Advisory calls for timely patches to avoid top cyber risks

Apr 27, 2022 - 05:10 PM
cybersecurity

Cybersecurity authorities in the United States, Australia, Canada, New Zealand and United Kingdom today advised organizations to apply timely patches and implement a centralized patch management system to reduce their risk of compromise from the most common cyber vulnerabilities exploited by malicious cyber actors in 2021 and 2020.

John Riggi, AHA’s national advisor for cybersecurity and risk, said, “According to this advisory from the ‘Five Eyes’ nations, hackers develop and deploy malware that exploits a known vulnerability within two weeks of its public release. This is often far quicker than patches are available and organizations can implement them — especially in hospitals, where patches must be thoroughly tested before being applied to ensure uninterrupted care delivery and patient safety. This advisory gives us clear direction on the most exploited vulnerabilities that should be prioritized for patching, if not already done so. It is also clear that hackers are often less interested in identifying an unknown or ‘zero-day’ vulnerability for exploitation than they are in simply beating us in a race to ‘exploit before we patch.’” 

Related News Articles

Headline
FTC proposes changes to breach notification requirements for entities not covered by HIPAA 
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect…
Headline
Agencies alert field to hidden state-sponsored cyberthreat to networks
U.S. and international cybersecurity authorities released an advisory to help health care and other critical infrastructure organizations identify and…
Headline
U.S. task force releases updated ransomware guide
An interagency task force chaired by the Cybersecurity and Infrastructure Security Agency and FBI yesterday released an updated guide offering best…
Headline
Study documents regional impact of hospital ransomware attacks
During a month-long ransomware attack on four hospitals in 2021, two neighboring hospital emergency departments experienced increased patient volumes, wait…
Headline
Agencies recommend action to protect against ransomware, data extortion threat 
The FBI, Cybersecurity and Infrastructure Security Agency, and Australian Cyber Security Centre issued recommendations to help critical infrastructure…
Headline
HHS alerts field to cyberattacks against servers running Veeam software 
Health sector organizations should immediately patch a vulnerability in Veeam software used to back up, replicate and restore data on virtual machines, the…