Hackers can cause catastrophic and sometimes even deadly results no matter who or what is targeted – businesses (see 1, 2, 3), community governments, hospitals (see 1, 2), medical devices (see 1, 2) personal devices (see 1, 2, 3), security systems and other “Smart” home devices (see 1, 2, 3), utility companies (see 1, 2, 3, 4, 5), and/or utility “Smart” Meters (see 1, 2). One researcher explains how cyberattacks are affecting the healthcare industry more than ever and why patients should be concerned (especially those with medical implants).
From Threat Post:
Why Healthcare Keeps Falling Prey to Ransomware and Other Cyberattacks
Nate Warfield, CTO of Prevailion and former Microsoft security researcher, discusses the many security challenges and failings plaguing this industry.
The healthcare industry is under attack like never before.
What started as a surge in criminal activity during the early days of the coronavirus pandemic has now metastasized into a full-blown crisis within the healthcare industry worldwide. The recent disruptive ransomware attacks on Scripps Health in San Diego, Ireland’s national health service and Waikato hospitals in New Zealand demonstrate the global nature of the threat, and the pervasive level of risk within this industry.
Healthcare has long been a target of cybercriminals, due to its valuable personal and financial data. However, the shift to more aggressive and destructive tactics – like ransomware extortion and double-extortion – is putting an incredible burden on this critical service sector.
While COVID-19 put a tremendous strain on the healthcare system, stretching staff and budgets to the breaking point, in most cases the attackers have been exploiting the same security shortcomings that have long plagued this industry.
Electronic Health Records: An Expanding Attack Surface
Healthcare’s attack surface has grown considerably over the last two decades, particularly with the adoption of electronic health records (EHRs), wireless medical devices and the advent of telemedicine and remote work, both of which were sped up by the pandemic.
The transition to EHRs has made ransomware and data-theft attacks far more costly and damaging for healthcare institutions. It has also increased the likelihood that a cyberattack will be disruptive to a hospital’s basic operational ability.
New connectivity features in medical devices means critical equipment is now more directly exposed to attackers.
The rush to enable remote work has made it easier for hackers to backdoor healthcare networks through the employees. Of particular concern is the widespread use of remote desktop protocols (RDPs) and remote access VPNs by hospital staff. Both technologies pose substantial risks to organizations if software vulnerabilities are exploited or the attackers target end users directly.
Researchers have found that Ryuk ransomware is increasingly targeting RDPs, particularly in the healthcare sector. Throughout 2020, hackers increased their targeting of RDPs by 768 percent, along with remote access VPNs. The hacker TrueFighter was documented in an attempt to sell admin level access to one hospital for $3,000.
Ransomware criminals have also been exploiting VPN vulnerabilities in Citrix ADC controller and Pulse Connect Secure to get access to hospital networks.
Unpatched Systems, Legacy Devices…
Also in regard to medical implants, both Apple and the Food and Drug Administration (FDA) have issued warnings that cell phones, smart watches, and other wireless devices can cause interference issues with implants (see 1, 2).
Activist Post reports regularly about unsafe technology. For more information, visit our archives.
Provide, Protect and Profit from what’s coming! Get a free issue of Counter Markets today.