Chinese Hackers Exploit Citrix Vulnerabilities

Health Sector Entities Urged to Patch Citrix ADC, Gateway Flaws

Errol Weiss quote:

“Citrix ADC and Citrix Gateway are popular technologies used by many healthcare sector organizations,” he says. “Left unpatched, an adversary could gain access to corporate networks, leaving them vulnerable to devastating cyberattacks like ransomware and intellectual property theft.”

Marianne Kolbasuk McGee (HealthInfoSec) • December 19, 2022

A networking appliance used to assure the availability of clinical applications and a virtual private network each made by Citrix both contain flaws that are under active exploitation by Chinese state-sponsored hackers.

U.S. federal authorities and Citrix both are urging users to patch the flaw, tracked as CVE-2022-27518.

“These vulnerabilities are known to be actively exploited by a Chinese state-sponsored advanced persistent threat,” says the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center in an alert issued Friday.

Link to full article in Healthcare InfoSecurity here:

https://www.healthcareinfosecurity.com/chinese-hackers-exploit-citrix-vulnerabilities-a-20740

• Related Resources & News
• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
• New Cybersecurity Policies Could Protect Patient Health Data
• CyberWire Podcast: PHP flaw sparks global attack wave
• Health-ISAC Hacking Healthcare 3-14-2025
• HSCC Aiming to Identify Healthcare Workflow Chokepoints
• New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
• Are Efforts to Help Secure Rural Hospitals Doing Any Good?
• CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
• 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
• Cobalt Strike takedown effort cuts cracked versions by 80%