare June 20, 2023

Written by MSDC Staff

Physicians and the healthcare sector are often targets of scams, ranging from cyberattacks and ransomware to email and phone scams. Just because it is summer, now is no time to relax. In fact, MSDC has heard of several ongoing security threats and scams and encourages doctors to be on guard.

The Health Sector Cybersecurity Coordination Center (HC3), which was created by the Department of Health and Human Services, has issued an alert to the healthcare and public health sector regarding FIN11, a Russia-linked cybercriminal group that is behind multiple high-profile, widespread campaigns leveraging zero-day vulnerabilities. CLOP is a ransomware frequently used by FIN11, and CLOP ransom demands typically range from a few hundred thousand dollars up to $10 million. A Threat Actor Profile recommends that “healthcare organizations consider FIN11 a top priority for their security teams.”

Email and phone scams are one way that hackers break through security systems. MSDC has been notified of recent incidents of scammers impersonating government officials. DC providers should be wary of calls or emails claiming to be from DEA officials and DC Health officials requesting payment or personal identifiable information. The DEA states on its website that DEA personnel will only notify people of a legitimate investigation or legal action in person or by official letter. DC Health warns healthcare professionals to beware of phishing calls claiming to be from DC Health that seek money.  

Although scams change and evolve over time, most share the following key characteristics:

  • Using an urgent or aggressive tone
  • Demanding payment in the form of wire transfers or gift cards
  • Warning that inaction could lead to arrest, prosecution, or revocation of a license

Please make note of these threats to ensure a safe, secure, and enjoyable summer.