Summary of article from Morgan Lewis, by Amy M. Magnano, Michael J. Madderra, Roshni Edalur:
The Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory (CSA) to alert healthcare providers about phishing attacks and the associated tactics used by threat actors. The advisory emphasizes the importance of updating security measures, including the implementation of multi-factor authentication and enhanced IT Help Desk training to combat social engineering attacks. It also recommends securing remote access tools and testing security programs against outlined threat behaviors. The CSA provides specific indicators of compromise and suggests proactive steps to mitigate risks. Morgan Lewis offers guidance and best practices to help healthcare entities navigate these cybersecurity challenges.