Hacker Group Targets Healthcare Providers

Data security vendor Symantec is warning of a new and significantly dangerous hacker ring targeting large healthcare organisations in the United States, Europe and Asia.

“Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwempirs,” the vendor notes.

Orangeworm is looking for targets to engage in corporate espionage in healthcare and other industries. Targets are chosen carefully and deliberately with extensive planning before an attack is made, Symantec experts contend. Data from the security organisation suggests that healthcare is the top target for the hackers, it says that 39 percent of attacks have been aimed at healthcare organisations, with manufacturing, information technology, logistics and agriculture also in their crosshairs.

So far, Symantec has found Kwempirs malware placed on diagnostic imaging machines in healthcare organisations. Additionally, Orangeworm was observed to have an interest in machines used to assist patients in completing consent forms for required procedures.

The vendor acknowledges that exact motives of the Orangeworm group are unclear, but the company believes other industries have been targeted as part of a larger supply chain attack to enable Orangeworm to get access to healthcare organisations.

“While these industries appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organisations that provide support services to medical clinics, and logistical organisations that deliver healthcare products.”

The installed backdoor into an organisation collects information from the infected computer, which Symantec surmises can help a hacker know if the computer is used by a researcher or a higher-value target. 

“Once Orangeworm determines that a potential victim is of interest, it proceeds to aggressively copy the backdoor across open network shares to infect other computers.”  

Further, with healthcare’s reliance on older operation systems, particularly Windows XP, Orangeworm does not appear to be overly concerned about being discovered.

Information-Management

You Might Also Read: 

British Healthcare System Spends £150m Extra On Cybersecurity:

Cyber Attacks Focus On Healthcare:
 

« Re-Thinking The Threat Of Ransomware
How To Beat The Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

GuidePoint Security

GuidePoint Security

GuidePoint Security provide information security solutions that enable commercial and federal organizations to more successfully achieve their security and business goals.

Moran Cyber

Moran Cyber

Moran Cyber offers an innovative shipping-focused cyber security solutions platform.

Tenfold Software

Tenfold Software

Tenfold is the unique, centralized platform for managing user and permissions efficiently and automatically.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

URS Certification

URS Certification

United Registrar of Systems (URS Certification) is an independent certification body operating in more than 30 countries within the multinational URS Holdings.

Slovak National Accreditation Service (SNAS)

Slovak National Accreditation Service (SNAS)

SNAS is the national accreditation body for Slovakia. The directory of members provides details of organisations offering certification services for ISO 27001.

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling and Data Destruction protect the environment and your data with proven and trusted electronics recycling and data destruction services.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

guardDog.ai

guardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Xscale Accelerator

Xscale Accelerator

Xscale's vision is to create world-class startups out of India by transforming sales and providing access to global markets.

Tenet3

Tenet3

Tenet3's vision is to make optimal cyber strategy development tractable, data driven, with concrete success metrics. The result is cost effective cyber resilience for our customers.