Government agencies issue urgent alert on network vulnerability

Jul 02, 2020 - 03:45 PM
FDAcybersecurity

The departments of Homeland Security and Health and Human Services and the National Security Agency this week alerted the field to a significant vulnerability affecting the Palo Alto Networks’ PAN-OS firewall software that cyber attackers could easily exploit remotely via the internet.

The alert recommends patches, mitigations and workarounds to address the vulnerability.

"This is very serious vulnerability rated as a 10 out of 10 on the vulnerability severity scale,” noted John Riggi, AHA senior advisor for cybersecurity and risk. “In the current COVID-19 expanded telework and telehealth environment, it should be expected that nation-state adversaries and criminals will attempt to hack hospitals and health systems via this vulnerability to steal sensitive data and medical research." 

Hospitals and health systems may direct questions on cybersecurity and risk to Riggi at jriggi@aha.org.

Related News Articles

Headline
FBI: Nation-state cyber campaign targeting virtual private networks
The FBI today alerted the private sector to a sophisticated and aggressive nation-state campaign targeting known critical and common vulnerabilities in virtual…
Headline
AHA leader offers ransomware preparedness tips
Ransomware attacks on hospitals are “threat-to-life crimes” because they directly threaten a hospital’s ability to provide patient care, writes John Riggi, AHA…
Headline
Organizations urged to immediately patch SAP server vulnerability
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency yesterday alerted organizations to a critical vulnerability affecting…
Headline
FCC investigating network outage
The Federal Communications Commission is investigating a T-Mobile network outage yesterday that impacted customers across the United States, FCC Chairman Ajit…
Headline
NATO vows to defend health care sector against cyber attacks
NATO today issued a statement condemning “destabilising and malicious cyber activities directed against those whose work is critical to the response against…
Headline
Partnership releases cybersecurity crisis response guide
The Health and Public Health Sector Coordinating Council, a public-private partnership, yesterday released a crisis response guide to help health care…