The U.S. Department of Health and Human Services has issued a warning to hospitals and healthcare facilities regarding a vulnerability known as “Citrix Bleed” that is being exploited by ransomware gangs. This vulnerability, tracked as CVE-2023-4966, affects Citrix NetScaler ADC and NetScaler Gateway appliances used by enterprises for managing network traffic. Several companies, including Toyota and Boeing, have already fallen victim to attacks exploiting this vulnerability.
The Health Sector Cybersecurity Coordination Center (HC3) has urged organizations to patch this vulnerability as it is actively being exploited. Citrix released a patch in early October, but the vulnerability was being exploited as a zero-day since August 2023. Companies are advised to update their systems to avoid further damage.
Boeing recently shared details of how it was attacked via Citrix Bleed in collaboration with the FBI and CISA, in an effort to help other companies protect themselves. Additionally, two major hospital networks faced ransomware attacks this week, causing widespread problems like network outages and appointment cancellations.
Ransomware attacks on hospitals have been a growing concern, with recent incidents at Capital Health in New Jersey and Ardent Health Services causing disruptions and delays in patient care. The seriousness of the Citrix Bleed vulnerability is underscored by the urgency to deploy existing Citrix patches and updates to protect systems.
Cybersecurity experts have warned about the aggressive tactics of foreign ransomware gangs, particularly Russian-speaking groups, targeting hospitals and healthcare systems. These attacks not only disrupt healthcare delivery but also put patients’ lives at risk. It is crucial for organizations to remain vigilant and strengthen their cyber defenses, especially during the holiday season when cybercriminal activity tends to increase.
Article Source
https://therecord.media/hhs-warns-of-citrix-bleed-bug