Healthcare sector warned of poor cyber hygiene; CISA doles out remedy advice

Organizations in the healthcare and public health sector have been urged by the Cybersecurity and Infrastructure Security Agency to mitigate cybersecurity threats by strengthening account passwords and authentication methods, as well as ensuring the adoption of the latest patches and software, following the discovery of security lapses in an unnamed health entity leveraging on-prem software during a two-week penetration test, SecurityWeek reports. Despite having adequate defenses against unauthorized initial access or phishing due to its implementation of multi-factor authentication and restricted external-facing resource access, the health organization could have its domains compromised due to misconfigurations and default passwords, according to CISA. In addition to having a web server that failed to limit the permissions of authenticated users, the organization was also discovered by CISA to have systems without SMB signing enforcement while leveraging excessive network services and a service account with more privileges than needed.