Nation State Cyber Threats Targeting Intellectual Property

Apr 24, 2018 - 09:32 AM by
John Riggi, National Advisor for Cybersecurity and Risk, AHA

Cybersecurity is at top of mind for many organizations that work diligently to protect their intellectual property (IP) and consumers, and with good reason. On April 16, 2018, the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) issued a technical bulletin indicating Russian state-sponsored actors were targeting network Infrastructure devices worldwide. The FBI has high confidence that Russian state-sponsored cyber actors are using the compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.

In addition, on March 23, 2018, the FBI announced the indictment of nine Iranians working on behalf of the Iran’s Islamic Revolutionary Guard Corps (IRGC) at the Mabna Institute in Iran. It is alleged these individuals used cyber tactics to steal data from 144 U.S.-based universities and 176 universities based in foreign countries. The FBI also issued a technical FLASH bulletin in relation to this cyber threat. The defendants targeted data across all academic disciplines including medical research. This cyber threat and the stolen information may have serious implications across all critical infrastructure sectors, including the health care field and locations where sensitive medical research is being conducted.

These cases serve as a reminder that all organizations must remain vigilant and ensure the proper cybersecurity procedures and controls are in place and practiced. While the stolen information may not retrievable, steps can be taken to mitigate the Mabna threat and other nation-state-sponsored cyber threats to academic medical centers, hospitals and health systems. This will help safeguard medical research and, most importantly, protect patients. Some of these mitigating procedures include:

  • Using lengthy, complex passwords
  • Limiting online contact information and presence, including social media presence of those organizations and individuals involved in conducting sensitive academic or medical research
  • Using multi-factor authentication for both work and personal email, remote network access and sensitive data base access
  • Using a separate public facing email, which is in no way similar in structure or connected to your internal organizational email—for those individuals involved in sensitive research who must have a public presence
  • Considering the practice of storing IP in network segmented, limited and monitored access, encrypted data bases
  • Knowing who else has access to and stores your IP—such as business associates, other researchers, vendors and law firms
  • Encrypting sensitive data at rest and in transit
  • Refraining from storing sensitive data and research via email
  • Having efficient and effective cybersecurity logging and incident alert capabilities
  • Refraining from clicking on a suspicious or unexpected email or link
  • Reviewing the included link to the FBI FLASH Bulletin for additional preventive measures recommended by the FBI

Adversarial nation states, like Iran and Russia, will continue to aggressively and broadly use cyber tactics and malware to steal sensitive intellectual property from the United States – targeting our government, private sector and academic community. By being vigilant and proactive, we can all play a part in preventing cyberattacks, which may threaten public health and safety, national security and economic security.

Related News Articles

Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
AHA trustees discuss future of rural care at Sanford Rural Health Summit
Members of the AHA Board of Trustees Oct.14 participated in a panel on the future of rural health care during the Sanford Rural Health Summit in Sioux Falls, S…
Chairperson's File
Chair File: Leadership Dialogue — Legislative Outlook and Health Care Advocacy with AHA Executive Vice President Stacey Hughes
Public
There is a saying that is very timely for our field: A smooth sea never made a skilled sailor. As we head into the final months of 2025, hospitals and health…
Headline
More Senate activity expected this week as shutdown enters third week; no formal negotiations occurring
The Senate returned to Capitol Hill today and is scheduled to hold its eighth vote on the House-passed continuing resolution, but is expected to fall short of…
Headline
AHA blog: 2025 Cybersecurity Year in Review, Part One — Breaches and Defensive Measures
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…
Perspective
Protecting Patients and Hospitals from Cyberattacks
Public
This week, the FBI issued an urgent warning to all users — including hospitals — of a critical security soft spot within Oracle’s E-Business Suite, stating “…