Agencies in the U.S. and United Kingdom this week released an advisory detailing tactics used to exploit a known vulnerability in Cisco routers to deploy malware and recommendations to protect vulnerable Cisco devices. 

“This joint U.S. and U.K. advisory cites with high confidence that elements of the Russian Military Intelligence Service have been exploiting a known vulnerability in Cisco network routers since at least 2017,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “Like the SolarWinds compromise, this highlights the ongoing targeting of strategic third-party network technology, which is widely present in government and private-sector networks. These strategic cyberattacks on the technology supply chain may give the Russian government a basis to conduct covert reconnaissance of sensitive networks, steal data and/or pre-position itself for future destructive cyberattacks. It is strongly recommended that the patch for vulnerability CVE-2017-6742 be implemented as soon as possible.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
Microsoft July 19 issued an alert about active attacks from vulnerabilities targeting SharePoint servers used within organizations. The incidents have not…
Headline
In his latest AHA Cyber and Risk Intel blog, Scott Gee, AHA deputy national advisor for cybersecurity and risk, explains how hospitals can prepare for and…
AHA Cyber Intel
In today’s heightened threat environment, driven by domestic and geopolitical issues, it is more critical than ever for hospitals to prepare for and mitigate…
Headline
In a statement submitted to the Senate Health, Education, Labor and Pensions Committee for a hearing today on health care cybersecurity and patient privacy,…
Headline
Cyberattacks on hospitals are urgent threats to patient safety, care delivery and public trust. In this conversation, Ajay Gupta, board chair of Trinity Health…
Headline
The Food and Drug Administration yesterday released a safety notice announcing a software patch is available to address cybersecurity vulnerabilities in…