Attivo Networks Blogs

How Russia-Ukraine Is Intensifying Healthcare Cyber Worries

Threats involving the Russia-Ukraine war are exacerbating cybersecurity pressures on healthcare sector entities in the U.S. and globally, according to John Riggi, national adviser for cybersecurity and risk at the American Hospital Association and Carolyn Crandall, chief security advocate at Attivo Networks, who explain why.

Among the biggest worries for U.S. hospitals right now is the threat of destructive wiper malware and related attacks by Russian-backed actors aimed at the Ukraine spreading “uncontrollably” across the globe – and inadvertently striking U.S. healthcare or mission-critical third-party providers, Riggi says in an interview with Information Security Media Group.

Similar incidents have occurred before, he points out, most notably in the 2017 NotPetya ransomware attack.

“The Russian military GRU launched the very destructive malware variant NotPetya against the Ukraine, and that digital virus spread globally like a biological virus out of control and infected any organization that came into contact with it,” he says.

The attack affected a range of organizations across the world, including U.S. pharmaceutical company Merck and medical transcription vendor Nuance Communications. It ultimately disrupted care by providers across the country and affected many hospitals, Riggi says.

Other heightened threats tied to the Russia-Ukraine conflict involve cybercriminal organizations that have been provided “safe harbors” by the Russian government – including the Conti ransomware group, which has been very active in its attacks on U.S. hospitals and other segments of the healthcare sector, he says.

‘Unprecedented Times’

Indeed, the level and depth of threats facing the healthcare sector are of extreme concern, Crandall says in the same interview with ISMG.

“It is really unprecedented times. We have our day-to-day threats, and healthcare providers are really challenged,” she says. “Healthcare is a very distributed and unique environment. It’s not just a typical business network, but medical networks, people working remotely, remote care … a lot of legacy equipment … so many factors,” she says.

“Attackers are finding a lot of creative ways of getting in … They’re looking at identities and coming in as imposters and finding ways to escalate their privileges inside the network … to gain access to critical infrastructure,” she says. “And now you have Russia-Ukraine on top of everything.”

In the interview, Riggi and Crandall also discuss:

  • Security challenges that are putting healthcare sector entities most at risk;
  • Top identity issues, including human versus nonhuman machine identities;
  • Pandemic-related security challenges still facing healthcare sector entities.

Riggi is national adviser for cybersecurity and risk at the American Hospital Association, which has more than 5,000 member hospitals in the U.S. He previously served for 30 years in the FBI in a variety of leadership roles, including as representative to the White House Cyber Response Group. He also was a senior representative to the CIA, serving as the national operations manager for terrorist financing investigations.

Crandall is chief security advocate at security vendor Attivo Networks, which is in the process of being acquired by security automation firm SentinelOne. She has worked for over 30 years with enterprise infrastructure companies, including holding leadership positions at Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate.

Read the original article by Marianne Kolbasuk McGee on Healthcare Info Security.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published.

thirteen + seventeen =

Ready to find out what’s lurking in your network?

Scroll to Top