FBI: Nation-state cyber campaign targeting virtual private networks

Aug 03, 2020 - 11:19 PM

The FBI today alerted the private sector to a sophisticated and aggressive nation-state campaign targeting known critical and common vulnerabilities in virtual private networks, initially reported by the government last year.

The FBI expects this group will likely conduct aggressive operations leveraging the vulnerabilities before they are widely patched, and could provide stolen data and network access to a hostile nation state or other malicious actors who could use ransomware against compromised networks. 

“This FBI report is very serious as it continues to highlight the potential cyber risk exposure of expanded virtual networks that have become ubiquitous in our COVID-19 world,” said John Riggi, AHA senior advisor for cyber and risk. “This report also highlights the need to have an effective and fast patch management program. Our adversaries’ overall strategy is straightforward and clear — use known vulnerabilities and just get in before we patch.”

For more information on this and other cyber and risk issues, contact Riggi at jriggi@aha.org.

Related News Articles

Headline
FBI says no specific, credible threat targeting U.S. hospitals
The FBI March 26 advised that, after extensive investigation and intelligence review, they have not identified any specific credible threat targeted against…
Headline
NIH study finds light levels of daily activity can reduce cancer risk
A study published March 26 by the National Institutes of Health and the University of Oxford found that individuals who engaged in light and moderate-to-…
Headline
DEA, HHS delay implementation of buprenorphine final rule until Dec. 31
The Drug Enforcement Administration and Department of Health and Human Services yesterday announced that the effective date for the final rule regarding…
Headline
FDA alerts of risk with Calyxo aspiration systems
The Food and Drug Administration today issued an alert on a potentially high-risk issue with Calyxo CVAC Aspiration Systems. In patients who have thick fluid…
Headline
AHA comments on DEA proposed rule on special registrations for telemedicine prescribing
The AHA today commented on the Drug Enforcement Administration's proposed rule for special registrations for telemedicine prescribing of controlled substances…
Headline
Cyberthreat actors using ChatGPT exploit to attack health care, other industries
A ChatGPT vulnerability identified last year is being used by cyberthreat actors to attack security flaws in artificial intelligence systems, according to a…