Nation State Cyber Threats Targeting Intellectual Property

Apr 24, 2018 - 09:32 AM by
John Riggi, National Advisor for Cybersecurity and Risk, AHA

Cybersecurity is at top of mind for many organizations that work diligently to protect their intellectual property (IP) and consumers, and with good reason. On April 16, 2018, the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) issued a technical bulletin indicating Russian state-sponsored actors were targeting network Infrastructure devices worldwide. The FBI has high confidence that Russian state-sponsored cyber actors are using the compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.

In addition, on March 23, 2018, the FBI announced the indictment of nine Iranians working on behalf of the Iran’s Islamic Revolutionary Guard Corps (IRGC) at the Mabna Institute in Iran. It is alleged these individuals used cyber tactics to steal data from 144 U.S.-based universities and 176 universities based in foreign countries. The FBI also issued a technical FLASH bulletin in relation to this cyber threat. The defendants targeted data across all academic disciplines including medical research. This cyber threat and the stolen information may have serious implications across all critical infrastructure sectors, including the health care field and locations where sensitive medical research is being conducted.

These cases serve as a reminder that all organizations must remain vigilant and ensure the proper cybersecurity procedures and controls are in place and practiced. While the stolen information may not retrievable, steps can be taken to mitigate the Mabna threat and other nation-state-sponsored cyber threats to academic medical centers, hospitals and health systems. This will help safeguard medical research and, most importantly, protect patients. Some of these mitigating procedures include:

  • Using lengthy, complex passwords
  • Limiting online contact information and presence, including social media presence of those organizations and individuals involved in conducting sensitive academic or medical research
  • Using multi-factor authentication for both work and personal email, remote network access and sensitive data base access
  • Using a separate public facing email, which is in no way similar in structure or connected to your internal organizational email—for those individuals involved in sensitive research who must have a public presence
  • Considering the practice of storing IP in network segmented, limited and monitored access, encrypted data bases
  • Knowing who else has access to and stores your IP—such as business associates, other researchers, vendors and law firms
  • Encrypting sensitive data at rest and in transit
  • Refraining from storing sensitive data and research via email
  • Having efficient and effective cybersecurity logging and incident alert capabilities
  • Refraining from clicking on a suspicious or unexpected email or link
  • Reviewing the included link to the FBI FLASH Bulletin for additional preventive measures recommended by the FBI

Adversarial nation states, like Iran and Russia, will continue to aggressively and broadly use cyber tactics and malware to steal sensitive intellectual property from the United States – targeting our government, private sector and academic community. By being vigilant and proactive, we can all play a part in preventing cyberattacks, which may threaten public health and safety, national security and economic security.

Related News Articles

Headline
Senate negotiations ongoing as longest government shutdown in history continues
Senate negotiations on a potential funding deal to end the record-long government shutdown are ongoing, and the chamber is likely to continue working through…
Headline
Agencies release guidance on Microsoft Exchange server best practices
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners released joint guidance Oct. 30 on best practices for…
Headline
AHA supports House bill pausing home health cuts for two years 
The AHA expressed support Nov. 3 for the bipartisan Home Health Stabilization Act (H.R. 5142), legislation that would establish a two-year pause on planned…
Headline
Microsoft issues security update addressing critical vulnerability impacting Windows server services 
Microsoft has released a security update to address a critical remote code execution vulnerability impacting multiple versions of Windows Server Update…
Headline
Shutdown likely to continue into fifth week
There is still no clear end in sight to the government shutdown as today marks day 30 and is approaching the 35-day record that occurred in 2018-2019. Some…
Headline
AHA urges smarter AI regulation for advancing innovation, safety and access to health care
The AHA today submitted a letter to the Office of Science and Technology Policy in response to its request for information on regulatory reform for artificial…