A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

A new group of hackers attacking the healthcare industry in the United States, Europe, and Asia have been discovered, according to the security firm Symantec. This new group, named “Orangeworm” by Symantec, are utilizing custom malware called “Kwampirs” to infect and compromise healthcare networks and equipment.

Which Devices are Being Targeted by Orangeworm?

This new custom malware has been detected inside the operating systems of medical imaging devices such as X-Ray & MRI machines, and devices used for digital patient consent forms.

The “Kwampirs” form of malware is designed to stay active for long periods of time in the equipment, which indicates that Orangeworm is interested in learning how these devices operate.

Trade Secrets Over Patient Data

Symantec believes that Orangeworm is not after sensitive patient data or interested in demanding a ransom from medical organizations, instead it appears that Orangeworm is carrying out some type of corporate espionage across the healthcare industry to attain trade secrets. Symantec has found traces of Orangeworm’s custom malware within the systems of pharmaceutical companies, healthcare IT firms, and medical equipment manufacturers.

It does not appear that these hackers are linked to any one government or nation, and right now there is no way to track the group’s origins.

How Does Kwampirs Malware Operate?

Surprisingly, Symantec reports that Orangeworm hasn’t discovered a new vulnerability or flaw in medical software. Instead, the hackers have mixed “social engineering” with previously known vulnerabilities to access medical networks. Once inside a network, the malware will aggressively propagate itself over shared networks.

This is a fairly outdated strategy for malware, but it is still effective on the medical community because older systems like Windows XP are still predominantly used among healthcare providers and organizations.

Protecting Your Healthcare Organization

This is just the latest example of the healthcare industry being a prime target for hackers and malware. In 2017, there were over 300 reported data breaches in the healthcare industry, with an estimated cost of over $1 billion!

If your healthcare organization or practice isn’t making data security and malware protection a priority, your systems may already be compromised. JDL Group can provide a full network diagnostic on your organization and identify any existing vulnerabilities or infections. Contact us today.

References

fastcompany.com
thehill.com
forbes.com

A New Hacker Group is Targeting the Healthcare Industry and Infecting Medical Equipment with Malware

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations

Battling Ransomware: 3 Tips for Health Care Organizations

Ransomware poses a very real threat to every health care organization in America. In the health care industry, 85% of organizations have experienced a ransomware attack, and that number continues to climb as criminals recognize the unique vulnerabilities in the health care industry. Motivated by patient safety, the potential damage to the reputation of their organizations, and the major financial impact of a ransomware attack, health care organizations are likely to pay quickly if compromised. There are things your organization can do to prepare itself for success in the battle.

1. Training Is Vital

Viral attacks almost always require someone to open the gates to allow entrance. Malicious email and sketchy websites lure the unsuspecting worker in your organization to allow entrance into your network. The most vulnerable link in your network is ultimately the end user. The fact is that you must provide training to your employees to help them spot threats – either to prepare them beforehand, or to respond to an attack afterwards.

Providing ongoing critical training in spotting and avoiding malware threats is the single most efficient way of protecting your organization. This training will not only guard you against ransomware but other kinds of malware as well. Threats from cyberattacks change constantly, so it is crucial to make training on recognizing current threat vectors a regular part of your organization’s culture.

2. Reassess Your Backup

Your network backup may well have been designed to protect you from outages, equipment failures, or natural disasters. Conduct a thorough audit of your backup systems for their ability to protect you from malicious threats as well. Ransomware often seeks out and compromises backup systems before making its presence known. Without regular backups to systems disconnected from your network, you may be vulnerable to an attack that compromises your entire system. Take steps to analyze your current backup and make changes as needed.

3. Make Updates a Priority

protecting health care organizations from ransomware NJ | NYCAs new attacks occur, software makers update software against exploited security vulnerabilities. Criminal hackers depend on the fact that your organization has failed to take the time to update your system to protect against that vulnerability. Finding new vulnerabilities and exploits is time-consuming and expensive for hackers. Make their work less rewarding by cutting off the easy routes into your network.

Update antivirus and malware protection on a constant basis. These programs are the fastest at updating protection against the latest threats. Operating system and browser updates should also happen as soon as possible when a patch is released. Internet content filters help avoid the latest malware infected websites. And don’t forget updates for health care-specific technologies. These may not update as frequently, but when they do, it is vital to implement the new patch as soon as possible.

4. Vigilance is the Price of Safety

Updating systems, training employees, and protecting your backups are effective for reducing your risk of infection. These measures take time, create short term inconveniences, and require organization and vigilance on your part. Acting now won’t guarantee you are invulnerable to attack, but is the right thing to do to safeguard your patients.

Contact Us

Don’t let your health care organization go unprotected another day. Contact us today.

Additional Resources:
https://news.brown.edu/articles/2017/09/ransomware
https://www.csoonline.com/article/3091080/security/the-rise-of-ransomware-in-healthcare.html#slide6

 

Battling Ransomware: 3 Tips for Health Care Organizations