CISA: Organizations should review Microsoft malware warning

Jan 18, 2022 - 04:08 PM
cybersecurity-confrerence

The Cybersecurity & Infrastructure Security Agency Sunday advised U.S. critical infrastructure organizations to review a Microsoft blog on malware identified in Ukraine and take action to strengthen their networks against potential cyber threats. The Microsoft Threat Intelligence Center Saturday reported evidence of destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government. The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable. 

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “As we have seen in the past, destructive malware targeting the Ukraine can spread rapidly across the globe. It is again strongly recommended to assess any direct, 3rd party business associate connections and email contacts in the Ukraine and that region of the world. Consider blocking such connections. Although, geo-fencing for all inbound and outbound traffic related to Ukraine and that region may help mitigate direct cyber risk presented by this threat, it will have limited impact in reducing indirect risk, in which the malware transits through other nations, proxies and third parties. Thus, increased monitoring of networks and incident-response preparedness is also strongly recommended.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org

Related News Articles

Headline
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part two of a recent blog, AHA National Advisor for Cybersecurity and Risk John Riggi and AHA Deputy National Advisor for Cybersecurity and Risk Scott Gee…
AHA Cyber Intel
2025 Cybersecurity Year in Review, Part Two: Mitigating Third-Party Risk, Ensuring Clinical Continuity and Addressing AI Risk
In part one of this blog, we reviewed the number of cyberattacks the health care field endured this year compared to last; provided an overview of the lessons…
Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
AHA blog: 2025 Cybersecurity Year in Review, Part One — Breaches and Defensive Measures
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…
Perspective
Protecting Patients and Hospitals from Cyberattacks
Public
This week, the FBI issued an urgent warning to all users — including hospitals — of a critical security soft spot within Oracle’s E-Business Suite, stating “…
Headline
HSCC launches toolkit to strengthen essential health care services and prevent cyberattacks
The Health Sector Coordinating Council Oct. 7 released its Sector Mapping and Risk Toolkit, created to help health care providers and other organizations…