The Russian Foreign Intelligence Service (SVR) continues to exploit five publicly known cyber vulnerabilities, the National Security Agency, Cybersecurity and Infrastructure Security Agency and FBI said in a joint advisory last week. 

“In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA,” the advisory states. 

At a briefing yesterday, the government also expressed concerns about vulnerabilities in the Pulse Connect Secure virtual private network, including one recent vulnerability for which a patch will be issued in May. Meanwhile, Pulse Connect has released a tool (https://kb.pulsesecure.net/pkb_mobile#article/l:en_US/KB44755/s) to help customers check the integrity of their product installations. 

John Riggi, AHA senior advisor for cybersecurity and risk, said, “In an ongoing pattern since 2019, it appears the SVR and other hostile nation-states are continuing to target VPN infrastructure and collaboration platforms — which are ubiquitous and critical for information flow and business continuity, especially in the age of the COVID remote-work environment. Our adversaries have adopted a multi-prong cyber espionage strategy that focuses on not only stealing data while at rest in databases but also intercepting it while in transit between databases, organizations and remote users. With expanded remote access to networks, comes an expanded attack surface. Implementing the recommended patches as soon as possible will help reduce that risk.”   

For more information on this or other risk issues, contact Riggi at jriggi@aha.org
 

Related News Articles

Headline
The Healthcare and Public Health Sector Coordinating Council, whose members include the AHA, yesterday urged President Biden to include support for health care…
Headline
The White House today released a memo from Anne Neuberger, Deputy Assistant to President Biden, and Deputy National Security Advisor for Cyber and…
Headline
The FBI and Cybersecurity and Infrastructure Security Agency May 28 issued a joint cyber advisory in response to a sophisticated spearphishing campaign…
Headline
The Microsoft Threat Intelligence Center has uncovered a wide-scale malicious email campaign by a group it associates with the 2020 compromise of the…
Perspective
The threat to public health from the pandemic is thankfully subsiding. Unfortunately, a very different threat is on the rise: Cyber criminals have been ramping…
Headline
Cyber actors continue to exploit vulnerabilities in the operating system for the Fortinet network security system, the FBI warned today, noting that a…