*** H-ISAC Alert ***

Caution regarding spoofing activity surrounding Not Petya ransomware event

This information is marked TLP White; Subject to standard copyright laws. TLP: White information may be distributed without restriction.

*Any reproduction or reposting of this content requires proper credit/attribution to H-ISAC.

It is being reported that bad actors are attempting to gain credential access through phishing attempts claiming to be Government Agency entities helping to resolve vulnerabilities related to the ongoing campaign.

Organizations are reminded to verify the links and security certificates of any such email. Note that examples include [.com] vs [.gov] extensions on supposed agency websites.  Such phishing is not limited to using government agency spoofing.

• Related Resources & News
• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
• New Cybersecurity Policies Could Protect Patient Health Data
• CyberWire Podcast: PHP flaw sparks global attack wave
• Health-ISAC Hacking Healthcare 3-14-2025
• HSCC Aiming to Identify Healthcare Workflow Chokepoints
• New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
• Are Efforts to Help Secure Rural Hospitals Doing Any Good?
• CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
• 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
• Cobalt Strike takedown effort cuts cracked versions by 80%