FBI: Cyber actors continue to exploit Fortinet vulnerabilities

May 27, 2021 - 04:05 PM

Cyber actors continue to exploit vulnerabilities in the operating system for the Fortinet network security system, the FBI warned today, noting that a group “almost certainly” exploited a Fortigate appliance this month to access a webserver hosting the domain for a U.S. municipal government. The agency said actors are actively targeting a broad range of victims across multiple sectors. The alert recommends actions to help organizations guard against the threat. 

“This is the second alert from the government since April on vulnerabilities associated with the widely-used Fortinet security platform,” said John Riggi, AHA senior advisor for cybersecurity and risk. “Advanced persistent threat cyber activity like this is often conducted to further adversarial nation-state espionage objectives. The Fortinet exploitation, the Russian government compromise of the SolarWinds network service and VPN vulnerabilities, and the Chinese state-sponsored compromise of the MS Exchange on Prem servers provide clear urgency for all to enhance software supply chain security and vendor risk management programs.” 

For more on this or other cybersecurity and risk issues, contact Riggi at jriggi@aha.org.
 

Related News Articles

Headline
HSCC launches toolkit to strengthen essential health care services and prevent cyberattacks
The Health Sector Coordinating Council Oct. 7 released its Sector Mapping and Risk Toolkit, created to help health care providers and other organizations…
Headline
Urgent action recommended on critical Oracle vulnerability
The AHA Oct. 6 released a Cybersecurity Advisory urging immediate action against a critical Oracle E-Business Suite vulnerability that is remotely exploitable…
Headline
AHA launches revamped Cybersecurity and Risk Advisory webpage
The AHA has launched an enhanced Cybersecurity and Risk webpage designed to help health care organizations strengthen their defenses against emerging cyber and…
Headline
Notice warns of new LockBit 5.0 ransomware variant
A Health-ISAC (Information Sharing and Analysis Center) bulletin released Oct. 1 warns of a recently released LockBit 5.0 ransomware variant that poses a…
Headline
AHA podcast: The Texas Model for Cyber Resilience in Health Care 
Fernando Martinez, Ph.D., chief digital officer at the Texas Hospital Association, shares how Texas and the THA are building regional resilience through cyber…
Headline
Senate fails to pass CR, government shutdown begins while health programs expire
The federal government shut down Oct. 1 following a failed Senate vote on the House-passed continuing resolution to fund the government by midnight Sept. 30.…