The Russia-Ukraine battle is growing the chance of ransomware assaults and different cyber threats for U.S. corporations, and people within the well being care trade could also be focused. In a latest analyst observe from the Division of Well being & Human Providers (“HHS”), HHS describes the cyber capabilities of Russia, one of many world’s main cyberpowers, and analyzes two malware variants almost definitely to affect the U.S. well being care and public well being sector. These are HermeticWiper and WhisperGate, two malware variants which were used in opposition to Ukraine through the battle. Though HHS just isn’t at the moment conscious of any particular menace to the U.S. well being care and public well being sector, organizations within the sector ought to stay vigilant and proactively take measures to mitigate the chance of a cyber-attack.
In a latest weblog publish, Lisa Pino, Director for the Workplace for Civil Rights, outlines a number of methods well being care organizations can put together for cyberattacks in 2022. Because the weblog publish notes, 2021 noticed a number of cyberattacks on hospitals and well being care programs, resulting in cancellations of procedures resembling surgical procedures and radiology exams as a result of affect of such cyberattacks. The weblog publish calls on coated entities and enterprise associates to enhance their cyber posture in 2022, and one space of focus needs to be the enterprise-wide danger evaluation. Threat analyses needs to be complete in scope and canopy all digital protected well being info throughout the group. Different greatest practices famous within the weblog publish embody sustaining offline, encrypted backups of knowledge and frequently testing backups; conducting common vulnerability scans; frequently patching and updating software program and working programs; and coaching workers on phishing and different frequent IT assaults.