The Department of Energy, Cybersecurity and Infrastructure Security Agency, National Security Agency and FBI yesterday recommended critical infrastructure organizations take steps to prevent malicious actors from accessing their industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices to disrupt critical functions in their operational technology network.

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “This alert, which includes intelligence from the NSA, warns us of a serious threat to operational technology that may be present in hospitals and in use by our mission-critical third parties. The disruption of mission-critical operational technology may directly or indirectly negatively impact health care delivery. This alert should be reviewed in the context of the recent FBI alert on the TRITON malware attributed to the Russian government, which also targets ICS and safety control systems. It is strongly recommended that hospitals identify mission-critical ICS/SCADA devices and systems; enforce multi-factor authentication on them; isolate them from internal and internet networks; and limit and closely monitor communications entering or leaving the ICS/SCADA perimeter.”
For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

Headline
The Cybersecurity and Infrastructure Security Agency July 1 announced the formation of a new advisory body intended to foster collaboration, coordination…
Headline
Leaders of the Five Eyes cybersecurity agencies, consisting of Australia, Canada, New Zealand, the United Kingdom and the United States, released a joint…
Headline
President Trump issued a memorandum June 12 on cybersecurity governance for national security systems used by federal agencies. The memo re-establishes and…
Headline
The Cybersecurity and Infrastructure Security Agency and other federal agencies released a fact sheet June 2 on malicious cyber activity targeting U.S.-based…
Headline
The FBI and international agencies have released an alert on Chinese military intelligence services using professional networking sites and online job…
Headline
The White House issued an executive order June 2 on cybersecurity efforts regarding artificial intelligence. The order instructs federal…