Commentary On VPN AD Attacks On Hospitals

By   ISBuzz Team
Writer , Information Security Buzz | Apr 21, 2020 04:09 am PST

Under the pressure to deliver the best patient care, a cyberattack is the last thing hospitals should have to deal with. This week, CISA issued a warning to users urging them to patch Pulse Secure VPN after the government agency observed malicious attackers targeting the systems of U.S. hospitals and government entities with ransomware using stolen Active Directory credentials.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Jason Crabtree
Jason Crabtree , CTO and Founder
April 21, 2020 12:13 pm

CISA’s alert describes the modern attack playbook in action: step one, exploit an unpatched application to gain a foothold in a target organization—in this case, a VPN application—then, attack authentication infrastructure to elevate access and persist inside the environment. It reminds us that good cyber hygiene is necessary, but not sufficient. Hardening critical authentication infrastructure like Active Directory is crucial for keeping a bad breach from getting worse.

Last edited 3 years ago by Jason Crabtree

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x