Recent media coverage has highlighted the impact a ransomware related attack can have on a healthcare organization and, specifically, the disruption to operations and delivery of care.  It is predicted that ransomware attacks targeted at healthcare organizations will only continue to increase.

HITRUST CTX makes available an IOC feed which identifies Ransomware Domains during Deep-Web monitoring. This feed will show active Ransomware Payment domains (.onion address) as well as the most common gateways used by Ransomware actors to permit payments for individuals who have been infected.

Individuals with hits against IOC’s in this list should expect that a user’s machine has been infected with a ransom seeking malware. Leveraging this feed for early warning and containment can help reduce the potential of the malware spreading throughout the organization. As the domains are taken down, the feeds are automatically updated to reflect only current and active payment collection points.

The HITRUST CTX, powered by ThreatStream, enables the sharing of cyber threat indicators in standards-based formats, such as STIX / TAXII, or SIEM proprietary formats, to ensure the timely and efficient sharing and consumption of threat indicators. By having the intelligence fully integrated into the enterprise security infrastructure, organizations take a proactive and actionable approach to breach detection.

The goal of the HITRUST CTX is to improve the sharing of relevant and accurate cyber threat indicators between public and private organizations in the most efficient and timely manner possible.

A basic subscription to the HITRUST CTX is free of charge and provides organizations with access to an extensive amount of cyber threat indicators and intelligence. It also enables organizations to share and distribute the cyber threat indicators they are observing.

HITRUST is continuously evaluating ways to better serve the healthcare industry with regards to cyber threat preparedness, detection and response, and welcomes feedback on ways we can improve. Please send comments to feedback@hitrustalliance.net.

For a complete list of features by subscription level, or to discuss the various HITRUST CTX options, please contact us at 855-HITRUST or sales@HITRUSTalliance.net.