Cyber Attacks on Healthcare Sector Surged in Q4 2009

Security service provider "SecureWorks" lately claimed that hacking attempts targeted at its healthcare customers doubled in the final quarter of 2009 from an average of 6,500 per healthcare client a day in the first three quarters of 2009 to an average of 13,400 per client per day in the final quarter of 2009.

SecureWorks stated that healthcare companies usually store important details of patients like name, birth date, phone, billing address, social security number, insurance and financial account details, which make them a lucrative target for the hackers.

Furthermore, healthcare organizations have to give access to several external networks and Web applications to stay connected with their insurers, patients, business partners and employees. As per SecureWorks, this makes them highly vulnerable to cyber attacks.

In addition, in the fall of 2009, SecureWorks also started tracking a fresh wave of assaults indulging the recent version of Butterfly/Mariposa bot malware. When a system is attacked with the Butterfly malware, it can be exploited to steal the information stored by the browser of the victim.

SecureWorks also claimed that the malware can also initiate distributed denial of service attacks, spread through USB devices or peer-to-peer and download additional malware onto the infected system.

Moreover, SQL injection assaults abusing the vulnerabilities in companies' Web applications were reported in the fourth quarter of 2009. Actually, a resurrection of these attacks was seen in that quarter.

Security Researcher with SecureWorks' Counter Threat Unit, Hunter King, stated that SQL injection attacks were targeting authentic sites for distributing the Gumblar Trojan. Though SQL injection is a popular attack method, there have been news reports which claimed that it had been efficiently used by hackers to steal private details, as per the news published by prnewswire.com on January 26, 2010.

One of the latest cases reported was of American citizen Albert Gonzalez who was accused, along with two anonymous Russians, with the theft of 130 Million credit card numbers using SQL injection.

SecureWorks concluded that the only method to reduce cyber attacks is by using a set of information security rules.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 2/3/2010