H-ISAC TLP White Intelligence Report: HC3 Sector Alert: PwnedPiper Impact on Healthcare August 3, 2021

Nine vulnerabilities (dubbed PwnedPiper) were recently discovered in a brand (Swisslog) of pneumatic tubes – the tube systems within many hospitals and other healthcare organizations which transports small items such as lab samples, blood, tissue or medication from one part of the medical facility to another – which can allow a cyber attacker to compromise and/or disrupt the operations of the system. These vulnerabilities are believed to impact over 3,000 hospitals worldwide, including 80% of all hospitals in North America. All healthcare organizations are urged to review this document and apply the appropriate steps outlined in the mitigation section as needed.

For additional details, please see the full report below.

Report Source(s)   HC3

Release Date

Aug 03, 2021

Alert ID 3871409d

 

This Alert has 1 attachment(s). To view or download the attachment(s), click "View Alert" to login to the web portal.

View Alert

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

Senior Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public