'Patch early, patch often': HHS cyber arm issues warning on zero-day attacks

The U.S. Department of Health and Human Services’ cybersecurity arm issued a threat briefing this past week about “zero-day attacks” and their potential risk to the healthcare system.  

“Mitigating zero-day attacks completely is not possible – by nature, they are novel and unexpected attack vectors,” said the Health Sector Cybersecurity Coordination Center in a public presentation.   

One helpful mitigation? “Patch early, patch often, patch completely.”  

WHY IT MATTERS  

As the agency outlined in the briefing, a zero-day attack is defined as a vulnerability exploited by threat actors before a patch is developed and applied.  

The number of zero-day exploits caught in the wild has skyrocketed this year: By September 2021, Massachusetts Institute of Technology researchers had tracked at least 66.  

HC3 reviewed a few recent high-profile zero-day vulnerabilities in the healthcare sector, such as vulnerabilities flagged this past year in the records application OpenClinic that exposed patients’ test results.  

And in August 2021, a vulnerability was discovered affecting pneumatic tube systems used by hospitals.  

The agency noted that zero-day exploits are “incredibly valuable,” with a single vulnerability potentially putting millions of customers at risk.  

Zero-days can also be leveraged for lucrative attack avenues, such as ransomware.   

In addition to patching, the agency recommended implementing a web-application firewall to review incoming traffic and filter out malicious input, as well as making use of runtime application self-protection agents.  

THE LARGER TREND  

Federal agencies have raised the alarm about several cyber threats to the healthcare system this year.  

In the past few months, HC3 has also warned health organizations about BlackMatter ransomware and the LockBit variant.   The Federal Bureau of Investigation has chimed in too, issuing alerts about  Conti ransomware and Hive ransomware.  

ON THE RECORD  

“Zero-day attacks can be used both to target specific, high value targets or affect wide swathes of organizations through commonly used software,” said HC3 officials. “Both pose substantial dangers to the [healthcare and public health] sector.”

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: [email protected]
Healthcare IT News is a HIMSS Media publication.

Source: Read Full Article

Related posts:
  1. Mother loses unborn twin but will carry both babies to full term
  2. How You Can Use The Rock's Muscle-Building Chest Day Hack
  3. Kareem Abdul-Jabbar Reveals He Had Prostate Cancer and Calls Out Racial Inequality in Health Care
  4. Cardiothoracic surgeons implant novel type of artificial heart in a female patient