H-ISAC warns users to be wary of remote desktop traffic.
TeamViewer has said that it has “detected an irregularity” in its internal corporate IT environment.
With no determining words that this was any sort of cyber attack, the company issued a statement this week saying it immediately activated its response team and procedures, started investigations together with a team of globally renowned cybersecurity experts and implemented necessary remediation measures.
There were no details on who may have been behind the intrusion, or what was accessed or taken, but it would provide status updates as and when new information becomes available.
A post by the American Hospital Association, said the Health Information Sharing and Analysis Center (H-ISAC) issued a threat bulletin alerting the health sector to active cyberthreats exploiting TeamViewer.
The H-ISAC recommended users review logs for any unusual remote desktop traffic, especially as “threat actors have been observed leveraging remote access tools.”
TeamViewer said its internal corporate IT environment is completely independent from the product environment, and “there is no evidence to suggest that the product environment or customer data is affected.”
“Investigations are ongoing and our primary focus remains to ensure the integrity of our systems,” it concluded.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
