Critical Vulnerability Could Give Attackers Foothold in Clinical Networks
U.S. federal authorities and industry officials are urging hospitals and clinics to address a critical flaw in BeyondTrust Remote Support and Privileged Remote Access software, which if exploited, could give an attacker a foothold inside a corporate network.
The Health Information Sharing and Analysis Center on Feb. 11 also alerted the healthcare sector about the flaw.
“Healthcare entities typically use BeyondTrust Remote Support to let IT and clinical engineering teams securely access and troubleshoot end user systems, including clinician workstations and kiosks, without needing users to be on site,” said Errol Weiss, chief security officer of Health-ISAC. “It’s a key remote access and support layer in many hospital environments,” he said.
BeyondTrust is commonly deployed in medium and large provider organizations, Weiss said. Based on Health-ISAC visibility and prior targeted alerting on BeyondTrust vulnerabilities, it’s widely used but not universal across hospitals and large healthcare organizations, he said.
Read the article in Healthcare InfoSecurity. Click Here
