The recent SolarWinds cyber attack that affected the California Department of State Hospitals among its victims offered healthcare IT managers a sobering reminder that attackers will continue to exploit gaps in cybersecurity, and the threat is evolving.
U.S. and U.K. cybersecurity-focused agencies warn that the Russian hacker group behind the historic SolarWinds intrusion that affected nine federal agencies keeps adjusting their tactics based on government advisories, according to NextGov.
A joint advisory by the U.K.’s National Cyber Security Centre, the Cybersecurity and Infrastructure Security Agency, the National Security Agency and the FBI specifically said Russia’s Foreign Intelligence Service (SVR) changed its behavior after the release of a July 2020 advisory on the group.
The hackers gain initial access using a variety of malware described in the advisory. They then use tools like Sliver, in addition to credential theft, to retain their presence. And they use painstaking measures to hide their activity.
Seeking Standards for Microbial Loads in Healthcare Facilities
UCR Health Unveils Plans for Major Expansion
High-Performance Windows Support Safety at UW Medicine's New Behavioral Health Center
Central Maine Healthcare Dealing with IT System Outage
Kaiser Permanente Opens Newly Expanded Everett Medical Center