Inside CHIME: List Gives Resources for Monitoring, Reporting Cyber Incidents


Inside CHIME - header

7.617 by Mari Savickis
VP of Federal Affairs, CHIME

Another cyberattack was launched in late June that affected hospitals in Pennsylvania and West Virginia as well as a pharmaceutical company in the United States. The attack, with some similarities to the WannaCry incident in May, started in the Ukraine and spread to Europe, Australia and elsewhere. The Department of Health and Human Services (HHS) also reported that “at least one support company that provides health records services is impacted which may impact the ability to enter information into patient charts and access clinical test results.”

Below are free cybersecurity resources for members for this and other cyber incidents.

For alerts:

To request a free scan of your public IP:

  • The US-CERT’s National Cybersecurity Assessment & Technical Services (NCATS) provides integrated threat intelligence and provides an objective third-party perspective on the current cybersecurity posture of the stakeholder’s unclassified operational / business networks. There is no cost to use this service. Contact US-CERT: [email protected].

 

For reporting a device vulnerability:

  • Call the Food and Drug Administration (FDA): 1-866-300-4374. Contact the FDA if you need to report a vulnerability impacting one of your devices. They have established an emergency hotline that can be used 24/7. Reports of impact on multiple devices should be aggregated on a system/facility level.

 

For reporting a cyber incident and law enforcement contacts:

  • DHS offers the US-CERT Incident Reporting System for a secure web-enabled means of reporting computer security incidents at us-cert.gov/forms/report. This system assists analysts in providing timely handling of security incidents as well as the ability to conduct improved analysis.
  • The Federal Bureau of Investigation (FBI) also urges victims to report ransomware incidents to the Internet Crime Complaint Center, at IC3.gov. This allows the agency to better understand threats.
  • The U.S. Secret Service has an Electronic Crimes Task Force. Those interested in help can locate their field office by going to secretservice.gov/investigation/#field.

 

For other breach resources:


More Inside CHIME Volume 2, No. 14: