The chair of the Senate Intelligence Committee, Sen. Mark Warner, D-Va., told an audience of healthcare professionals they should expect blowback from Russian cyber operations in the near future.
"While Russia has not fully deployed its arsenal of cyber weapons, I absolutely expect Russia to up its cyber game soon," he said at Thursday's CyberMed Summit at George Washington University in the nation's capital.
CyberMed is a traveling medical security conference that regularly features emergency care simulations for doctor training. At the Washington conference, a doctor grappled with a simulated ransomware attack at a rural hospital.
Warner, speaking on a pre-recorded video message, said that Russia would not likely target U.S. infrastructure directly.
"Now, while I don't think Russia would attack the U.S. government head-on, I'm concerned about the potential spillover effects," he said.
Warner compared the risks to hospitals now with the damage caused by NotPetya in 2017, a Russian worm designed to savage Ukraine that inadvertently spread from the target country across the world.
NotPetya impacted the U.S. health sector, victimizing drug manufacturer Merck, Nuance — voice-to-text software widely used by doctors (who had to quickly recall all the patient notes that had been lost to the attack), and even U.S. hospitals.
The American Hospital Association warned in February that U.S. hospitals could become collateral damage in a cyberattack on Ukraine, as well as other concerns with Russia's potential response to the U.S. interceding in Putin's pending invasion.
While cyberwarfare didn't emerge immediately, targeted attacks on Ukrainian infrastructure have included an attempted blackout foiled last week, as well as an attack that disabled satellite modems across Europe. The modem attack had broad effects, including disconnecting German wind turbines. The former, an attack on electric substations, was attributed to the Russian-actor Sandworm who was also behind NotPetya.
Though the cyberwarfare seen in Ukraine has so far not expanded too far away from the intended targets, Warner warned that could easily change.
"We know that once you unleash some of this malware, it doesn't respect geographic boundaries," he said.