Global Edition
Privacy & Security

'Patch early, patch often': HHS cyber arm issues warning on zero-day attacks

HC3 researchers say these hacks – where new vulnerabilities are exploited before a patch can be applied – are on the rise.
By Kat Jercich
November 23, 2021
04:21 PM

Photo: U.S. Department of Health and Human Services 
by WEBN-TV/Flickr, licensed under CC BY-ND 2.0

The U.S. Department of Health and Human Services' cybersecurity arm issued a threat briefing this past week about zero-day attacks and their potential risk to the healthcare system.  

"Mitigating zero-day attacks completely is not possible – by nature, they are novel and unexpected attack vectors," said the Health Sector Cybersecurity Coordination Center in a public presentation.   

One helpful mitigation? "Patch early, patch often, patch completely."  

WHY IT MATTERS  

As the agency outlined in the briefing, a zero-day attack is defined as a vulnerability exploited by threat actors before a patch is developed and applied.  

The number of zero-day exploits caught in the wild has skyrocketed this year: By September 2021, Massachusetts Institute of Technology researchers had tracked at least 66.

HC3 reviewed a few recent high-profile zero-day vulnerabilities in the healthcare sector, such as vulnerabilities flagged this past year in the records application OpenClinic that exposed patients' test results.  

And in August 2021, a vulnerability was discovered affecting pneumatic tube systems used by hospitals.  

The agency noted that zero-day exploits are "incredibly valuable," with a single vulnerability potentially putting millions of customers at risk.  

These exploits can also be leveraged for lucrative attack avenues, such as ransomware.   

In addition to patching, the agency recommended implementing a web-application firewall to review incoming traffic and filter out malicious input, as well as making use of runtime application self-protection agents.  

THE LARGER TREND  

Federal agencies have raised the alarm about several cyber threats to the healthcare system this year.  

In the past few months, HC3 has also warned health organizations about BlackMatter ransomware and the LockBit variant. The FBI has chimed in too, issuing alerts about Conti ransomware and Hive ransomware.

ON THE RECORD  

"Zero-day attacks can be used both to target specific, high value targets or affect wide swathes of organizations through commonly used software," said HC3 officials. "Both pose substantial dangers to the [healthcare and public health] sector."

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.

Topics: 
Financial/Revenue Cycle Management, Government & Policy, Privacy & Security

More regional news

A radiologist examining X-ray images

National University Hospital launching AI-driven digestive centre

By
Adam Ang
April 24, 2024
Wes Cronkite of TruBridge on AI

Highlighting rural voices is imperative for equitable, bias-free healthcare AI

By
Bill Siwicki
April 24, 2024
Dr. Bill Frist and Larry Ellison

Oracle launches Autonomous Shield initiative, with eye on cloud cybersecurity

By
Mike Miliard
April 24, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Wes Cronkite of TruBridge on AI
AI & ML Intelligence
Highlighting rural voices is imperative for equitable, bias-free healthcare AI

Most Read

Change Healthcare cyberattack still impacting pharmacies, as H-ISAC issues alert
OCR settles its 2nd ransomware investigation, probably not the last
A focus on precision medicine: Australia redefines National Digital Health Strategy
NIST updates Cybersecurity Framework with Version 2.0
HIMSS24 Europe: Interoperability takes centre stage in Rome
HSCC publishes 5-year healthcare cybersecurity strategic plan

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Artificial Intelligence
Analytics
Analytics

Video

Heidi Wold at Longevity Health Plan_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Patients benefit from post-acute care
Dr. Jesse M. Ehrenfeld, AMA president_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
AMA leader: Physicians must be the lodestar for IT innovation
Garrett Singletary at Concord Technologies_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Digitizing faxed data offers new advances for interoperability
Andrew Schultz at PatientPoint_Patient listening to nurse photo by SDI Productions/Getty Images
How a connected engagement ecosystem can empower better health

More Stories

Andrew Schultz at PatientPoint_Patient listening to nurse photo by SDI Productions/Getty Images
How a connected engagement ecosystem can empower better health
A nurse attending to a patient in the San's Poon Day Infusion Centre
Managing a safe transition to new treatment guidelines
Dr. Monika Sonu at Healthinnovation Toolbox_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How to build digital health tools with the clinician in mind
Healthcare data exchange
ONC pubs Common Agreement v2.0, with regs for FHIR exchange
Female nurse in grey scrubs on rests on a couch with her head back
Take these steps to reduce unproductive charting for nurses, says KLAS
Prevounce Founder Daniel Tashnek on RPM coding
New codes from the AMA could mean more RPM reimbursement by 2025
Person at a desk with a laptop crunches numbers on a calculator
Small medical practices will close because of Change cyberattack, says AMA
MaryAnn Connor at Memorial Sloan Kettering Cancer Center_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Care problems become technology systems via nurse informaticists