The Cybersecurity and Infrastructure Security Agency and FBI Saturday urged U.S. organizations to take steps to detect and protect against two malware threats used against organizations in Ukraine that can destroy computer systems and render them inoperable. One, known as WhisperGate and identified by Microsoft, displays a fake ransomware note but destroys targeted data so they are not recoverable even if a ransom is paid. The other, known as HermeticWiper, targets Windows devices and manipulates the master boot record, which results in boot failure. 

“Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data,” the advisory notes. “Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.”

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “As indicated in the advisory, we are primarily concerned about unintentional collateral damage from these destructive malware threats, which may impact U.S. health care. It is noted that these malware variants are insidious as they may target and spread through common enterprise-level applications including those designed to maintain network security, such as patch management systems and anti-virus software. The malware can also spread rapidly through email and instant messaging without any command from the hackers. 

“This alert provides particularly detailed mitigation procedures, which we strongly recommend organizations review and implement to the best of their ability. It is critical at this time of heightened threat to ensure the security, redundancy and resiliency of network backups among the many risk mitigation procedures outlined. We expect the increasingly severe economic sanctions targeting Russia will increase the likelihood of cyber retaliation against the West by the Russian government, their allied criminal hacking groups and other nation-state adversaries.” 

For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org, and see the recent AHA Cybersecurity Advisory.  
 

Related News Articles

Headline
In a statement submitted to the Senate Health, Education, Labor and Pensions Committee for a hearing today on health care cybersecurity and patient privacy,…
Headline
Cyberattacks on hospitals are urgent threats to patient safety, care delivery and public trust. In this conversation, Ajay Gupta, board chair of Trinity Health…
Headline
The Food and Drug Administration yesterday released a safety notice announcing a software patch is available to address cybersecurity vulnerabilities in…
Headline
The Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center and the National Security Agency June 30 released a fact…
Headline
The Centers for Medicare & Medicaid Services today announced it has identified a fraud scheme targeting Medicare providers and suppliers. CMS said scammers…
Headline
The FBI, Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre June 4 released an advisory on updated actions and tactics used…