AHA to Hospitals: Be Prepared for Attack from Russian Cyber Hackers

By A.J. Plunkett

The American Hospital Association (AHA) is amplifying a federal warning for hospitals and other organizations to be on the lookout for hackers attempting to infiltrate computer systems as part of “Russian state-sponsored malicious cyber activity.”

In a recent blog post, the AHA said that the FBI and Cybersecurity and Infrastructure Security Agency (CISA) had released a joint cybersecurity advisory to warn that hackers had gained network access to some organizations by exploiting default multifactorial authentication (MFA) protocols and a known vulnerability of a Windows print spooler.

The FBI and CISA are urging all organizations to take several counteractions, including:

  • Enforce MFA for all users, without exception, and ensure it is properly configured to protect against “fail open” and re-enrollment scenarios
  • Implement time-out and lock-out features
  • Disable inactive accounts uniformly in active directory, MFA, etc.
  • Update software, prioritizing known exploited vulnerabilities
  • Monitor network logs continuously for suspicious activity
  • Implement security alerting policies

The CISA has more information available on its Russia Cyber Threat Overview and Advisories webpage.

This is the second time the AHA has forwarded a warning to hospitals about possible cybersecurity problems related to the Russian invasion of the Ukraine.

A.J. Plunkett is editor of Inside Accreditation & Quality,a Simplify Compliance publication.