A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.
Which Devices are Being Targeted by Orangeworm?
This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.
The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.
Trade Secrets Over Patient Data
Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.
It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.
How Does Kwampirs Malware Operate?
Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.
This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.
Protecting Your Healthcare Organization
This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!
If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.