Health Sector Cybersecurity Coordination Center (HC3)

HC3 alerts shed light on two popular healthcare cyberattack tactics

March 26, 2024 - The HHS Health Sector Cybersecurity Coordination Center (HC3) released two sector alerts recently, each highlighting a different cyber threat tactic that bad actors may use to facilitate healthcare cyberattacks. Both tactics, email bombing and credential harvesting, are not new or emerging threat tactics. Rather, they are tried-and-true strategies...

Read More


More Articles

Akira Ransomware Aggressively Targets Healthcare, HC3 Warns

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about Akira ransomware, a group that has been active since at least May 2023. In its short tenure, Akira has conducted...

Threat Actors Abuse ScreenConnect Access to Target Healthcare

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert to warn healthcare organizations of recent threat actor activity involving the abuse of ScreenConnect, a widely used...

HC3 Explores Open-Source Software Risks in Healthcare Sector

by Jill McKeon

Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...

HC3 Warns Healthcare Sector of Persisting Emotet Malware Threats

by Jill McKeon

The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...

BlackSuit Ransomware Is Credible Threat to Healthcare Cybersecurity, HC3 Says

by Jill McKeon

HC3 issued an analyst note regarding BlackSuit ransomware, a relatively new group that appears to be similar to the Royal ransomware family and its notorious predecessor, Conti ransomware. HC3 warned...

HC3 Urges Healthcare Sector to Update SolarWinds Following Vulnerability Disclosure

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) urged the sector to prioritize monitoring and upgrading SolarWinds systems following a series of cybersecurity vulnerability...

HC3 Sheds Light On QR Code-Based Phishing as Threat to Healthcare Cybersecurity

by Jill McKeon

The Health Sector Cybersecurity Coordination Center’s (HC3) latest white paper examined the risks of “quishing,” or QR code-based phishing attacks. The growing popularity of quick...

HC3 Details ServiceNow Cybersecurity Vulnerability, Potential Impacts on Healthcare

by Jill McKeon

A cybersecurity vulnerability in ServiceNow, a cloud computing platform, may allow unauthenticated users to extract data from records, a cybersecurity researcher discovered in mid-October. The Health...

NoEscape Ransomware Emerges, Targeting Healthcare

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note regarding NoEscape ransomware, a new threat to healthcare and other industries. Although just two healthcare victims...

HC3 Details North Korean, Chinese Cyber Threats to Healthcare Sector

by Jill McKeon

The US healthcare sector has long faced cyber threats from all directions, from insider threats to foreign state-sponsored adversaries. In its latest threat brief, the HHS Health Sector Cybersecurity...

Lazarus Threat Group Targets Healthcare With ManageEngine Vulnerability

by Jill McKeon

The Lazarus Group, a North Korean state-sponsored cyber threat group, has been actively targeting healthcare entities and internet backbone infrastructure in Europe and the US, the Health Secor...

HC3 Warns Healthcare of Akira Ransomware Group

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about Akira ransomware group, which has claimed more than 60 victims across multiple sectors, including healthcare,...

Rhysida Ransomware Emerges as Latest RaaS Threat Group

by Jill McKeon

Rhysida ransomware group is the latest threat group to target victims around the world and publish stolen files online, the Health Sector Cybersecurity Coordination Center (HC3) warned in a threat...

How Threat Actors Leverage AI to Advance Healthcare Cyberattacks

by Jill McKeon

The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief regarding artificial intelligence (AI) and the threats it may pose to healthcare cybersecurity. As AI continues to advance,...

SEO Poisoning Attacks Increase Across Healthcare

by Jill McKeon

The Health Sector Cybersecurity Coordination Center’s (HC3) latest analyst note details the threat of search engine optimization (SEO) poisoning, which is increasingly being used against the...

HC3 Advises Healthcare Sector to Prioritize Cyber Defense Against FIN11

by Sarai Rodriguez

Amidst a surge of cybersecurity threats, the Health Sector Cybersecurity Coordination Center (HC3) has spotlighted a new one, FIN11, a cybercriminal collective originating from the Commonwealth of...

HC3 Guidance Explores Cyber Threat Actors Targeting Healthcare

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued an educational brief regarding the types of cyber threat actors that target healthcare. Learning the motivations and tactics of these...

Cybersecurity Vulnerability in MOVEit Transfer Software Poses Threat to Healthcare

by Jill McKeon

A critical cybersecurity vulnerability (CVE-2023-34362) in Progress Software’s MOVEit Transfer software may result in privilege escalation and unauthorized access if exploited, the Health Sector...

HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software

by Jill McKeon

The Health Sector Cybersecurity Coordination Center’s (HC3) latest alert details the growing trend of threat actors targeting a known vulnerability in Veeam Backup & Replication (VBR)...

Recent Articles