Malware targeting Ukraine could impact U.S. healthcare

Featured image

Share this article

Image of open laptop and big speakers, screen shows random binary code in blue tint

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory that warns organizations that the destructive malware used against Ukraine “may unintentionally spill over to organizations in other countries.” The warning is clear, malware targeting Ukraine could impact U.S. healthcare.

In the days prior to Russia’s invasion of Ukraine, threat actors released two variants of destructive malware to destroy computer systems and render them inoperable. 

Read more: HIPAA compliant email: the definitive guide

The first malware variant detected is WhisperGate. It is disguised as ransomware and corrupts a system’s master boot record, display a fake ransom demand, and encrypt certain files. Microsoft notes that targeted data is destroyed and not recoverable, even if the victim pays the ransom.

Malware targeting Ukraine could impact U.S. healthcare

Read more: To pay or not to pay for stolen data

HermeticWip is the other malware variant. The Health Sector Cybersecurity Coordination Center (HC3) warns that it is a “very destructive malware” that was deployed in Ukraine, Latvia, and Lithuania. It targets Windows devices and manipulates the boot record and causes boot failure.

“Destructive malware presents a direct threat to an organization’s daily operations. They impact the availability of critical assets and data,” states the advisory.  It is essential that organizations increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event.

SEE ALSO: AHA warns Russia’s invasion of Ukraine could lead to U.S. healthcare cyberattacks

What can healthcare providers do to protect their organizations?

The advisory makes several recommendations for organizations to increase their cyber resilience. The steps to take today include:

“Destructive malware may use popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from websites, and virus-infected files downloaded from peer-to-peer connections. Malware seeks to exploit existing vulnerabilities on systems for quiet and easy access,” the advisory states.

Cybercriminals take numerous paths to infiltrate your network. Organizations should prepare for all the possibilities.

How Paubox can help

Paubox Email Suite Plus quarantines malicious emails before it enters your employees’ inbox. Subsequently, it reduces the risk of human error leading to a cyberattack. Our HITRUST CSF certified software makes it easy for healthcare providers to send HIPAA compliant email while implementing robust inbound email security. 

It’s also easy for your employees to use since it can seamlessly integrate with popular email providers like Google Workspace and Microsoft 365. This means you don’t need patient portals or complicated security procedures to keep your inbox secure from email threats.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Sara Nguyen

Read more by Sara Nguyen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022