*** H-ISAC Alert ***

Caution regarding spoofing activity surrounding Not Petya ransomware event

This information is marked TLP White; Subject to standard copyright laws. TLP: White information may be distributed without restriction.

*Any reproduction or reposting of this content requires proper credit/attribution to H-ISAC.

It is being reported that bad actors are attempting to gain credential access through phishing attempts claiming to be Government Agency entities helping to resolve vulnerabilities related to the ongoing campaign.

Organizations are reminded to verify the links and security certificates of any such email. Note that examples include [.com] vs [.gov] extensions on supposed agency websites.  Such phishing is not limited to using government agency spoofing.

• Related Resources & News
• Healthcare Heartbeat 2024 Q4
• Health-ISAC Hacking Healthcare 2-19-2025
• Podcast: Reflecting on the Change Healthcare cyberattack
• Senate Confirms Trump Pick RFK Jr. to Lead HHS
• The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
• Health-ISAC 2025 Health Sector Cyber Threat Landscape
• How Health Systems Manage Security in the Cloud
• Change Healthcare Attack a Wake-up Call for the Industry
• Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
• Health-ISAC Hacking Healthcare 2-11-2025