China and its proxies have been observed attempting to identify and illicitly obtain valuable intellectual property and public health data related to vaccines, treatments and testing from networks and personnel affiliated with COVID-19-related research, which could jeopardize the delivery of secure, effective and efficient treatment options, the FBI and CISA warned today.

In addition, the agencies yesterday issued alerts providing very specific technical details on the tools and infrastructure used by cyber actors of the North Korean government to conduct cyberattacks under a campaign collectively referred to as “Hidden Cobra (),” as well as the top 10 most exploited vulnerabilities by state and other cyber actors from 2016 to 2019.

According to the analysis, malicious cyber actors most often exploited vulnerabilities in Microsoft’s Object Linking and Embedding technology and the ubiquitous Web framework known as Apache Struts.

“These three reports combined are extraordinary in highlighting the variety, magnitude and sophistication of the cyber threats we are facing in health care,” said John Riggi, AHA senior advisor for cybersecurity and risk. “Most concerning are the threats to COVID-19 research which could have significant impact to public health. We certainly applaud the cooperation and coordination among the government agencies for timely release of these reports with such actionable technical specificity. They will go a long way in helping health care providers defend against these serious cyber threats.”

Questions on cybersecurity and risk may be directed to Riggi at jriggi@aha.org.

Related News Articles

Headline
The FBI this week advised organizations to protect against certain emerging ransomware trends, including multiple attacks on the same victim and new data…
Perspective
As we move into fall and winter, we know the viruses that cause respiratory disease will usually circulate more heavily in communities. Already, the Centers…
Headline
In these video snippets from an AHA Advancing Health podcast series, health care leaders and clinicians from four children's hospitals share how they worked to…
Headline
Cyber actors linked to the People’s Republic of China are targeting router firmware in government and multinational organizations, which should review all…
Headline
The Food and Drug Administration Sept. 26 finalized guidance updating the cybersecurity information device makers should submit to its Center for Devices and…
Headline
Most health insurers must cover the updated COVID-19 vaccines from Pfizer and Moderna without cost sharing effective Sept. 11, when the Food and Drug…