• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Managed Service, Network Security, News

Microsoft: Hospitals Vulnerable to Ransomware, Must Fix VPNs

Microsoft says it has identified dozens of hospitals that have vulnerable gateway and virtual private network (VPN) appliances in their infrastructure.

April 3, 2020 Zachary Comeau Leave a Comment

Microsoft Hospitals

Microsoft announced on Wednesday that it has identified dozens of hospitals that have vulnerable gateway and virtual private network (VPN) appliances in their infrastructure that make them susceptible to more sophisticated human-operated ransomware attacks during the COVID-19 crisis.

“To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others,” the company said in a blog post.

Microsoft said it has observed several nation-state and cybercrime actors targeting unpatched VPN systems for many months. Although some ransomware attackers have vowed to spare the healthcare industry during the coronavirus outbreak, Microsoft says the individuals behind the REvil ransomware are scanning the internet for vulnerable systems.

These attackers are relying mostly on social engineering tactics, preying on people’s fears and need for information during the COVID-19 crisis, the tech giant says.

Read Next: Ransomware Attackers Vow to Not Strike Healthcare During COVID-19 Pandemic

Ransomware attacks have increased in quantity and severity over the past several years. Usually, they shut down the victim’s computer until the victim pays a ransom in digital currency.

Microsoft recommends all enterprises do the following:

  • Apply all available security updates for VPN and firewall configurations.
  • Monitor and pay special attention to your remote access infrastructure. Any detections from security products or anomalies found in event logs should be investigated immediately.  In the event of a compromise, ensure that any account used on these devices has a password reset, as the credentials could have been exfiltrated.
  • Turn on attack surface reduction rules, including rules that block credential theft and ransomware activity. To address malicious activity initiated through weaponized Office documents, use rules that block advanced macro activity, executable content, process creation, and process injection initiated by Office applications. To assess the impact of these rules, deploy them in audit mode.
  • Turn on AMSI for Office VBA if you have Office 365.

It also provided mitigation steps for making networks resistant to ransomware and cyberattacks in general. The mitigation steps can be found here.

Related Content:

  • DanteAV hero Audinate Dante AV Adoption Accelerates with New Partners…
  • Yubico, Security Keys Yubico Launches New Security Keys, Updated Enterprise Subscription…
  • IT news, This Week in it, Microsoft 365, Hive ransomware, iOS 16.3, AltspaceVR, RMM software This Week in IT: Microsoft Outage, VR, Cyberattacks,…
  • Cloud Security, Varonis Varonis Launches Automated Posture Management

Free downloadable guide you may like:

  • Blueprint Series Cover: What works for hybrid workBlueprint Series: What Works for Hybrid Work

    Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.