DOH: Potential Iranian Cyber Threat

Jackie Pappalardi in Clinical & Quality

As a result of recent events involving the US and Iran, and the threat of retaliation (potentially cyber-based) by Iran, the New York State Department of Health (Department) is asking association partners to reach out to the healthcare providers regarding the need for increased vigilance for potential cyber events. While there is no specific retaliatory threat known at this time, Iran has historically utilized cyber as a means of attacking its adversaries. Accordingly, the Department and all NYS agencies are taking additional steps to protect our information systems and critical infrastructure.  

In order to protect providers, we ask that you implement basic preventative measures to avoid phishing attempts, exposure of data from their systems and interruption of patient/resident services, such as:

  • screening emails for unknown senders,
  • avoiding the use of personal email or social media at their workstations,
  • using caution in following email links and opening attachments without authenticating the sender
  • monitoring of the functioning of medical devices throughout the facility and immediate action if any suspicious performance is recognized

Additionally, a reminder to providers of how to notify the Department if you discover a breach of your systems. We have attached the revised Dear Administrator Letter, updated Cyber reporting poster and Frequently Asked Questions document distributed to providers October of 2019. 

DOH shared the following links from an announcement sent by the Health and Human Services, Assistant Secretary for Preparedness and Response (ASPR), Critical Infrastructure Division and from the Acting Secretary of the Department of Homeland Security pertaining to the terror threat to the U.S. homeland will also be helpful: 

For questions, please contact:


Jackie Pappalardi, RN, BSN
Director, Educational Development & Grant Mgmt.
518-462-4800 x16