Several IHA member hospitals and health systems across upstate New York have been the victim of recent ransomware and cybersecurity attacks.

This morning, IHA participated in a conference call conducted by the Federal Bureau of Investigation (FBI), Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) to review a Joint Cybersecurity Advisory on ransomware targeting the healthcare sector, which was distributed to hospitals today by the New York State Department of Health (DOH).

The call outlined preventative steps and mitigation strategies for these types of attacks and is summarized in this resource document, highlighting:

  • Technical details of the threat the tactics, techniques, and procedures (TTPs);
  • Indicators of compromise by Trickbot malware and Ryuk ransomware;
  • Recommended mitigation measures, network best practices, ransomware best practices, and user awareness best practices.

For more information or to address any concerns, please contact Andrew Jewett, Director of Emergency Preparedness Initiatives at or (315) 410-6470.