Nation State Cyber Threats Targeting Intellectual Property

Apr 24, 2018 - 09:32 AM by
John Riggi, National Advisor for Cybersecurity and Risk, AHA

Cybersecurity is at top of mind for many organizations that work diligently to protect their intellectual property (IP) and consumers, and with good reason. On April 16, 2018, the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) issued a technical bulletin indicating Russian state-sponsored actors were targeting network Infrastructure devices worldwide. The FBI has high confidence that Russian state-sponsored cyber actors are using the compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations.

In addition, on March 23, 2018, the FBI announced the indictment of nine Iranians working on behalf of the Iran’s Islamic Revolutionary Guard Corps (IRGC) at the Mabna Institute in Iran. It is alleged these individuals used cyber tactics to steal data from 144 U.S.-based universities and 176 universities based in foreign countries. The FBI also issued a technical FLASH bulletin in relation to this cyber threat. The defendants targeted data across all academic disciplines including medical research. This cyber threat and the stolen information may have serious implications across all critical infrastructure sectors, including the health care field and locations where sensitive medical research is being conducted.

These cases serve as a reminder that all organizations must remain vigilant and ensure the proper cybersecurity procedures and controls are in place and practiced. While the stolen information may not retrievable, steps can be taken to mitigate the Mabna threat and other nation-state-sponsored cyber threats to academic medical centers, hospitals and health systems. This will help safeguard medical research and, most importantly, protect patients. Some of these mitigating procedures include:

  • Using lengthy, complex passwords
  • Limiting online contact information and presence, including social media presence of those organizations and individuals involved in conducting sensitive academic or medical research
  • Using multi-factor authentication for both work and personal email, remote network access and sensitive data base access
  • Using a separate public facing email, which is in no way similar in structure or connected to your internal organizational email—for those individuals involved in sensitive research who must have a public presence
  • Considering the practice of storing IP in network segmented, limited and monitored access, encrypted data bases
  • Knowing who else has access to and stores your IP—such as business associates, other researchers, vendors and law firms
  • Encrypting sensitive data at rest and in transit
  • Refraining from storing sensitive data and research via email
  • Having efficient and effective cybersecurity logging and incident alert capabilities
  • Refraining from clicking on a suspicious or unexpected email or link
  • Reviewing the included link to the FBI FLASH Bulletin for additional preventive measures recommended by the FBI

Adversarial nation states, like Iran and Russia, will continue to aggressively and broadly use cyber tactics and malware to steal sensitive intellectual property from the United States – targeting our government, private sector and academic community. By being vigilant and proactive, we can all play a part in preventing cyberattacks, which may threaten public health and safety, national security and economic security.

Related News Articles

Headline
AHA urges Congress to extend Affordable Connectivity Program to support digital health care services 
In a letter submitted May 7 to a bipartisan group of senators, AHA urged Congress to extend the Affordable Connectivity Program, which provides benefits toward…
Headline
CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber…
Headline
White House releases critical infrastructure memo empowering CISA to strengthen health care security 
The Biden Administration April 30 released a memo announcing updated critical infrastructure protection requirements, which include the Cybersecurity &…
Headline
Agencies issue cyber advisory on North Korean spear phishing efforts 
The FBI, State Department and National Security Agency issued a warning about attempts by North Korean state-sponsored cyberthreat actors to exploit improperly…
Headline
AHA urges Senate committee to support federal programs promoting workforce diversity, maternal health 
Mounting pressures on the health care workforce have created a crisis with short-term staffing shortages and a long-range picture of an unfulfilled talent…
Headline
Lawmakers grill UHG CEO at hearings following Change Healthcare cyberattack
Senate and House lawmakers May 1 grilled UnitedHealth Group CEO Andrew Witty about the continued fallout from the Feb. 22 cyberattack on Change Healthcare —…