The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday urged health care organizations to install patches to protect their Microsoft Windows operating systems and servers against two high-risk remote desktop protocol vulnerabilities known collectively as DejaBlue. As with BlueKeep and WannaCry ransomware, the DejaBlue vulnerabilities are “wormable,” meaning they can spread automatically. The health care sector is vulnerable due to widespread use of legacy systems susceptible to this vulnerability, including embedded systems in medical devices. Newer systems vulnerable to DejaBlue further complicate the attack surface. For more information, see the HHS report. John Riggi, AHA senior advisor for cybersecurity and risk, also is available to answer questions on this and other cyber-related issues at jriggi@aha.org

Related News Articles

Headline
The departments of Homeland Security and Health and Human Services and the National Security Agency this week alerted the field to a significant vulnerability…
Headline
The Federal Communications Commission is investigating a T-Mobile network outage yesterday that impacted customers across the United States, FCC Chairman Ajit…
Headline
NATO today issued a statement condemning “destabilising and malicious cyber activities directed against those whose work is critical to the response against…
Headline
The Health and Public Health Sector Coordinating Council, a public-private partnership, yesterday released a crisis response guide to help health care…
Headline
The Healthcare and Public Health Sector Coordinating Council, a public-private partnership developed to mitigate threats to the nation’s health care sector,…
Headline
China and its proxies have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines…