The Cybersecurity and Infrastructure Security Agency recently issued a rare "shields up" warning to the U.S. private sector, including healthcare, based on the increased cyber threat posed by the Russian government.
The healthcare industry has suffered from multiple cyberattacks in recent years, and according to a Feb. 23 AHA report, there are three main concerns.
Here are nine things to know, including the AHA's three concerns, about CISA's "shields up" warning:
1. Hospitals and health systems may be targeted directly by Russian-sponsored cyber actors.
2. Hospitals and health systems may become incidental victims or collateral damage of Russian-deployed malware or destructive ransomware that inadvertently penetrates U.S. healthcare entities.
3. A cyberattack could disrupt mission-critical service providers.
4. CISA Jan. 16 issued an advisory on destructive malware identified on networks in Ukraine and advised healthcare entities to take action to strengthen their networks against potential cyber threats.
5. The AHA and the Health Information Sharing and Analysis Center Jan. 14 issued a joint advisory strongly recommending organizations identify and consider blocking any direct or third-party business connections and email contacts based in Ukraine and that region of the world.
What healthcare leaders can do:
6. Emphasize staff awareness of the increased risk of receiving malware-laden phishing emails.
7. Implement geofencing for all inbound and outbound traffic originating from and related to Ukraine and its surrounding region.
8. Put into place four- to six-week business continuity plans and well-practiced downtime procedures in the event any mission-critical clinical and operational services and technology are disrupted by a cyberattack.
9. Check the redundancy, resiliency and security of network and data backups, and ensure that multiple copies exist: off-line, network segmented, on premises and in the cloud, with at least one unalterable copy.