AHA to hospitals: Be prepared for attack from Russian cyber hackers

by A.J. Plunkett (aplunkett@decisionhealth.com)

The American Hospital Association (AHA) is amplifying a federal warning for hospitals and other organizations to be on the lookout for hackers attempting to infiltrate computer systems as part of “Russian state-sponsored malicious cyber activity.”

In a recent blog post, the AHA said that the FBI and Cybersecurity and Infrastructure Security Agency (CISA) had released a joint cybersecurity advisory to warn that hackers had gained network access to some organizations by exploiting default multifactorial authentication (MFA) protocols and a known vulnerability of a Windows print spooler.

The FBI and CISA is urging all organizations to take several counteractions, including:

  • Enforce MFA for all users, without exception, and ensure it is properly configured to protect against “fail open” and re-enrollment scenarios
  • Implement time-out and lock-out features
  • Disable inactive accounts uniformly in active directory, MFA, etc.
  • Update software, prioritizing known exploited vulnerabilities
  • Monitor network logs continuously for suspicious activity
  • Implement security alerting policies

The CISA has more information available on its Russia Cyber Threat Overview and Advisories webpage.

This is the second time the AHA has forwarded a warning to hospitals about possible cybersecurity problems related to the Russian invasion of the Ukraine. 

Found in Categories: 
Cybersecurity & Technology

More Like This