Privacy & Security

HHS warns of fresh WannaCry-like attacks after Microsoft, DHS reports

Microsoft has released new patches for Microsoft XP and Server 2003 systems while DHS pointed to an increase in North Korean cyber activity.
By Jessica Davis
June 19, 2017
02:46 PM

The U.S. Department of Health and Human Services issued a security alert to healthcare organizations on Thursday, warning of recently discovered Windows vulnerabilities and a new threat with WannaCry-like capabilities.

The alert is a response to two reports released last week by Microsoft and U.S. Department of Homeland Security.

DHS and FBI alerted to a threat called Hidden Cobra, which is targeting U.S. critical infrastructure, media, aerospace and financial sectors. Thus, HHS officials warned, “targeting of the healthcare and public health sector systems and devices in the U.S. is possible.”

[Also: WannaCry hackers just getting started, former federal CISO says]

The researchers found the IP addresses connected to a malware variant used to manage North Korea’s DDoS botnet infrastructure. The malicious activity dubbed Hidden Cobra covers all malicious North Korean cyber activity that include DDoS botnets, keyloggers, remote access tools and wiper malware.

Hidden Cobra has been in place since 2009 and commonly targets older, outdated and unsupported Microsoft operating systems. The most recent threat highlights the DDoS tool capable of launching DNS attacks, Network Time Protocol attacks and Character Generation protocol attacks.The malware operates on victims’ systems as a svchost-based service and can download executables, change its own configuration, update its binary, terminate its process and both activate and terminate DDoS attacks.

[Also: Here's what it was like to host a security forum when WannaCry hit the globe]

Microsoft made an unprecedented release of three patches last week for vulnerabilities in XP and Server 2003 that could leverage SMB flaws like those used in WannaCry. Two other vulnerabilities allow malicious code to spread through shared drives and networks.

The company said it hopes to combat potential nation-state activity and destructive cyberattacks like WannaCry and Hidden Cobra viruses with its release. However, in its warning, HHS said these patches won’t necessarily protect against Hidden Cobra, as it leverages a wide range of vulnerabilities.

“These vulnerabilities allow an attacker to remotely run programs or attacks on systems,” officials said. “This could allow an attacker to perform a wide range of actions including exfiltrating documents or data, or gain access to other internal systems via the local network once initial access is gained.”

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedI

Topics: 
Government & Policy, Privacy & Security

More regional news

Doctor charting in EHR

Telehealth, hybrid care adding to physicians' EHR workload

By
Nathan Eddy
May 02, 2024
UHG CEO Andrew Witty

UHG says it's rebuilding Change Healthcare with cloud-based security

By
Andrea Fox
May 02, 2024
Walmart store

Walmart announces closing of clinics and virtual care

By
Susan Morse
May 01, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

UHG CEO Andrew Witty
UHG says it's rebuilding Change Healthcare with cloud-based security

Most Read

WebMD acquires Healthwise to bolster patient engagement and growth
How the Change Healthcare cyberattack is straining providers, and what the government can do
HHS response to cash flow concerns from Change cyberattack inadequate, providers say
After Change Healthcare, more effort needed to avoid cyberattack chain reactions
HIMSSCast: Web apps are ubiquitous in healthcare – and come with vulnerabilities
EHR developers adopt FHIR-based oncology standardization

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Privacy & Security
Artificial Intelligence
Analytics

Video

Emily Barey at Epic_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Saying 'yes' to the possibilities of a health IT career
Abigail Norville at the Netherlands Ministry of Health_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How the Dutch health ministry takes innovation inspiration from other nations
Dr. Guido Giunti at Trinity College Dublin_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Novel digital therapeutics for MS empower patients
Kendall Brown at CenTrak_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How HIMSS membership can grow healthcare careers

More Stories

Doctors review practice finances
LLMs are not ready to automate clinical coding, says Mount Sinai study
Gustavo Adolfo Torres Becerra at Minsait__Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Healthcare organizations need interoperability to give residents preventative care
Digital render of a DNA helix
Pharmacogenomics could improve medication safety and reduce waste
Alfredo Almerares, clinical executive manager at InterSystems
How the 'human factor' drives successful healthcare technology adoption
Health professional at desktop computer
How AI-powered systems can help physician groups improve coding – and earn more
Nurse huddle with tablet
Nurses have a deep distrust of AI – but transparency and training could help
Dr. Jonah Feldman at NYU Langone Health System_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Want to reduce readmissions? Personalize digital discharge guides
Gabriel Garcia-Lopez at the Los Angeles LGBT Center Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
From HIMSS conference attendee to 2024 HIMSS Changemaker