The U.S. Department of Health and Human Services (HHS) became aware of a significant cyber security issue in the UK and other international locations affecting hospitals and healthcare information systems. There is also evidence of this attack occurring inside the United States.
HHS is working with their partners across government and in the private sector to develop a better understanding of the threat and to provide additional information on measures to protect healthcare systems. There is a strong recommendation that healthcare entities continue to exercise cyber security best practices - particularly with respect to email.
Contacts at HHS have recommended that organizations review the following alert from US-CERT that provides information about a patch: https://www.us-cert.gov/ncas/alerts/TA16-091A. HHS colleagues also urge any facilities that believe they have been impacted to file a complaint through this site: https://www.ic3.gov/default.aspx Reports such as these are critical to investigations of ongoing attacks such as this one.
Access PCEPN alert here - https://t.co/E1z6q4o2CE