DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

Health IT Homepage

Ramsoft partners with QliqSOFT Enables secure messaging of information on mobiles among doctors and patients

Amazon Comprehend Medical to bring natural language processing to healthcare A new HIPAA-eligible machine learning service

Agfa showcases rad/fluoro DR 800 system at RSNA Enhance patient and operator comfort

EBM Technologies brings PACS image viewing to iPad Pro at RSNA System works with any PACS, enabling FDA-cleared remote reading

Arterys touts cloud-native platform and regulatory approval in 98 countries AI capabilities with 'unmatched' security

Carestream unveils interactive multimedia and workflow enhancements Enhancing collaboration and productivity among providers and patients

Nuance launches AI Marketplace expansion with 40+ AI radiology 'app developer' network Also unveils cloud-based version of PowerScribe One reporting platform

University of Utah Health among first to leverage Philips Illumeo PACS with adaptive intelligence On display at RSNA

Siemens unveils syngo Virtual Cockpit software for CT, MR and PET at RSNA Offers remote expert technicians when needed

Intelerad acquires Clario for PACS-agnostic worklist capabilities Will ramp up presence in Seattle to leverage cloud technology expertise

Orangeworm hackers exploit legacy imaging software in healthcare assault

by Thomas Dworetzky , Contributing Reporter
There's a new hacking group out there setting its sights on the lucrative healthcare sector, says cyber-watcher Symantec, and it isn't choosing its victims at random.

A new report says that the Orangeworm cadre is taking aim at the medical sector in the U.S., Europe and Asia. The attackers are using the Kwampirs backdoor – technically installing Trojan.Kwampirs inside the computer networks of targeted organizations.

Story Continues Below Advertisement

RamSoft PowerServer™ RIS/PACS - Enabling Efficient Diagnostic Imaging

RamSoft's PowerServer™ RIS/PACS is an intuitive, single database application that enables healthcare practices to operate diagnostic imaging more efficiently than ever before.Why is this important? Click to find out.



Orangeworm has also attacked related industries as part of a larger assault on supply chain. Known victims include healthcare providers, pharmaceutical concerns, IT solution providers for healthcare, and equipment manufacturers that serve the healthcare industry, “likely for the purpose of corporate espionage,” warned Semantic.

Orangeworm, first spotted in 2015, chooses its targets carefully and then takes time to plan out its attacks.

“According to Symantec telemetry,” says the company in its statement, “almost 40 percent of Orangeworm’s confirmed victim organizations operate within the healthcare industry.

The Kwampirs malware was spotted in software in X-ray and MR machines. The attackers have also shown interest in breaking into computers used to collect patient data, complete forms and get patient consent.

“We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare,” warns the company.

It has found secondary targets in manufacturing, IT, agriculture, and logistics, which may appear unrelated, but the watchdog noted that “we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organizations that provide support services to medical clinics, and logistical organizations that deliver healthcare products.”

Once Orangeworm infiltrates a network, it loads in the Kwampirs Trojan horse, which can collect data in order to determine if it has found a “high-value target,” says Symantec.

The firm also noted that while Orangeworm has been around for a number of years, “we do not believe that the group bears any hallmarks of a state-sponsored actor. It is likely the work of an individual or a small group of individuals.”

This is hardly the only recent example of cyber-hacking in the healthcare sector.

In March at HIMSS, the lessons from the front lines of the WannaCry attack, which unleashed ransomware onto over 300,000 computers around the globe, were reviewed by Kristopher Kusche, vice president and chief information security officer at Albany Medical Center (AMC).

“Because of our position and because of the way we have elaborated our infrastructure not to keep up with sectors like banking, we have become targets, accidental targets,” he said, adding that, “there’s not one federal agency that will say that health care was in the attack vector on these things. We weren’t in the plan. These things wouldn’t have targeted us, which kind of makes it a little more difficult, because these things were random. Now, we have to protect against everything because we’re not the target, we’re not the target of this stuff. But where somebody finds a hole, they take advantage of it.”

Health IT Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2018 DOTmed.com, Inc.
ALL RIGHTS RESERVED