Action needed: New ransomware targeting health care

October 30, 2020  //  FOUND IN: Updates & Resources

Please be advised that a new cyber threat targeting the health care and public health sector has been identified and everyone’s help is needed to defend against it.  

The new ransomware is distributed through phishing emails, and is designed to infect systems for financial gain, data theft and disruption of health care services.

Our line of defense against these attacks includes EVERYONE! 

Here is how you can help defend against this latest threat:

Utilize cyber safety best practices

Email safety best practices include:

  • Stop, think, review, report — the time this takes is immensely less than the time it takes to recover from a threat turned successful.
    • Stop when reading email, DO NOT immediately react or click.
    • Think about the source and topic of the email 
      • Is the email unexpected or out of the blue?
      • Does the email seem off or out of place, based on the source?
      • Is the email encouraging you to click links to unfamiliar websites?
    • Review links WITHOUT clicking
      • Hover over the links to see the URL to look for a suspicious address 
      • Be familiar with common website URLs (U-M level 1 and level 2 password login, FedEx, UPS, Amazon, etc.)
      • Search in your browser for the company or organization being represented by the email and see if it matches the link.
    • Report (immediately) anything suspicious or out of place (URLs seem inconsistent, email has strong emotion to take action, normal processes are being avoided, etc.)
      • Use the Report Phishing button, or
      • Immediately contact the Service Desk if you have fallen victim to a phishing email.


Phishing emails have no limits to their topics or approaches to getting you to fall victim. We are our own worst enemy when we immediately react by clicking a link or downloading a file. 

Some examples to topics or approaches:

  • Messages from what appear to be well-known organizations or companies, such as: Fedex, UPS, Amazon, department stores, banks, etc.
  • Donation requests
  • Messages about account-related information
  • Asking for your permission to run or execute a task on your computer

University of Michigan and Michigan Medicine information is public knowledge, which makes it easy to send phishing emails specifically targeted for your role or position.

Do not keep digital or email signatures on public websites — these can be used in phishing attempts.

Whenever possible, DO NOT click links; a quick browser search about the topic or sender could save you from falling victim. 

More information is available on Safe Computing: