AHA warns of potential increase in Russian cyberthreats
Photo: Anete Lusina/Pexels
Amid reports of Russia's invasion of Ukraine this week, the American Hospital Association raised concerns about potential consequences for the healthcare industry, particularly regarding cybersecurity.
The organization pointed to wariness that Russia would retaliate against the United States and other countries in an effort to push forward with its objectives.
"As part of AHA’s efforts, John Riggi, the association’s national advisor for cybersecurity and risk, and a former senior executive in the FBI’s cyber division, remains in close coordination with the FBI, CISA and the Department of Health and Human Services regarding related threats which may pose a risk to U.S. health care," said the AHA in its cybersecurity advisory.
WHY IT MATTERS
The Russian government has issued warnings about "strong" and "painful" responses to President Joe Biden's sanctions against the country, saying it would target "sensitive" U.S. assets.
Although the country didn't go into details about what those responses would be, the AHA noted that Russia has used disruptive cyberattacks against Ukraine.
The association pointed to three main concerns for the field:
- Hospitals and health systems may be targeted directly by Russian-sponsored cyber actors.
- Hospitals and health systems may become incidental victims of Russian-deployed malware or destructive ransomware that inadvertently breaches U.S. healthcare entities.
- A cyberattack could disrupt hospitals’ mission-critical service providers.
It advised member organizations to implement several protection and mitigation strategies, including:
- Increasing network monitoring for unusual traffic.
- Heightening staff awareness of malware-laden phishing emails.
- Implementing geo-fencing for all inbound and outbound traffic originating from, and related to, Ukraine and its surrounding region, identifying all internal and third-party mission-critical clinical and operational services and technology, and putting into place business continuity plans and downtime procedures.
- Documenting, updating and practicing a cyber incident response plan.
THE LARGER TREND
National security experts, including federal legislators, have also warned about potential Russian cyberthreats.
Sen. Mark Warner, D-Virginia, told The Washington Post on Thursday that the country could target "the weaker links in NATO."
"Phase one is spillover Russian attacks against Ukraine, phase two would be Russian and cyber criminals' attacks against the West or NATO nations that have the least amount of cyber defenses," said Warner, who chairs the Senate Intelligence Committee.
This past week, the Cybersecurity and Infrastructure Security Agency released a bulletin warning organizations to keep "shields up" against possible attacks. The bulletin followed another alert in January as the situation heated up between Russia and Ukraine.
ON THE RECORD
"It is essential at this time to check the redundancy, resiliency and security of your organization’s network and data backups, and ensure that multiple copies exist: offline, network segmented, on-premises and in the cloud, with at least one immutable copy," said the AHA in its advisory.
Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.