Skip to main content
Sign In

An official website of the United States government

U.S. Department of Health & Human Services

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Healthcare and Public Health Cybersecurity

ASPR Serves as the Sector Risk Management Agency for the Health Care and
Public Health Sector to Protect Patient Health and Safety

#StopRansomware: Black Basta

HHS, along with the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC), has released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. This advisory provides tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by Black Basta ransomware affiliates, identified through FBI investigations and third-party reporting. Black Basta is a ransomware-as-a-service (RaaS) variant first discovered in April 2022. 


It has targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, across North America, Europe, and Australia. The advisory urges organizations to implement the provided mitigations to reduce the risk and impact of Black Basta and other ransomware incidents.

 Read the Advisory

The Healthcare and Public Health (HPH) sector continues to experience increasingly sophisticated cyberattacks that exploit complex, interconnected IT systems at hospitals and health care facilities. Nationwide, health care and public health IT infrastructures suffer from many common vulnerabilities: underfunded cybersecurity programs, vulnerable legacy systems, a growing need for skilled cybersecurity professionals, and network-connected medical technologies, including medical devices. 

These cyberattacks against the HPH sector are growing both in numbers and severity, with the frequency of cyberattacks on hospitals and health systems more than doubling from 2016 to 2021. The HPH sector experienced a 42 percent increase in ransomware attacks in 2022 compared to 2021. The cost of an average health care data breach has reached $10.93 million, according to a report from IBM Security. That’s an 8% jump from a year ago, when the average cost topped $10 million for the first time. In health care, cyber risks are patient risks – unlike other more typical industries impacted by cybersecurity threats (e.g., energy, finance), disruptions in health care could cost lives.

ASPR has worked with our partners in HHS, across the federal government, and with industry to develop resources to help hospitals and health care facilities protect themselves and their patient’s from cyber attacks.

ASPR leads the HHS divisions and works with our public and private partners to provide guidance and support to help enhance cybersecurity for the health care and public health sectors.

Learn more about ASPR's role in cybersecurity

       Subscribe to ASPR's
     Cybersecurity Bulletins

Get information on cyber incidents, news,
resources, engagement opportunities, and
security updates sent right to your inbox.

   alert icon Stay Informed. Subscribe Today.  

                       More alerts:
   Health Sector Coordination Center
               405(d) Mailing List

Learn to Improve Cybersecurity and Cyber Defense

                  

CISA CyberSecurity Adivsory
#StopRansomware:
Black Basta

Cybersecurity Icon

This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.







Learn More

cisa Alert: CISA and Partners Release
Advisory on Black BASTA
 Ransomware

Cybersecurity Icon

CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.


Learn More

joint cybersecurity advisory
#stopransomware:
black basta

 Cybersecurity Icon

These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.





Learn More

Plan:
Version 2 of the national
cybersecurity strategy 
Implementation Plan

Cybersecurity Icon

Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) outlines actions the Federal Government is taking to improve U.S. national cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.



Learn More

Fact Sheet:
Version 2 of the
National cybersecurity strategy
 implementation plan

Cybersecurity Icon

This next phase of the NCSIP follows the progress to date and displays the Administration’s commitment to transparency and accountability as the National Cybersecurity Strategy is implemented. Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.



Learn More

HPH
Cybersecurity
Performance Goals
 (CPG)

Cybersecurity Icon

These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.




Learn More

Health care Sector Cybersecurity:
Introduction to the Strategy
of the U.S. Department of Health And Human Services

Cybersecurity Icon

 Overview of HHS recommendations
to help the health care and
 public health sectoraddress
cyber threats.








Learn More

Health Care and
PublicnHealth sector
 cybersecurity framework implementation guide

Cybersecurity Icon

Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.


Learn More

Health industry cybersecurity practices: Managing threats and protecting patients
(hicp 2023 ed.)

Cybersecurity Icon

Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.


Learn More

national
cybersecurity strategy
implementation plan
 (2023)

Cybersecurity Icon

 This plan outlines a path for achieving
two significant changes: the need
for more capable actors in cybersecurity
and the need to increase incentive
to make investments in long-term resilience.






Learn More

health care system cybersecurity: readiness and response 
considerations

Cybersecurity Icon

Focuses on the effects of a cyber incident on the health care operational environment; one that impacts the ability to effectively care for patients and maintain business practices and readiness during such an event. It covers many strategies and principles relevant to a range of cybersecurity incidents and health care facilities included disruptions associated with a large-scale cyberattack.



Learn More

Health industry cybersecurity protection of innovation
capital

Cybersecurity Icon

With a focus on Innovation Capital  protection, this resource can help
security and risk practitioners protect their systems at any stage of their information protection program’s maturity.







Learn More

Health industry cybersecurity
tactical crisis response
guide

Cybersecurity Icon

With a focus on Innovation Capital  protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program’s maturity.








Learn More

Hospital Cyber
Resiliency Landscape
Analysis

Hospital icon

This resource highlights findings and issues affecting the cybersecurity resiliency of U.S. hospitals to better identify the biggest threats facing hospitals and assess their cybersecurity capabilities relative to commonly accepted cybersecurity practices.






Learn More

health industry cybersecurity
information sharing
best practices

Cybersecurity Icon

Provides HPH Sector organizations interested in information sharing
with a set of guidelines and
best practices for efficient
and effective
information sharing.







Learn More

security risk
assessment
tool

Hospital icon

This risk assessment tool helps your organization ensure it is compliant with HIPAA’s administrative, physical, and technical safeguards. It also helps reveal areas where your organization’s protected health information could be at risk. Designed for medium and small providers.






Learn More

risc toolkit 2.0:
the risk identification and site criticality toolkit

Cybersecurity Icon

An objective, data-driven all-hazards risk assessment for use by public and private organizations within the HPH sector to inform emergency preparedness planning, risk management activities, and resource investments. This tool enables the user to estimate the human, property, and business impacts to a facility that may result from 67 internal and external threats, including cyber threats. 



Learn More

aspr tracie:
health care
cybersecurity

Cybersecurity Icon

Updated in 2022, this collection of resources can help stakeholders (including practitioners, facility executives, information technology professionals, and emergency managers) better protect against, mitigate, respond to, and recover from cyberattacks to ensure patient safety and operational continuity.





Learn More

Tailored
top reads from
405(D)

Cybersecurity Icon

The 405(d) program has developed a tailored list of must-read resources for health care practitioners and IT professionals at health care organizations of all sizes. Just indicate your role and the size of your organization, and the 405(d) program will provide you with a customized list of resources to help you improve your organization’s cybersecurity posture.



Learn More

health industry cybersecurity
supply chain risk management
guide v2.0

Cybersecurity Icon

This tool for smaller to mid-sized health organizations is focused on supply chain cybersecurity risk management.










Learn More

top 10
myths of security risk
analysis

Cybersecurity Icon

This checklist from the HHS Office of the National Coordinator for Health Information Technology (HHS/ONC/IT) helps separate fact from fiction.









Learn More

Top 10
Tips for cybersecurity in
Healthcare

Cybersecurity Icon

HHS/ONC/IT provides its top ten tips for strengthening cybersecurity and provides information to help you get started on implementation. 









Learn More