The Department of Health and Human Services (HHS) recently issued a warning regarding a critical vulnerability in ManageEngine products that is being exploited by a North Korean state-sponsored actor to target healthcare organizations in Europe and the United States. HHS’s Health Sector Cybersecurity Coordination Center (HC3) strongly advises healthcare entities to promptly update their systems to mitigate the potential risk of compromise.
ManageEngine is a third-party network technology that assists organizations in monitoring, managing, and securing their IT infrastructure, including active directory management. John Riggi, the national advisor for cybersecurity and risk at the American Hospital Association (AHA), emphasizes that a compromise of ManageEngine technology would pose a significant cyber risk to organizations, potentially providing wide-ranging access to the sophisticated and dangerous Lazarus hacking group. This group has been responsible for various high-profile cyber attacks, including the 2014 destructive cyberattack against Sony, an $81 million theft from the Society for Worldwide Interbank Financial Telecommunications, and the 2017 global WannaCry ransomware attacks that impacted multiple US hospitals. Riggi emphasizes the importance of closely monitoring and securing third-party network management tools, as they are often attractive targets for malicious actors. Additionally, he urges third-party technology providers to prioritize security by adhering to the principles of “secure by design, secure by default.”
For more information on this issue or other cybersecurity and risk matters, individuals can contact John Riggi at jriggi@aha.org. The AHA’s website, aha.org/cybersecurity, also provides the latest resources, threat intelligence, and guidance on cybersecurity and risk management.
/cloudfront-ap-southeast-2.images.arcpublishing.com/nzme/B3V3ASOZ7JGRFBJ7MQ664TZZIU.JPG)