AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks

The American Hospital Association (AHA) has released an advisory for healthcare organizations to maintain a proactive cybersecurity approach due to the increased threat of Russia after its invasion of Ukraine. 

The advisory states there is concern that Russia will retaliate with disruptive cyberattacks after the U.S. government and NATO allies "immediately responded to Russia's actions with a series of economic and military sanctions."

Read more: HIPAA compliant email: The definitive guide

Russia has previously used denial of service (DoS) attacks and other cyberattack strategies against Ukraine in an effort to disrupt the electrical grid, communication capabilities, and financial institutions prior to invading the country.

The AHA believes that the healthcare industry may be targeted due to "the Russian military’s previous behavior of utilizing cyber weapons in support of military actions against Ukraine; such behavior ultimately inflicted disruptive collateral damage to the U.S. healthcare system." 

For example, previous Russia military cyberattacks against Ukraine resulted in the release of NotPetya malware that eventually disrupted U.S. hospitals and major pharmaceutical and healthcare communications companies.

What does AHA recommend to protect healthcare organizations?

The Cybersecurity and Infrastructure Security Agency (CISA) recently released the "Shields Up" advisory for the U.S. private sector, including healthcare. The advisory states "Every organization—large and small—must be prepared to respond to disruptive cyber activity."

The advisory contains numerous resources, recommendations, and guidance for improving cybersecurity and resilience. The AHA also recommends taking the following actions:

• Share the advisory with your organization's IT and cyber infrastructure teams
• Review alerts and bulletins listed in the advisory for guidance on risk management procedures
• Increase network monitoring for unusual traffic or activity
• Train employees on cybersecurity awareness, especially malware-laden phishing emails
• Geo-fencing for all inbound and outbound traffic originating from, and related to, Ukraine and its surrounding region
• Put into place four-to-six week business continuity plans and well-practiced downtime procedures in the event that mission-critical clinical and operational services and technology are disrupted by a cyberattack
• Check the redundancy, resiliency and security of your organization’s network and data backups
• Fully document, update, and practice a cross-function, leadership level cyber incident response plan

How can Paubox help

Human error remains one of the biggest threats to a robust cybersecurity system. As the AHA advisory notes, it's critical that all employees are trained to recognize cyber threats like phishing emails. But social engineering and display name spoofing can make it difficult for an employee to recognize a cyberattack. 

Paubox Email Suite Plus can quarantine malicious emails from even entering your employees' inboxes. This minimizes the risk of employees mistakenly interacting with phishing emails, spam, ransomware, and viruses. 

Our robust inbound security tools include our patented ExecProtect which recognizes and blocks display name spoofing emails. DomainAge is another tool to quarantine emails from recently registered domain names.

Last but not least, zero trust security is implemented to provide an additional layer of authentication for your email security. Our HITRUST CSF certified software is HIPAA compliant and dedicated solely to helping healthcare providers keep their inbox secure.