Cybersecurity News

The threat to public health from the pandemic is thankfully subsiding. Unfortunately, a very different threat is on the rise: Cyber criminals have been ramping up their attacks on the health care sector, jeopardizing systems and putting lives at risk.

Cyber actors continue to exploit vulnerabilities in the operating system for the Fortinet network security system, the FBI warned today, noting that a group “almost certainly” exploited a Fortigate appliance this month to access a webserver hosting the domain for a U.S. municipal government. The agency said actors are actively targeting a broad range of victims across multiple sectors. The alert recommends actions to help organizations guard against the threat. 

The FBI issued an alert on “Conti,” a ransomware variant identified in at least 16 attacks targeting U.S. health care and first responder networks in the past year. 

President Biden directed federal agencies to take certain actions to remove barriers to sharing cyber threat information with the private sector, enhance security in the software supply chain and better detect cyber incidents on federal networks.

The FBI released an alert on the ransomware variant Darkside, which this month infected a critical infrastructure company in the United States. The ransomware-as-a-service variant has affected various sectors since October 2020, including health care.

Are you aware that cyber adversaries target the health care sector the most of all critical infrastructure sectors? Hospitals and health systems in particular have frequently been the target of high-impact ransomware attacks, which disrupt patient care and risk patient safety. 

During the pandemic, there has been a dramatic increase in cyberattacks targeting hospitals and health systems, including disruptive ransomware attacks that have interrupted patient care and risked patient safety.

The FBI and Department of Homeland Security released recommendations to help organizations secure their networks from ongoing cyber threats from the Russian Foreign Intelligence Service, which recently exploited software updates to the widely used SolarWinds information technology performance-monitoring platform.

The Russian Foreign Intelligence Service (SVR) continues to exploit five publicly known cyber vulnerabilities, the National Security Agency, Cybersecurity and Infrastructure Security Agency and FBI said in a joint advisory. 

As health care organizations increasingly use telehealth during the COVID-19 pandemic and beyond, the Healthcare and Public Health Sector Coordinating Council (HSCC) released a report to help health care leaders assess and mitigate associated cybersecurity risks. 

The FBI removed malicious code from vulnerable Microsoft Exchange Servers running on-premises versions of MES software for enterprise-level e-mail service, the agency announced in a notice to private industry.

AHA and the Health Information Sharing and Analysis Center (Health-ISAC), a non-profit member organization for sharing cyber threat intelligence and best practices, released a joint white paper to help senior health care leaders understand and respond to certain cyber risks to their enterprise networks.

The FBI and Cybersecurity and Infrastructure Security Agency advised organizations to protect their computer networks from known vulnerabilities in FortiOS, the operating system for the Fortinet network security system.

The FBI released an alert on Mamba ransomware, which uses an open source encryptions software to encrypt and restrict access to a victim’s entire drive, including the operating system.

Cyber criminals and nation-state actors believed to be affiliated with the Chinese government continue to exploit recently announced vulnerabilities in Microsoft Exchange on-premises products, posing a serious risk to federal agencies and private organizations, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency said in a joint advisory.

The Department of Health and Human Services’ Office of the Assistant Secretary for Preparedness and Response urged the health care and public health sector to patch on-premises Microsoft Exchange Server vulnerabilities announced last week, noting that additional criminal and state actors have been observed trying to compromise the critical infrastructure by exploiting these vulnerabilities.

Cyber attackers are using Microsoft Exchange Server vulnerabilities to access Exchange server email accounts on an organization’s premises and install malware to facilitate long-term access to victim environments, the Microsoft Threat Intelligence Center announced.

The Center for Internet Security began offering its Malicious Domain Blocking and Reporting ransomware protection service free to private hospitals.

The FBI has issued recommendations to help prevent and respond to Telephony Denial of Service (TDoS) attacks, which can make 911 call centers unavailable to users and undermine public trust in emergency services.

As we forge ahead in 2021 facing a lot of uncertainty, there’s one thing we recognize: The COVID-19 pandemic will have a lasting effect on the health and well-being of our nation.