The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday urged health care organizations to install patches to protect their Microsoft Windows operating systems and servers against two high-risk remote desktop protocol vulnerabilities known collectively as DejaBlue. As with BlueKeep and WannaCry ransomware, the DejaBlue vulnerabilities are “wormable,” meaning they can spread automatically. The health care sector is vulnerable due to widespread use of legacy systems susceptible to this vulnerability, including embedded systems in medical devices. Newer systems vulnerable to DejaBlue further complicate the attack surface. For more information, see the HHS report. John Riggi, AHA senior advisor for cybersecurity and risk, also is available to answer questions on this and other cyber-related issues at jriggi@aha.org

Related News Articles

Headline
Among other benefits to the community, mergers can help hospitals deploy more effective safeguards against hackers, writes AHA General Counsel Melinda Hatton.
Blog
There are numerous benefits to the community that derive from hospital and health system mergers, starting with quality improvements and expanding services.
Blog
AHA featured in numerous media publications.
Insights and Analysis
John Riggi, AHA senior advisor for cybersecurity and risk, shares tips for protecting patients and their data from cyber threats.
Headline
The Healthcare Sector Coordinating Council, a public-private partnership of health care companies and providers developing collaborative solutions to mitigate…
Headline
The AHA and the Department of Homeland Security July 17 at 1 p.m. ET will host a webinar discussing current cybersecurity threats to the health care sector.