The White House warns against possible Russian cyberattacks

Featured image

Share this article

U.S. companies and healthcare organizations are urged to take immediate precautions to bolster their cybersecurity. The White House warns against possible Russian cyberattacks and released these recommended steps for organizations to protect themselves. This alarm comes on the heels of the American Hospital Association and FBI warnings. And just last month, CISA issued a rare Shields Up alert.

Share this article to keep our healthcare IT community informed.

Biden warns U.S. business leaders

Biden told the nation’s executives at the Business Roundtable’s quarterly meeting on Monday evening, “It’s not just your interests that are at stake with the potential use of cybersecurity. It’s in the national interest’s stake. So I respectfully suggest it’s a patriotic obligation for you to invest as much as you can in making sure — and we will help in any way — that you build up your technological capacity to deal with cyberattacks.”

Anne Neuberger, Deputy National Security Advisor, expanded on this announcement. Neuberger stressed the growing threats. She cited reports of the U.S. government identifying specific “preparatory activity” targeting U.S. companies and critical infrastructure.

“Security needs to be top of mind for every company. Email security is the number one cause of breaches.” Paubox client Eli Golden, Director of I.T. at The Jellyvision Lab, explains. “Attackers are getting smarter, and while we train our staff thoroughly with simulated attacks and live sessions, it’s best to have as much protection as possible.”

Ransomware is a real and serious threat

The FBI warns companies to be vigilant against ransomware attacks coming from Russia, like the crippling Colonial Pipeline hack last year. Hackers associated with Russian internet addresses have been scanning the networks of five U.S. energy companies in a possible prelude to hacking attempts, the FBI said in a March 18 advisory to U.S. businesses. Ransomware spreads through phishing emails that contain malicious attachments. It also spreads when a user visits an infected website, and malware is downloaded and installed without the user’s knowledge.

“Although our team is vigilant and well-trained, the best solution is one that stops phishing, viruses, and other threats from landing in employees’ inboxes in the first place – all while ensuring that legitimate emails are not caught in an overly aggressive quarantine system. Paubox Inbound Security is the right solution.” Golden states.

Cyberattacks may come from bad actors or the Russian government

According to a recent article in Fast Company, cyberattacks are typically launched independently from Russian hackers who are fiscally motivated. These bad actors operate under a silent agreement with the Putin regime. And, with increased sanctions, it is predicted that cybercriminals within Russia will hack major western targets without repercussion as part of the Putin playbook.

Paubox Email Suite is a powerful tool to keep healthcare organizations safe

ExecProtect, Paubox’s domain name spoofing prevention tool, gets high marks from Jellyvision Labs and hundreds of other clients. ExecProtect is one of the Paubox Email Suite features that shields your healthcare organization, patients, and employees from ransomware attacks.  This feature prevents hackers from impersonating trusted senders to deliver malicious content. 

“ExecProtect is beautiful – since we started using it, we haven’t had a spoofed executive email come through,” Golden notes. “If you don’t have an inbound security system, you are putting yourself and your business at risk.” 

There is concrete evidence of Russia’s sanctioned cyberwar against Ukraine. Cybersecurity experts at the German Institute for International and Security Affairs (SWP) reported over a hundred cyberattacks at a press briefing on March 2. And although the attacks target Ukraine, attacks such as NotPetya in 2017 can spread to cause global disruption.


“We were so used to our encryption and security technology having complications and being hard to use. With Paubox Email Suite Plus, you don’t have to do anything – just send and receive your email. It’s amazing. We get a lot of peace of mind. Combined with ease of use, that makes Paubox a big winner for us.” 

Elena Yau, Director of Information Technology, Five Acres

The American Hospital Association is monitoring the situation

John Riggi, AHA’s national advisor for cybersecurity and risk, and a former senior executive in the FBI’s cyber division, is working in close coordination with the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services to monitor the situation. “Russian state-sponsored cybercriminals and spies are conducting ‘vulnerability chaining’ — linking multiple known vulnerabilities to gain access to networks and data. This pattern highlights the need to ensure MFA is properly configured to detect and prohibit unknown devices from enrolling in the service and prioritize patching of all vulnerabilities that allow unauthorized remote access and code execution, ” said Riggi last week.


Three critical concerns for healthcare leadership

Riggi and the AHA advise that there are three concerns for healthcare IT due to cyber threats originating in Russia due to the conflict in Ukraine.

  1. Hospitals and health systems may be targeted directly by Russian-sponsored cyber actors.
  2. Hospitals and health systems may become incidental victims of, or collateral damage to, Russian-deployed malware or destructive ransomware that inadvertently penetrates U.S. health care entities; and
  3. A cyberattack could disrupt hospitals’ mission-critical service providers.

 

It is important to note that all healthcare organizations are at risk

Cyberwar can take down any organization, from large health care systems to small clinics. For example, in 2020, Universal Health System reported an estimated pre-tax “unfavorable impact” of $67 million due to a network shutdown throughout its U.S. facilities. The Ryuk ransomware that caused the disruption is linked to Wizard Spider, a Russian cybercrime group.

Last month, a mental health clinic was devastated by a ransomware attack. This primarily volunteer clinic helps those who are most vulnerable. Unredacted photographs of driver’s licenses, passports, personal information, phone numbers, and even passwords and credit card details were published on the dark web. 

SAMH Chief Executive Billy Watson said, “We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organization that is relied on by people at their most vulnerable.”

Cyberattacks are modern digital guerrilla warfare and must be taken seriously. Paubox can help. 

“Technologically speaking, Paubox’s approach is more pragmatic than other systems. It’s easier for employees to follow a process when it’s seamless and integrated, so they don’t have to think about it. Also, it’s much better than locking everything down because we don’t trust that everyone is using security tools properly.”

Patrick Denney, IT Director, Superior Biologics

Let Paubox keep your healthcare organization safe in 5 simple steps

  1. Start Paubox Email Suite Plus with a free trial, or contact sales for a demo and get access to all of these powerful features today.
  2. Ensure all emails sent from your organization are guaranteed encrypted and HIPAA compliant with frictionless ease. Paubox Email Suite solves your risk of users unintentionally leaking PHI. No portals, passwords, or plugins.
  3. Protect your team and executive staff from inbound malware, phishing, and ransomware attacks with our patented ExecProtect.
  4. Authenticate sender’s mail servers with a proprietary algorithm that ensures only legitimate emails make it to your team’s inbox with Zero Trust Email
  5. Check the age of all email domains with DomainAge. Newly created domains are flagged as suspicious and quarantined.

 

If your healthcare organization needs a powerful and easy-to-implement solution, download our comprehensive guide to building your email security strategy here.

“With Paubox, we gained a simple-to-use solution that provided 100% encryption of what we were sending out. Paubox makes it easy for our end users to receive documents and not have any issues accessing them. Simplicity trumps everything when you are trying to get information out to people so that they can make healthcare decisions. The implementation process was smooth and easy to complete. The support team was super helpful. With a single setup call, the MedPlus team was up and running.”

-Sultan Yassin, President, MedPlus Solutions

Don’t put your company and team at risk. Heed the warnings

There has never been a more critical time to ensure your healthcare organization’s cybersecurity is robust. Fortunately, healthcare IT and executives can count on Paubox to keep their organization’s inbound and outbound emails secured and encrypted while reducing the risk of human error that opens your organization to ransomware attacks. 

In addition, our solution seamlessly integrates with Google Workspace, Microsoft 365, or Microsoft Exchange, keeps every email HIPAA compliant, and is HITRUST certified. Paubox is the healthcare industry’s email security expert. 

Get protected today!

Start a free trial of Paubox Email Suite now!

Contact us about our API

Schedule a demo today. 


Share this article to keep our healthcare IT community informed.

Author Photo

About the author

Anne-Marie Sullivan

Read more by Anne-Marie Sullivan

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022