Attack surface management, healthcare, industry specific
Health-ISAC, Aha Bulletin encourages entities to enhance their physical and cyber readiness
Marianne Kolbasuk McGee (HealthInfosec)•
March 20, 2025
The threat sent on social media seducing coordinated terrorist attacks in hospitals in mid-term US cities warns industry authorities to enhance physical and cybersecurity in the health sector.
See: AI, Cloud and Cyber Threats: A Financial Sector Survival Guide
The Health Information Sharing Analysis Center and the American Hospital Association in a joint alert released late Wednesday said they are working with the FBI and are waiting for additional details that they can share with their members. Foreign terrorists generally do not promote future attacks, but social media posts threatening a wave of violence against hospitals in urban areas with 100,000 and 500,000 residents “may encourage others to engage in malicious activities directed at the health sector.”
As of Thursday, the AHA and Health-ISAC were not aware of the existence of additional information to support the reliability of the threat. And to ultimately assert that the threat is hoax or misinformation, said John Rigigi, AHA's national advisor to cybersecurity and risk. “What we can say is that we communicate with the FBI headquarters every day, and they are actively and proactively pursuing the threat.”
“This unfounded but widely distributed 'threat' always poses a dilemma for law enforcement agencies and organizations like AHA and Health ISAC,” Rigiji said. “We don't want to add credibility to unprotected threats, but we need to actively recognize the existence of the threat and recommend reasonable measures to combat the possible threats,” he said.
Health -ISAC and Aha said social media sightings about the potential threat included X (formerly Twitter) posts by American Kinetix, a global operational services support company. The company's website says its leadership consists of former CIA and joint special operations commanders.
This post warns that the “very reliable threat” involving ISIS-K is planning an aggressively coordinated multi-city terrorist attack on US hospitals in the coming weeks. These attacks potentially include improvised explosive devices in which vehicles are present, followed by armed attacks and hostage scenarios, the post said.
“Intelligence suggests that these attacks must occur before the planned aviation/DC attacks by al-Qaeda, and it is likely that the hospital will become a prelude to a large-scale venture,” the Post said, adding that high casualties are at risk. “These hospitals are soft targets, including low security, high traffic and critical infrastructure.”
American Kinetix did not respond to requests for additional details.
AHA and Health-ISAC recommend that organizations review and evaluate the coordination and capabilities of physical security, cybersecurity, and emergency management plans. “In addition, increasing relations with local and federal law enforcement could streamline response efforts during the attack,” Alert said.
“As mentioned in the alert, the presence of more visible security around hospital facilities could provide an additional level of security to stop this or other threats,” Rigiji said. “We suggest that the hospitals are maintaining vigilance without undue warning from our abundant attention.”
The FBI did not immediately respond to the Information Security Media Group's request for comments about potential threats.
