Four Russian-affiliated organizations are posing a threat to U.S. healthcare organizations and the public health sector, according to an alert issued May 19 by the HHS Cybersecurity Program.
Here are the four organizations:
-
Turla: Operates under the direction of Russia's FSB and targets industries such as academic, energy, government, military, telecommunications, research, pharmaceutical companies and foreign embassies. The group has been active since 2004
-
APT29: Operates under the director of Russia's SVR and targets industries such as academic, energy, financial, government, healthcare, media, pharmaceutical, and technology industries. The group has been active since 2008. In 2020, the group attacked COVID-19 vaccine developers.
- APT28: The cyber group, which has been active since 2004, targets aerospace, defense, energy, government, healthcare, military and media industries.
- Sandworm: Operates under the direction of the GRU and has been active since 2007. Sandworm mainly targets the energy and government sectors.
The HHS recommends organizations update software, enforce multi-factor identification, and review common vulnerabilities and exposures for all public-facing systems.