November’s Newsletter features:

  • ~ Fall Summit Virtual Platform Now Open (Take a look around)
  • ~ H-ISAC Board Election Results
  • ~ TOC Update
  • ~ Product and Services
  •  ~ Upcoming Virtual Events/Webinars

Pdf version:

November 2020


Text version:

Top 10 Health Related Cyber Events:

Ransomware Attacks Doubled in Q3 – Healthcare Sector Most Targeted

Six Russian Nationals Indicted for 2017 NetPetya Attacks 

Google Mitigated 2.54 Tbps DDoS Attack in 2017, Largest Known to Date

Iranian State Hacker Group Linked to Ransomware Deployments

Microsoft and Others Orchestrate Takedown of TrickBot Botnet

CISA: Emotet Increasing Attacks on US State, Local Governments

Over 247K Exchange Servers Unpatched for Actively Exploited Flaw

Chinese Malware Gang Defrauded Facebook Users of $4 Million

New York Calls for Federal Regulation of Social Media

72% of Organizations Faced Increase in IoT, Endpoint Security Incidents



H-ISAC Hybrid Fall Summit

All summit attendees can now interact with the summit’s virtual platform

Register now: rp=7990faa9-267f-49c0-acbc-f447891d339a.

You do not want to miss this invaluable opportunity to hear from your peers on mitigation strategies, lessons learned, trends and best practices in cybersecurity, the latest threats and so much more!

The Fall Summit features over 20 presentation created and presented by H-ISAC members on topics such as Segregation of Enterprise Active Directory Accounts, Understanding the Top Healthcare Third-Party Risk Trends, and Using a Malware’s TTP’s Against Itself: DLL Injection and Process Hollowing.

Check out the agenda for numerous other relevant and important sessions. You will be able to view these sessions in our virtual platform.

Special gift for our first 100 registered virtual attendees.

Earn extra points to spend on prizes at the Oasis Bazaar by:

  • Engaging this week on our virtual platform: Explore the platform, Visit the virtual exhibit hall, Customize your personal agenda
  • Becoming a new follower of H-ISAC on social media (see platform links on the bottom right corner of this newsletter.)


Board Election Results

Health-ISAC Board Election Results Congratulations to the three new and four re-elected board directors whose service will commence at the next board meeting in December:

Meredith Harper
Terry Rice
Brian Cincera
Adrian Mayers
Greg Barnes
Scott Morris
Anahi Santiago

We also extend our thanks and deep appreciation to outgoing board member Karl West (Intermountain) for his significant contributions and years of service to Health-ISAC.

To see the fully constituted board please visit



Recent Ransomware Activity Targeting the Healthcare Sector

CISA, FBI and HHS recommend joining H-ISAC as a Best Practice and Mitigation Strategy

US Department of Homeland Security (DHS-CISA), the FBI and US Department of Health and Human Services (HHS) released joint advisories on October 28 and 29 warning healthcare firms to take timely and reasonable precautions to protect their networks from suspected credible and imminent attacks. The advisories also recommended health sector organizations join Health-ISAC as a best practice and mitigation strategy.

Health-ISAC’s Threat Operations Center (TOC) issued several bulletins including the joint government alert, augmented with intelligence provided from Health-ISAC members and several intelligence partners in the US and UK. The TOC also worked with Health-ISAC’s Threat Intelligence Committee regarding the sector threat level and remains vigilant monitoring these threats. Many of the indicators of compromise have been shared through our automated feeds and in alerts. We are also currently alerting members about another threat. Please be sure to continue to monitor H-ISAC communications and the website for more information as it unfolds.



Don’t Miss Threat Intel Products from the TOC  — Sign Up for Cyware!

H-ISAC Members have a certain number of Cyware seats to be utilized based on the Tier the organization falls into.

Be sure to get set up with Cyware to continue access to products from our Threat Operations Center (TOC.) This platform will enable each member to be in control of which alerts and updates you wish to receive.

                     After December 2020, Threat Operations Center (TOC) products
will no longer be sent via email distribution lists.

Cyware has other neat capabilities as well – including a Member Directory, Alert Repository, Document Library, Quick Polling and Incident Submissions. Watch for Health-ISAC announcements about live webinars where we will demo the product and answer your questions.

NOTE: If you have been set up in OKTA via our Membership team, you will need to log into OKTA and click on the Cyware Tile to activate your account.

To get set up on Cyware, please contact Health-ISAC Membership Engagement.



(Virtual) Conference:
H-ISAC presenting at
 Medical Tourism in Croatia
12-13 November
Register here


(Virtual) Conference:
GCC eHealth
Workforce Development
H-ISAC will have a booth and 11/15 workshop
Patient Privacy, Information Governance and Cyber Security
Register here


Perch and Sharing Communities:
SIEM Customer Use Case for MDR
November 10th at 2:00pm EST
Register here


H-ISAC Navigator webinar
Benchmarking Digital Risk Factors in Healthcare by RiskRecon
November 12 at 2pm EST
Register here


H-ISAC Navigator webinar
Healthcare and Security:
Protect the Heart of Your Network by VMWare
November 19 at 12pm EST
Register here


H-ISAC Products & Services

H-ISAC and Perch Security offer a low-cost method for members to automate their threat intelligence. Now, you can also get a SIEM for one low cost.
Learn more or sign up for the upcoming webinar on November 10th (see Events)


Security Scorecard: You can now view and monitor how you are complying with regulatory frameworks for free. Get started with your free risk scoring solution today.


SAFE Identity is an industry consortium and certification body, supporting identity and cryptography in healthcare to enable trust, security, and user convenience.
Learn how you can become part of the solution with SAFE Identity.


Translate »