ELEVATE YOUR HIPAA COMPLIANCE: Explore Our Enhanced Toolkit Today
Access Toolkit
Purchase Toolkit
Back to Blog

Hacking group targets healthcare industry worldwide

Cybersecurity firm Symantec announced this week that a hacking group called Orangeworm appears to have been targeting the healthcare industry in the United States, Europe, and Asia. Of all the companies hacked by the group, 39% have been related to health somehow, the company reports.

Orangeworm has been observed installing a custom backdoor called Trojan.Kwampirs.  This malware was found on machines which had software installed for the use and control of high-tech imaging devices such as X-Ray and MRI machines.

First identified in January 2015, Orangeworm has also conducted targeted attacks against organizations in related industries as part of a larger supply-chain attack in order to reach their intended victims, Symantec researchers report. Based on the list of known victims, Orangeworm does not select its targets randomly or conduct opportunistic hacking. Rather, the group appears to choose its targets carefully and deliberately, conducting a good amount of planning before launching an attack.

The Symantec report states: “We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare. Orangeworm’s secondary targets include Manufacturing, Information Technology, Agriculture, and Logistics.”

Kwampirs uses a fairly aggressive means to propagate itself once inside a victim’s network by copying itself over network shares. While this method is considered somewhat old, it may still be viable for environments that run older operating systems such as Windows XP. This method has likely proved effective within the healthcare industry, which may run legacy systems on older platforms designed for the medical community. Researchers went on to say that older systems like Windows XP are much more likely to be prevalent within this industry.

With news of this latest hack, don’t put off checking your specific anti-virus vendor’s protections and updates to make sure they are protecting you from this specific threat.  Do not assume they are up-to-date.

Contact the experts at PrivaPlan at info@privaplan.com for more information about this report and to let us know how we can be of help to you.

Related Posts

Recent Posts

Categories
Tags
AI Articles artificial intelligence Blog board Breach business associate CISO cyber risk cybersecurity cybersecurity awareness training electronic medical records email breach executive order Federal HIPAA Changes Final Rule health care health privacy HIPAA hipaa compliance HIPAA Training Meaningful Use Medicare multi-factor authentication OCR ONC passwords PHI phishing Policies & Procedures policies and procedures Privacy Quotes Ransomware Security Security Risk Analysis security training Service Technology Testimonials toolkit Training Materials two-step authentication website analytics website trackers

Get Started Today

Email us at info@privaplan.com or submit the form below:

Sign Up for Updates

Contact PrivaPlan

Telephone Sales & Support
505-466-1432  or
Toll Free: 1-877-218-7707
Fax: 505-466-3942

E-Mail Sales & Support
Customer Support: support@PrivaPlan.com
Sales: orders@PrivaPlan.com

Mailing Address:
PrivaPlan
5 Caliente Rd, Ste 3,
Santa Fe, NM 87508

© 2024 PrivaPlan Associates, Inc, all rights reserved.

FOLLOW US

Linkedin Envelope

Access PrivaPlan Toolkit

Click here to access

Access CMA-PrivaPlan Toolkit

Click here to access

Sign up for updates

  • Be Proactive In Compliance

Sign up. Learn about Compliance

Subscribe now for up-to-date information about privacy & security compliance! You’ll receive emails regarding news about compliance & alerts for new blog posts.