HHS warns hospitals to safeguard against LockBit 2.0 ransomware

Anthony Vecchione | | Health Exec | Policy & Regulations

The ransomware application Lockbit 2.0 poses a significant cyberthreat to hospitals and other healthcare organizations, according to an alert issued by the HHS Office of Information Security.

In a Feb. 7 report, HHS revealed that there are “indicators of compromise associated" with LockBit 2.0 ransomware.”

“Although the LockBit 2.0 cybercrime gang claims to not attack healthcare organizations, all ransomware continues to act as a major cyberthreat against the U.S. Healthcare and Public Health (HPH) Sector. It is extremely important to both know and apply the information included in this Flash (alert),” HHS said in the notification.

The alert comes in the wake of a similar warning by the FBI published Feb. 4.

“LockBit 2.0 ransomware compromises victim networks through a variety of techniques, including, but not limited to, purchased access, unpatched vulnerabilities, insider access, and zero-day exploits,” according to the FBI alert.

HHS recommends that organizations reduce their attack surface as much as possible by taking the following steps:

  • Utilize the included indicators of compromise in your threat hunting and detection programs.
  • Use multi-factor authentication and strong passwords.
  • Establish a robust data backup program.
  • Consider signing up for CISA’s cyber hygiene services.

Anthony Vecchione

Related Content

Report: 44% of adults in the U.S. are uninsured or underinsured
Texas AG sues hospital for $10K after off-duty police barred from carrying guns
Cardiologists reflect on developing primary PCI in face of criticism and pushback
PBMs sue FTC for alleged Fifth Amendment violation
FDA issues Class I alert on Philips ventilators after 4 injuries
Trump selects Emmy-winning TV personality Dr. Oz to head CMS

Around the web

Cardiovascular Business
Q&A: MedAxiom CEO explores key trends in cardiologist, cardiovascular surgeon compensation

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

Cardiovascular Business
Payment cuts and beyond: Key takeaways for cardiologists from the 2025 Medicare Physician Fee Schedule

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

AI in Healthcare
A modest proposal to rally AI regulators around a simple game plan

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”