Be Prepared: Cyber Impacts Related to the Tensions between Russia and Ukraine

February 28, 2022

Unfortunately, many of us wake up daily to news media outlets reporting with updates about Russia’s military operations within Ukraine. The conflict has brought uncertainty and fear for many individuals in Ukraine and worldwide.

Some of that fear and uncertainty has been surrounded by heightened awareness of cyberattacks. Every health care organization in the United States is at risk from cyber threats that can disrupt essential services and potentially impact public safety. During the past year, cyber incidents have affected many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy. The conflict between Russia and Ukraine may severely impact cyber operations, even for countries and organizations not directly targeted. While there are not currently any specific credible threats to the U.S., health care organizations should be mindful of the potential for the Russian government to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine. 

What can you do?

• Be prepared. Confirm reporting processes and minimize personnel gaps in IT/OT security coverage. Create, maintain, and exercise a cyber incident response plan, resilience plan, and continuity of operations plan so that critical functions and operations can be kept running if technology systems are disrupted or need to be taken offline
• Enhance your organization’s cyber posture. Follow best practices for identity and access management, protective controls and architecture, and vulnerability and configuration management
• Increase organizational vigilance. Stay current on reporting on this current event. Subscribe to the Cybersecurity and Infrastructure Security Agency’s (CISA) mailing list and feeds to receive notifications when CISA releases information about a security topic or threat

Who to contact if you experience a cyber-attack

As the nation’s cyber defense agency, CISA is available to help organizations improve cybersecurity and resilience, including through cybersecurity experts assigned across the country.

In the event of a cyber incident, CISA is able to offer assistance to victim organizations and use information from incident reports to protect other possible victims. All organizations should report incidents and anomalous activity to CISA and/or the Federal Bureau of Investigations (FBI) via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.

HAP’s Emergency Management team will continue to monitor this latest event and will communicate information as it is known.

Contact me with any questions or for additional information. Members of the American Hospital Association (AHA) are encouraged to avail themselves of the valuable expertise and experience of John Riggi, the AHA’s Senior Advisor for Cybersecurity and Risk.

---