AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks

Featured image

Share this article

American Hospital Association logo

The American Hospital Association (AHA) has released an advisory for healthcare organizations to maintain a proactive cybersecurity approach due to the increased threat of Russia after its invasion of Ukraine. 

The advisory states there is concern that Russia will retaliate with disruptive cyberattacks after the U.S. government and NATO allies “immediately responded to Russia’s actions with a series of economic and military sanctions.”

Read more: HIPAA compliant email: The definitive guide

Russia has previously used denial of service (DoS) attacks and other cyberattack strategies against Ukraine in an effort to disrupt the electrical grid, communication capabilities, and financial institutions prior to invading the country.

The AHA believes that the healthcare industry may be targeted due to “the Russian military’s previous behavior of utilizing cyber weapons in support of military actions against Ukraine; such behavior ultimately inflicted disruptive collateral damage to the U.S. healthcare system.” 

For example, previous Russia military cyberattacks against Ukraine resulted in the release of NotPetya malware that eventually disrupted U.S. hospitals and major pharmaceutical and healthcare communications companies.

What does AHA recommend to protect healthcare organizations?

The Cybersecurity and Infrastructure Security Agency (CISA) recently released the “Shields Up” advisory for the U.S. private sector, including healthcare. The advisory states “Every organization—large and small—must be prepared to respond to disruptive cyber activity.” The advisory contains numerous resources, recommendations, and guidance for improving cybersecurity and resilience.

 The AHA also recommends taking the following actions:

  • Share the advisory with your organization’s IT and cyber infrastructure teams
  • Review alerts and bulletins listed in the advisory for guidance on risk management procedures
  • Increase network monitoring for unusual traffic or activity
  • Train employees on cybersecurity awareness, especially malware-laden phishing emails
  • Geo-fencing for all inbound and outbound traffic originating from, and related to, Ukraine and its surrounding region
  • Put into place four-to-six week business continuity plans and well-practiced downtime procedures in the event that mission-critical clinical and operational services and technology are disrupted by a cyberattack
  • Check the redundancy, resiliency and security of your organization’s network and data backups
  • Fully document, update, and practice a cross-function, leadership level cyber incident response plan

How can Paubox help

Human error remains one of the biggest threats to a robust cybersecurity system. As the AHA advisory notes, it’s critical that all employees are trained to recognize cyber threats like phishing emails. But social engineering and display name spoofing can make it difficult for an employee to recognize a cyberattack. 

Paubox Email Suite Plus can quarantine malicious emails from even entering your employees’ inboxes. This minimizes the risk of employees mistakenly interacting with phishing emails, spam, ransomware, and viruses

Our robust inbound security tools include our patented ExecProtect which recognizes and blocks display name spoofing emails. DomainAge is another tool to quarantine emails from recently registered domain names. Last but not least, zero trust security is implemented to provide an additional layer of authentication for your email security.

Our HITRUST CSF certified software is HIPAA compliant and dedicated solely to helping healthcare providers keep their inbox secure.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022