CISA released an ICS Medical Advisory regarding the PwnedPiper vulnerabilities that impact pneumatic tube systems (PTS) in the U.S. Specifically, these vulnerabilities affect the Translogic PTS system by Swisslog Healthcare. PwnedPiper is among the rising threats targeting healthcare organizations over the past year and poses a huge risk to patients and the organization.

Healthcare organizations are targeted by threat actors because of the sensitive information that is continuously being shared and how important that information is to safety of their patients. For instance, for a hospital to provide care to patients they require access to patient data for history, allergies, etc. In many instances hospitals cannot delay care so, if they are hit with a ransomware attack, the orgnaization is more likely to quickly pay the ransom to unencrypt their data. Attackers see healthcare organizations as a guaranteed pay out if they are successful.

Many of the ransomware attacks on hospitals are successful because best security practices are not being followed. Practicing the principle of least-privilege, requiring VPN connection for remote users, implementing MFA, having a MDR solution, and educating users on password best practices and phishing are some of the top security items that can help protect your organization from a ransomware attack. It is also important to know how your organization would stand up against an attacker.

Having a third-party perform a penetration test on your environment will show where the holes in security are and what steps are needed to mitigate the risk of an attack. BlueOrange offers penetration testing of all levels to make sure you’re aware of your organization’s risk level.