H-ISAC warns users to be wary of remote desktop traffic.
TeamViewer has said that it has “detected an irregularity” in its internal corporate IT environment.
With no determining words that this was any sort of cyber attack, the company issued a statement this week saying it immediately activated its response team and procedures, started investigations together with a team of globally renowned cybersecurity experts and implemented necessary remediation measures.
There were no details on who may have been behind the intrusion, or what was accessed or taken, but it would provide status updates as and when new information becomes available.
A post by the American Hospital Association, said the Health Information Sharing and Analysis Center (H-ISAC) issued a threat bulletin alerting the health sector to active cyberthreats exploiting TeamViewer.
The H-ISAC recommended users review logs for any unusual remote desktop traffic, especially as “threat actors have been observed leveraging remote access tools.”
TeamViewer said its internal corporate IT environment is completely independent from the product environment, and “there is no evidence to suggest that the product environment or customer data is affected.”
“Investigations are ongoing and our primary focus remains to ensure the integrity of our systems,” it concluded.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.