It's probably no secret that targeted malware attacks are increasing. And in healthcare organizations, these are particularly prevalent. Roy Mellinger, CISO at WellPoint, recently noted that "We [all] started to see, eight to twelve months ago, an uptick in more focused attacks or attempts against healthcare systems coming from around the world."
Outside attacks from Advanced Persistent Threats (APTs) compound the risks inherent in EMRs. This type of malware attack represents an evolving threat to healthcare organizations' intellectual property, financial assets, and ultimately, their reputations. APT actors typically target specific organizations for a singular purpose, and attempt to gain a foothold in the target's environment, often through tactics such as spearphishing emails containing a web link or attachment. The attackers will then use the affected systems as a conduit into the target network and as a method to deploy additional tools that facilitate the fulfillment of their primary objectives.
SecureWorks' Counter Threat Unit has found that the healthcare industry is particularly vulnerable in recent months to many of the common threats, with many of the most prevalent Trojans affecting the healthcare industry at a greater rate than its peers in the banking, retail and manufacturing industries. This may be partially due to the attackers' strategy of using healthcare organizations as a "testing ground" for malware, before deploying it on targets in other industries. Healthcare organizations appear to be viable testing platforms for malware, due to a general lack of effective controls and high state of vulnerability throughout their networks.
For all you healthcare providers: Does this resonate with what you are seeing out there? Have you been the target of a recent advanced threat? How are you gaining visibility into these threats?