AHA to hospitals: Be prepared for attack from Russian cyber hackers
The American Hospital Association (AHA) is amplifying a federal warning for hospitals and other organizations to be on the lookout for hackers attempting to infiltrate computer systems as part of “Russian state-sponsored malicious cyber activity.”
In a recent blog post, the AHA said that the FBI and Cybersecurity and Infrastructure Security Agency (CISA) had released a joint cybersecurity advisory to warn that hackers had gained network access to some organizations by exploiting default multifactorial authentication (MFA) protocols and a known vulnerability of a Windows print spooler.
The FBI and CISA is urging all organizations to take several counteractions, including:
- Enforce MFA for all users, without exception, and ensure it is properly configured to protect against “fail open” and re-enrollment scenarios
- Implement time-out and lock-out features
- Disable inactive accounts uniformly in active directory, MFA, etc.
- Update software, prioritizing known exploited vulnerabilities
- Monitor network logs continuously for suspicious activity
- Implement security alerting policies
The CISA has more information available on its Russia Cyber Threat Overview and Advisories webpage.
This is the second time the AHA has forwarded a warning to hospitals about possible cybersecurity problems related to the Russian invasion of the Ukraine.