Health-ISAC President and CEO Denise Anderson gave expert testimony to
U.S. Senate Committee on Health, Education, Labor and Pensions in a full
Committee hearing about Cybersecurity in the Health and Education Sectors
Access recorded session here:
https://www.help.senate.gov/hearings/cybersecurity-in-the-health-and-education-sectors
Some snippets from Denise Anderson’s testimony from May 18, 2022:
In 2022, to date, Health-ISAC has engaged in five major activities of note.
The first is the publishing of the first annual Health-ISAC report on the Current and Emerging Healthcare Cyber Threat Landscape in both TLP GREEN and TLP WHITE versions. The report features survey results on member threat perspectives, as well as top issues from 2021 and a look ahead into 2022 (https://h-isac.org/health-isacs-first-annual-current-and-emerging-healthcare-cyber-threat-landscape-executive-summary/).
The second is the publishing of the 2021 Health-ISAC Annual Report (https://h-isac.org/2021-annual-report/).
Third, the ISAC held several webinars, produced alerts and briefings, and published a joint bulletin with the Health Sector Cybersecurity Coordination Center (HC3), part of the Department of Health and Human Services (HHS), regarding the geopolitical tensions in Russia. The ISAC emphasized several messages to the sector that resulted from Classified briefings conducted by the White House, Cybersecurity and Infrastructure Security Agency (CISA), and its partners and stood up a working group of members directly impacted by the situation so that they could share challenges, issues, and best practices with each other.
Fourth, Health-ISAC worked on another pre-public vulnerability disclosure with CISA and CyberMDX/Forescout on Access: 7 vulnerabilities found in PTC Axeda agenda and Axeda Desktop server.
Fifth, in April 2022, Health-ISAC worked with Microsoft and others to take down the Zloader malware family, one of the most notorious cybercrime operations responsible for ransomware attacks against hospitals in the United States and around the world. The takedown was accomplished through coordinated legal and technical actions and disrupted massive botnets using the Zloader malware family, striking a major blow against cybercriminal operators using Ransomware, such as Ryuk, to extort victims.
With the seizing of hundreds of domain names used by the Zloader malware to remotely command and control victim computers, Microsoft will use the intelligence gained from this takedown to partner with Law Enforcement, Internet Service Providers and Computer Emergency Response Teams around the world to help remediate infected computers, making the Internet safer for consumers and businesses worldwide. Together, these aspects of the operation are expected to undermine the criminal infrastructure that relies on these botnets every day to make money and helps to provide new tools for the industry to work together to proactively fight cybercrime.
At Health-ISAC, our mission is much bigger than the ISAC. We believe building a stronger community both inside and outside of the sector leads to better patient care and a healthier world.