Perspective: Preparation is Key to Mitigating Cyberattacks

As Russia attempts to advance its political interests by its invasion of Ukraine through the use of its military, we have also seen stepped up cyberattacks attributed to Russia in recent days on major networks in Ukraine. This has experts worried that U.S. hospitals and health systems could wind up being significantly affected as collateral damage, accidentally or even by design. 

One scenario: a third-party service provider with connections to Ukraine is an inadvertent conduit of malware or other cyber mischief into stateside health care systems. It also is possible that Russia will choose to ratchet up its longstanding cyber warfare against the U.S. in retribution for economic or other sanctions put in place this week or give the green light to the multitude of ransomware gangs operating from Russia to target the west with impunity. While our attention is focused on Russia, other nation state cyber adversaries, such as China, Iran and North Korea, may see this an opportune time to strike.

Either way, cyber threats do not stop at water’s edge and care providers need to be on heightened alert during this tense time against malware or destructive ransomware that can penetrate U.S. health care, potentially disrupting patient care and putting entire systems at risk.
 
There are steps that health care providers of all types and sizes can take to reduce the likelihood of a damaging cyber intrusion, detect any suspicious activity quickly, prepare to respond if an intrusion occurs, and maximize resilience in the case of a destructive incident.  

These include:

1. Stay prepared. Experts strongly urge all hospitals and health systems to create an incident response plan and continuity of operations plan — for up to four to six weeks — so that mission critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline. 
    
2. Follow best practices. Ensure your organization is following the top strategies for protective controls and secure, resilient and redundant off-line backups, as well as multi-factor authentication and vulnerability management.
    
3. Increase vigilance. Stay on top of current cyber threats by taking advantage of the tools and tips available on AHA’s website, as well as federal law enforcement resources offered by the FBI, CISA and others. 

Over the past few years there has been an alarming increase in ransomware and other disruptive cyberattacks directed at hospitals and health systems that can interfere and delay care delivery and risk patient safety. 

Recently, the Cybersecurity and Infrastructure Security Agency warned that "every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety." 

Protecting the ability of hospitals and health systems to treat and serve their patients safely is a top AHA priority in 2022 and beyond.  

We’ll continue to assist in safeguarding health care services, data — and most importantly, patients — from cyberattacks while supporting efforts to increase government cybersecurity assistance and information sharing. 

It may not be possible to completely eliminate potential cyber threats in this tense geopolitical climate, but planning and foresight can go a long way to help blunt their impact should one occur.