U.S. and international cybersecurity authorities this week released additional guidance to help health care and other critical infrastructure leaders defend their networks from Volt Typhoon, a People’s Republic of China state-sponsored group that has been pre-positioning itself on U.S. networks to disrupt critical services in the event of increased geopolitical tensions or conflict with the U.S. and its allies. 

“This bulletin is as much for CEOs as it is for CIOs and CISOs,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “In this alert, the federal government clearly warns us that the Chinese government, through its cyber proxies, is preparing to disrupt the U.S. critical infrastructure we all depend upon, should military conflict erupt with the U.S. and our allies. Health care leaders may want to evaluate and empower development of robust contingency plans for business and clinical continuity should external energy, water, transportation or communications systems be disrupted. Understanding cyber risk as enterprise risk and global strategic risk will help individual organizations prepare for highly disruptive cyberattacks, including those that target mission-critical third parties. Dynamic third-party risk management programs and at least annual cyber table-top exercises are strongly recommended in this heightened cyber threat environment." 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
Two Administration officials April 14 discussed how the federal government is working with hospitals and other parts of the health care sector to defend…
Headline
Sen. Ron Wyden, D-Ore., expressed to AHA members frustration with the Change Healthcare cyberattack, which he believes jeopardized patients and their personal…
Headline
The Change Healthcare cyberattack was a significant event that caught many off guard, said the Centers for Medicare & Medicaid Services Administrator…
Headline
“Even before the recent Change Healthcare cyberattack that has left some hospitals fronting millions of dollars in extra costs, a perfect storm of complex…
Headline
The Centers for Disease Control and Prevention April 11 updated its strategy to improve data exchange with health care organizations and other public health…
Headline
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) April 5 released an advisory on the top 10 ransomware groups…