CISA: Organizations should review Microsoft malware warning

Jan 18, 2022 - 04:08 PM
cybersecurity-confrerence

The Cybersecurity & Infrastructure Security Agency Sunday advised U.S. critical infrastructure organizations to review a Microsoft blog on malware identified in Ukraine and take action to strengthen their networks against potential cyber threats. The Microsoft Threat Intelligence Center Saturday reported evidence of destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government. The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable. 

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “As we have seen in the past, destructive malware targeting the Ukraine can spread rapidly across the globe. It is again strongly recommended to assess any direct, 3rd party business associate connections and email contacts in the Ukraine and that region of the world. Consider blocking such connections. Although, geo-fencing for all inbound and outbound traffic related to Ukraine and that region may help mitigate direct cyber risk presented by this threat, it will have limited impact in reducing indirect risk, in which the malware transits through other nations, proxies and third parties. Thus, increased monitoring of networks and incident-response preparedness is also strongly recommended.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org

Related News Articles

Headline
Agencies issue guidance on secure connectivity for operational technology
U.S. and international agencies Jan. 14 released guidance on secure connectivity for operational technology environments. Examples of OT environments in health…
Headline
AHA expresses support for bill improving cybersecurity workforce in rural hospitals
The AHA Jan. 14 expressed support for the Rural Hospital Cybersecurity Enhancement Act (S. 2169), legislation that would direct the Department of Health and…
Headline
FBI warns of attacks by North Korean cyber threat group using malicious QR codes
The FBI Jan. 8 released an alert on evolving threat tactics by Kimsuky, a North Korean state-sponsored cyber threat group. As of last year, the group…
Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
Agencies warn of state-sponsored cyberattacks from Russia, China
U.S. and international agencies are warning of potential cyberattacks on health care and other critical infrastructure from state-sponsored cyber actors in…
Headline
CISA alerts of critical vulnerability impacting free program used for building user interfaces 
A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and Infrastructure Security Agency’s…