Hacker Group Targets Healthcare Providers

Uploaded on 2018-05-09 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Data security vendor Symantec is warning of a new and significantly dangerous hacker ring targeting large healthcare organisations in the United States, Europe and Asia.

“Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwempirs,” the vendor notes.

Orangeworm is looking for targets to engage in corporate espionage in healthcare and other industries. Targets are chosen carefully and deliberately with extensive planning before an attack is made, Symantec experts contend. Data from the security organisation suggests that healthcare is the top target for the hackers, it says that 39 percent of attacks have been aimed at healthcare organisations, with manufacturing, information technology, logistics and agriculture also in their crosshairs.

So far, Symantec has found Kwempirs malware placed on diagnostic imaging machines in healthcare organisations. Additionally, Orangeworm was observed to have an interest in machines used to assist patients in completing consent forms for required procedures.

The vendor acknowledges that exact motives of the Orangeworm group are unclear, but the company believes other industries have been targeted as part of a larger supply chain attack to enable Orangeworm to get access to healthcare organisations.

“While these industries appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organisations that provide support services to medical clinics, and logistical organisations that deliver healthcare products.”

The installed backdoor into an organisation collects information from the infected computer, which Symantec surmises can help a hacker know if the computer is used by a researcher or a higher-value target. 

“Once Orangeworm determines that a potential victim is of interest, it proceeds to aggressively copy the backdoor across open network shares to infect other computers.”  

Further, with healthcare’s reliance on older operation systems, particularly Windows XP, Orangeworm does not appear to be overly concerned about being discovered.

Information-Management

You Might Also Read: 

British Healthcare System Spends £150m Extra On Cybersecurity:

Cyber Attacks Focus On Healthcare:
 

« Re-Thinking The Threat Of Ransomware
How To Beat The Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

OneTrust

OneTrust

OneTrust is the largest and most widely used technology platform to operationalize privacy, security and third-party risk management.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

Pires Investments

Pires Investments

Pires is building an investment portfolio of high-tech businesses across areas such as Artificial Intelligence, Internet of Things, Cyber Security and Augmented/Virtual Reality.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

DarkFeed

DarkFeed

DarkFeed is a Threat Intelligence provider that monitors the darknet in real-time, where hackers and Cyber criminals are most active.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

DataProof Communications

DataProof Communications

DataProof Communications is Cybersecurity Company specialising in cybersecurity operations, incident management and response best practices and technologies.

SFY Information Technology

SFY Information Technology

SFY helps companies with Cyber Security and Managed IT, allowing them to focus on what really matters to them.

Cyberagentur (Cyber Agency)

Cyberagentur (Cyber Agency)

Cyberagentur is the Federal Agency in Germany for innovation in cybersecurity. Our mission is to advance research and groundbreaking innovations in the field of cybersecurity and related technologies.