The Health Sector Cybersecurity Coordination Center of the Department of Health and Human Services is warning hospitals and other critical infrastructure about a serious ransomware threat known as the “Citrix Bleed” vulnerability. This vulnerability is being exploited by ransomware gangs like LockBit 3.0 to bypass password requirements and multi-factor authentication measures. It is crucial for organizations to patch and strengthen their network systems immediately to protect against this threat.
John Riggi, AHA National Cybersecurity and Risk Advisor, emphasized the severity of the Citrix Bleed vulnerability and the importance of deploying Citrix patches and updates to safeguard systems. He also highlighted the aggressive nature of foreign ransomware gangs, particularly Russian-speaking groups, that target hospitals and health systems. Ransomware attacks pose a significant risk to patient care by disrupting and delaying the delivery of healthcare services. Riggi stressed the importance of remaining vigilant and enhancing cyber defenses to defend against ongoing attacks, especially during the holiday season.
For further information on cyber and risk issues, individuals can contact Riggi at jriggi@aha.org. To stay informed about the latest cyber threats and risk resources, visit www.aha.org/cybersecurity.
In summary, organizations in the healthcare sector should prioritize protecting their network systems against the Citrix Bleed vulnerability to prevent potential ransomware attacks. Vigilance and proactive measures are necessary to safeguard patient care and maintain the integrity of healthcare services in the face of increasing cyber threats from malicious actors. Cybersecurity remains a critical aspect of maintaining operational resilience and ensuring the safety and security of healthcare systems.
Article Source
https://www.aha.org/news/headline/2023-12-01-hhs-hc3-calls-immediate-hospital-action-protect-against-citrix-bleed-vulnerability-and-ransomware