Although the war is happening on the other side of the globe, U.S healthcare systems are on high alert. Cyberattacks have been on the rise, and the Russia-Ukraine conflict has only increased the risk of threats originating in Russia.
“The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned the U.S. hospitals that even though the war may be raging in distant Ukraine, danger is anything but remote. In the 21st century, warfare has moved beyond guns, bombs, and propaganda. Hence, arsenals of war now include malware, spyware, and all manner of informational weapons that can hurt if unchecked,” said James Spencer, data scientist at GlobalData. “Does this really matter to us though? We are safe, right? Absolutely not. It seems that Russia is just deploying every weapon at its disposal in the Ukraine war effort. In our highly interconnected world, it is very possible some malware could find its way across borders and into our incredibly vulnerable hospitals space. The WannaCry virus is still fresh in our minds from the havoc it wreaked on the U.S. healthcare network. However, that was done by a rogue group of cyber criminals. Hence, it becomes scarier now to imagine the level of damage a professional army could do.”
Issued last week, the CISA-FBI joint advisory, “Destructive Malware Targeting Organizations in Ukraine” describes malware (WhisperGate and HermeticGate) that is targeting organizations in Ukraine and aims to destroy computer systems and render them inoperable. Although CISA stated that there is currently no credible threat to the United States, it advised that companies boost their cybersecurity and take the following immediate actions:
- Enable multifactor authentication
- Conduct regular scans using anti-virus and anti-malware programs
- Use strong spam filters to prevent phishing emails from reaching end users
- Update software
- Filter network traffic
“In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, CISA has been working hand-in-hand with our partners to identify and rapidly share information about malware that could threaten the operations of critical infrastructure here in the U.S.,” said CISA Director Jen Easterly in an agency release. “Our public and private sector partners in the Joint Cyber Defense Collaborative (JCDC), international computer emergency readiness team (CERT) partners, and our long-time friends at the FBI are all working together to help organizations reduce their cyber risk.”