The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory that warns organizations that the destructive malware used against Ukraine "may unintentionally spill over to organizations in other countries."
The warning is clear, malware targeting Ukraine could impact U.S. healthcare. In the days prior to Russia's invasion of Ukraine, threat actors released two variants of destructive malware to destroy computer systems and render them inoperable.
Read more: HIPAA compliant email: the definitive guide
The first malware variant detected is WhisperGate. It is disguised as ransomware and corrupts a system's master boot record, display a fake ransom demand, and encrypt certain files.
Microsoft notes that targeted data is destroyed and not recoverable, even if the victim pays the ransom.
Malware targeting Ukraine could impact U.S. healthcare
HermeticWip is the other malware variant. The Health Sector Cybersecurity Coordination Center (HC3) warns that it is a "very destructive malware" that was deployed in Ukraine, Latvia, and Lithuania.
Read more: To pay or not to pay for stolen data
It targets Windows devices and manipulates the boot record and causes boot failure. "Destructive malware presents a direct threat to an organization’s daily operations. They impact the availability of critical assets and data," states the advisory.
It is essential that organizations increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.
SEE ALSO: AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks
What can healthcare providers do to protect their organizations?
The advisory makes several recommendations for organizations to increase their cyber resilience. The steps to take today include:
- Conduct regular scans with antimalware and antivirus software
- Enable strong email filters to prevent phishing emails from reaching inboxes
- Filter network traffic
- Keep software updated
- Requiremulti-factor authentication.
"Destructive malware may use popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from websites, and virus-infected files downloaded from peer-to-peer connections. Malware seeks to exploit existing vulnerabilities on systems for quiet and easy access," the advisory states.
Cybercriminals take numerous paths to infiltrate your network. Organizations should prepare for all the possibilities.
How Paubox can help
Paubox Email Suite Plus quarantines malicious emails before it enters your employees' inbox. Subsequently, it reduces the risk of human error leading to a cyberattack.
Our HITRUST CSF certified software makes it easy for healthcare providers to send HIPAA compliant email while implementing robust inbound email security.
It's also easy for your employees to use since it can seamlessly integrate with popular email providers like Google Workspace and Microsoft 365. This means you don't need patient portals or complicated security procedures to keep your inbox secure from email threats.
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.