HC3 Sector Alert TLP White: Cybersecurity Vulnerabilities of Interest to the Health Sector

May 19, 2020

In recent days, a number of vulnerabilities in common information systems which are relevant to organizations in the healthcare sector have been disclosed to the public. These vulnerabilities are from Microsoft and Adobe as well as highlights from a joint DHS/FBI report on the most impactful vulnerabilities in recent years. The vulnerabilities highlighted in this report have been selected because they meet two criteria. First, they are significant in that they have the potential to allow an attacker to cause significant harm to the target organization. Second, they are likely to be included in the enterprise infrastructure of a healthcare organization. Further details on these vulnerabilities can be found below, along with their potential effects if exploited as well as patches.

Key Resources

Related Resources

Guides/Reports
HC3 TLP Clear: Privileged User Compromise
Public
Special Bulletin
Red Cross, America’s Blood Centers, AABB Say U.S. Faces Critical Blood and Platelet Shortages
Public
Advancing Health Podcast
Going International: The FBI's Global Fight Against Cybercrime
Public
Advisory
American Hospital Association and Health-ISAC Joint Threat Bulletin - TLP White
Public
Advisory
Hospitals in Florida, Other States Impacted by Effects of Cyberattack on Blood-donation Nonprofit OneBlood
Member
Guides/Reports
CLEAR Crisis Leadership Tip Sheets