Agencies alert organizations to two destructive malware threats

Feb 28, 2022 - 02:06 PM
oig-fda-cybersecurity

The Cybersecurity and Infrastructure Security Agency and FBI Saturday urged U.S. organizations to take steps to detect and protect against two malware threats used against organizations in Ukraine that can destroy computer systems and render them inoperable. One, known as WhisperGate and identified by Microsoft, displays a fake ransomware note but destroys targeted data so they are not recoverable even if a ransom is paid. The other, known as HermeticWiper, targets Windows devices and manipulates the master boot record, which results in boot failure. 

“Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data,” the advisory notes. “Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.”

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “As indicated in the advisory, we are primarily concerned about unintentional collateral damage from these destructive malware threats, which may impact U.S. health care. It is noted that these malware variants are insidious as they may target and spread through common enterprise-level applications including those designed to maintain network security, such as patch management systems and anti-virus software. The malware can also spread rapidly through email and instant messaging without any command from the hackers. 

“This alert provides particularly detailed mitigation procedures, which we strongly recommend organizations review and implement to the best of their ability. It is critical at this time of heightened threat to ensure the security, redundancy and resiliency of network backups among the many risk mitigation procedures outlined. We expect the increasingly severe economic sanctions targeting Russia will increase the likelihood of cyber retaliation against the West by the Russian government, their allied criminal hacking groups and other nation-state adversaries.” 

For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org, and see the recent AHA Cybersecurity Advisory.  
 

Related News Articles

Headline
Agencies urge health sector to protect against ransomware threat 
The FBI, Cybersecurity & Infrastructure Security Agency, and Department of Health and Human Services yesterday recommended actions to reduce the risk of…
Headline
Agencies alert organizations to Iranian-sponsored cyber threat
The Cybersecurity & Infrastructure Security Agency and FBI today advised organizations to protect VMware Horizon servers from a Log4Shell…
Headline
CISA encourages OpenSSL users to deploy security update
The Cybersecurity & Infrastructure Security Agency encourages OpenSSL users and administrators to upgrade to version 3.0.7 to patch two high-severity…
Headline
HHS releases video on documenting recognized HIPAA security practices
The Department of Health and Human Services’ Office for Civil Rights yesterday released a video on recognized security practices under the HIPAA security…
Headline
HHS: Apply critical OpenSSL security patch as soon as deployed Nov. 1
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highly recommends all health sector organizations immediately…
Headline
Agencies urge action to protect against ransomware gang
The FBI, Cybersecurity and Infrastructure Security Agency and Department of Health and Human Services today alerted U.S. organizations to a cybercrime group…