Advisory calls for timely patches to avoid top cyber risks

Apr 27, 2022 - 05:10 PM
cybersecurity

Cybersecurity authorities in the United States, Australia, Canada, New Zealand and United Kingdom today advised organizations to apply timely patches and implement a centralized patch management system to reduce their risk of compromise from the most common cyber vulnerabilities exploited by malicious cyber actors in 2021 and 2020.

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “According to this advisory from the ‘Five Eyes’ nations, hackers develop and deploy malware that exploits a known vulnerability within two weeks of its public release. This is often far quicker than patches are available and organizations can implement them — especially in hospitals, where patches must be thoroughly tested before being applied to ensure uninterrupted care delivery and patient safety. This advisory gives us clear direction on the most exploited vulnerabilities that should be prioritized for patching, if not already done so. It is also clear that hackers are often less interested in identifying an unknown or ‘zero-day’ vulnerability for exploitation than they are in simply beating us in a race to ‘exploit before we patch.’” 

Related News Articles

Headline
Lawmakers grill UHG CEO at hearings following Change Healthcare cyberattack
Senate and House lawmakers May 1 grilled UnitedHealth Group CEO Andrew Witty about the continued fallout from the Feb. 22 cyberattack on Change Healthcare —…
Headline
AHA advertorial: Is UnitedHealth Group ‘Too Big To Fail’? 
“If you are asking yourself how a cyberattack on a single company could cause such massive damage, you are asking the right question,” an AHA advertorial in…
Headline
AHA provides update to Senate, House committee leaders ahead of hearings on fallout from Change Healthcare cyberattack 
The AHA April 29 provided the Senate Committee on Finance and House Energy and Commerce Subcommittee on Oversight and Investigations an update regarding…
Headline
OCR launches webpage with HIPAA FAQs on Change Healthcare cyberattack
The Department of Health and Human Services’ Office for Civil Rights April 19 launched a webpage answering HIPAA-related FAQs about the Change Healthcare…
Headline
Agencies issue ransomware alert, guidance for securely deploying AI
U.S. and European agencies April 18 recommended organizations implement certain best practices to protect against the latest versions of Akira ransomware,…
Headline
AHA urges Congress to reject cybersecurity proposal in HHS budget request
In a statement submitted to the House Energy and Commerce Health Subcommittee for a hearing April 17 on President Biden’s fiscal year 2025 Health and Human…