Hacker Gang Pounces on Healthcare Industries

According to Symantec the security company, one fresh gang of hackers has been found attacking computer systems connected with the global and American healthcare industries.

The gang dubbed Orangeworm from Symantec employs customized malware, which the security company named Kwampirs and which infects healthcare providers' networks and also of related organizations. Symantec spotted the malicious program on PCs that regulates medical imaging machines such as MRI and X-ray machines, along with certain devices which patients use for completing consent forms necessary before staring medical treatments.

Importantly according to security researcher Jon DiMaggio with Symantec, Orangeworm clandestinely delivers Kwampirs a Windows-based malicious program that targeted approximately a hundred separate organizations. The highest count (17%) of victims belongs to the United States. Pcmag.com posted this, April 2, 2018.

Kwampirs is a backdoor that when installed on an organization garners data saved on the contaminated PC that Symantec analyzes would let a hacker to perceive whether the user of that PC is a researcher else some even more valuable target. As soon as Orangeworm figures out some victim of worth, the malware aggressively begins replicating the backdoor all over exposed network shares for contaminating more PCs, elaborates DiMaggio.

He further says that the hackers are especially inclined for Windows 95 PCs that enable them controlling MRI and X-ray devices. The malware manages controlling a PC from the remote after which it proliferates across a network.

DiMaggio speculates that the hackers attacked PCs and networks for illegally copying medical software from the infrastructures.

Symantec didn't identify Orangeworm members, however, stated that indications pointed to the attacker as a singe person else certain group of few persons and not any nation-state criminal. The security company has been helping the victims remove the infections, while it's clear from the incident that any organization is totally vulnerable. Worse still, the hackers could have planted memory-wiping malicious program onto the PCs, DiMaggio notes.

The security researcher urges enterprises for patching their legacy computers like Windows 95, while do segmentation of corporate networks to small-sized and more secure sub-networks - the process known as "network segmentation" in order that future attacks can be averted.

» SPAMfighter News - 4/27/2018