Agencies warn of Russian cyberattacks on vulnerable routers
The Cybersecurity and Infrastructure Security Agency and other U.S. and international agencies released a joint advisory July 13, warning of Russian cyber actors targeting vulnerable network devices, primarily routers, in critical infrastructure sectors globally, including healthcare. The advisory details how the threat actors primarily use scanning to identify poorly configured devices for exploitation. The actors then exfiltrate sensitive information and facilitate malicious activity. The advisory includes recommendations to help defend against potential threats.
“This malicious cyber activity has been attributed to the Russian Federal Security Bureau, a foreign intelligence agency of the Russian government,” said John Riggi, AHA national advisor for cybersecurity and risk. “Therefore, this represents an advanced and persistent cyber threat targeting U.S. healthcare that should be prioritized. The first step in mitigating this threat and other nation-state cyber threas is to install the latest network router encryption standard, Simple Network Management Protocol v3.”
For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org or Scott Gee, AHA deputy national advisor for cybersecurity and risk, at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.