Could Middle Eastern Cyberwarfare Spill Into Health Sector?Denise Anderson of H-ISAC on Situational Awareness and Other Critical Concerns
The violent surprise attack by Hamas on Israel last weekend and the region's escalating war spotlights the critical importance of situational awareness, especially by healthcare sector entities in the U.S. and elsewhere that rely on cybersecurity, IT or medical products from Israeli providers, said Denise Anderson, president of the Health Information Sharing and Analysis Center.
"This is definitely a big piece of situational awareness: Being aware of your supply chain - where it comes from and how it can be impacted," she said. "There are a lot of security firms, software and hardware firms in Israel. And if the war becomes prolonged that could have an impact on their ability to support their infrastructure, so that certainly is a concern," she said.
Organizations that rely on medical devices, pharmaceutical products or other types of healthcare supplies from that region need to be particularly mindful. "We've certainly seen this in other situations, both physical and cyber."
No H-ISAC member organizations have been hit by cyberattacks tied to the Middle Eastern situation, "but definitely the potential is there," Anderson said in an interview with Information Security Media Group on Thursday.
"There has been a little bit of noise," she said. "When any event happens, there are opportunistic threat actors who try to do things with phishing attempts, which we've seen."
H-ISAC and other ISACs this week shared with its members alerts from intelligence partners involving "a huge" rapid-reset vulnerability affecting web servers with HTTP/2 capabilities. The zero-day weakness has be exploited for mass distributed denial of service. Hacktivist groups on both sides of the Israeli conflict have launched several barrages of DDoS attacks since Sunday (see: Zero Day Attacks Exploit Rapid Reset Weakness in HTTP2).
"I'm sure some threat actors will definitely be looking to take advantage of that," she warned.
In this interview with Information Security Media Group (see audio link below photo), Anderson also discussed:
- How to optimize cybersecurity and other intelligence-sharing during crises, including sorting through misinformation;
- Steps healthcare sector entities should take to prepare for potential threats tied to the Middle Eastern conflict including DDoS, hacktivism, phishing and other types of attacks;
- Incident response planning for physical threats against healthcare.
Anderson leads the H-ISAC and chairs the National Council of ISACs. She also serves as a health sector representative to the National Cybersecurity and Communications Integration Center, which is a Department of Homeland Security-led coordinated watch and warning center. Anderson serves on the board of the Global Resilience Federation and is a member of the Cyber Future Foundation. Prior to H-ISAC, she was vice president of Financial Services-ISAC.