Nation-State Attacks: Why Healthcare Must PrepareErrol Weiss of H-ISAC Outlines Critical Steps in Wake of Iran Tensions
As tensions between the U.S. and Iran continue to rise, healthcare organizations need to exercise extra vigilance in shoring up their security to defend against potential Iranian cyberattacks on critical infrastructure sectors, says Errol Weiss, chief security officer of the Health Information Sharing and Analysis Center.
On Tuesday, Iran waged missile strikes against bases in Iraq housing American troops in retaliation for a U.S. drone attack last week that killed Iranian Major General Qasem Soleimani. But security experts and U.S. government agencies warn cyberattacks could be looming as well.
"H-ISAC is providing awareness to our members to really take a cautious view of what is happening with the escalating tensions," Weiss says in an interview with Information Security Media Group. "As we know, Iran has had a propensity to target their adversaries and launch various [cyber] campaigns. So we have a lot of history we can look upon."
For example, destructive "wiper" attacks were carried out by Iran against Saudi Aramco computers in 2012 and the Las Vegas Sands casino in 2014, as well as a long series of distributed denial-of-service attacks on U.S. banks in 2012 and 2013.
"There are certainly occurrences where the healthcare sector has had collateral damage from attacks that Iran launched at other targets," Weiss notes.
To prepare for potential nation-state attacks, he says, healthcare organizations should assess their back-ups, practice incident response, ensure that business continuity plans are in place, conduct vulnerability scanning and apply updated patches.
"It really comes down to ... making sure that organizations are taking the right steps to ensure their networks are secure ... and they're not an easy target."
In the interview (see audio link below photo), Weiss also discusses:
- Ransomware and other top cyber threats facing the healthcare sector;
- Lessons from how the financial sector dealt with earlier DDoS attacks;
- Other critical cybersecurity steps healthcare organizations should take in the wake of escalating nation-state threats.
Weiss, who joined the Health Information Sharing and Analysis Center as CSO in 2019, has more than 25 years of experience in information security. He's co-chair of a task group of the Healthcare and Public Health Sector Coordinating Council, a public/private collaborative for improving cybersecurity in the healthcare sector. The task group developed guidance last year to help the healthcare industry participate in cyber information sharing. Previously, Weiss worked at the National Security Agency, conducting vulnerability analyses of highly classified U.S. government systems. He also created and ran Citi's cyber intelligence center and was a senior vice president with Bank of America's global information security team.