Cybersecurity

Homeland Security Issues Warning on Cyberattack Campaign

The Department of Homeland Security is warning IT services providers, healthcare organizations and three other business sectors about a sophisticated cyberattack campaign that involves using stolen administrative credentials and implanting malware, including PLUGX/SOGU and RedLeaves, on critical systems.The alert notes that DHS' National Cybersecurity and Communications Integration Center "has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial victims have been identified in several sectors, including information technology, energy, healthcare and public health, communications and critical manufacturing."

Mac McMillan, president of the security consulting firm CynergisTek, says the threat is serious. "These attacks could lead to full network compromise, long-term undetected attacks, and compromise/exploitation of systems and data, essentially putting both operations and patient safety at risk," he says.