dismiss

Clean Sweep Live Auction on Wed. May 1st. Click to view the full inventory

DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Pediatrics
SEARCH
Endroit courant :
>
> This Story


Ouverture ou Registre to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

Health IT Homepage

HHS releases second draft of TEFCA for nationwide interoperability Requirements for sharing electronic health information

Want to reduce readmissions? Let’s start with keeping patients healthier Insights from Robin Hill, chief clinical officer at Vivify Health

Decision support software could reduce scans by 6 percent: MIT researchers Prevent overuse of powerful and costly imaging exams

CMS to add more telehealth benefits to Medicare Advantage plans Aiming for greater flexibility, lower costs

Fredrik Palm ContextVision appoints new CEO

Trice Imaging connects imaging devices of large chain healthcare provider Aleris Patients and physicians can view images on laptops, cell phones

Three recommendations to better understand HIPAA compliance Approximately 70 percent of organizations are not HIPAA compliant

Researchers orchestrate malware attack to expose imaging vulnerabilities Deceived radiologists and AI algorithms into misdiagnoses

How hyper-targeting patient communications can improve medication adherence Providing specific messages can make a world of difference

Sound Imaging launches MR patient motion and detection system, SAMM MD Reduces repeat scans, prevents interruption to workflow

Orangeworm hackers exploit legacy imaging software in healthcare assault

par Thomas Dworetzky , Contributing Reporter
There's a new hacking group out there setting its sights on the lucrative healthcare sector, says cyber-watcher Symantec, and it isn't choosing its victims at random.

A new report says that the Orangeworm cadre is taking aim at the medical sector in the U.S., Europe and Asia. The attackers are using the Kwampirs backdoor – technically installing Trojan.Kwampirs inside the computer networks of targeted organizations.

Story Continues Below Advertisement

THE (LEADER) IN MEDICAL IMAGING TECHNOLOGY SINCE 1982. SALES-SERVICE-REPAIR

Special-Pricing Available on Medical Displays, Patient Monitors, Recorders, Printers, Media, Ultrasound Machines, and Cameras.This includes Top Brands such as SONY, BARCO, NDS, NEC, LG, EDAN, EIZO, ELO, FSN, PANASONIC, MITSUBISHI, OLYMPUS, & WIDE.



Orangeworm has also attacked related industries as part of a larger assault on supply chain. Known victims include healthcare providers, pharmaceutical concerns, IT solution providers for healthcare, and equipment manufacturers that serve the healthcare industry, “likely for the purpose of corporate espionage,” warned Semantic.

Orangeworm, first spotted in 2015, chooses its targets carefully and then takes time to plan out its attacks.

“According to Symantec telemetry,” says the company in its statement, “almost 40 percent of Orangeworm’s confirmed victim organizations operate within the healthcare industry.

The Kwampirs malware was spotted in software in X-ray and MR machines. The attackers have also shown interest in breaking into computers used to collect patient data, complete forms and get patient consent.

“We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare,” warns the company.

It has found secondary targets in manufacturing, IT, agriculture, and logistics, which may appear unrelated, but the watchdog noted that “we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organizations that provide support services to medical clinics, and logistical organizations that deliver healthcare products.”

Once Orangeworm infiltrates a network, it loads in the Kwampirs Trojan horse, which can collect data in order to determine if it has found a “high-value target,” says Symantec.

The firm also noted that while Orangeworm has been around for a number of years, “we do not believe that the group bears any hallmarks of a state-sponsored actor. It is likely the work of an individual or a small group of individuals.”

This is hardly the only recent example of cyber-hacking in the healthcare sector.

In March at HIMSS, the lessons from the front lines of the WannaCry attack, which unleashed ransomware onto over 300,000 computers around the globe, were reviewed by Kristopher Kusche, vice president and chief information security officer at Albany Medical Center (AMC).

“Because of our position and because of the way we have elaborated our infrastructure not to keep up with sectors like banking, we have become targets, accidental targets,” he said, adding that, “there’s not one federal agency that will say that health care was in the attack vector on these things. We weren’t in the plan. These things wouldn’t have targeted us, which kind of makes it a little more difficult, because these things were random. Now, we have to protect against everything because we’re not the target, we’re not the target of this stuff. But where somebody finds a hole, they take advantage of it.”

Health IT Homepage


You Must Be Logged In To Post A Comment

Publicité
Développez la notoriété de votre marque
Enchères + Ventes Privées
Obtenir le meilleur prix
Acheter des équipement / pièces
Trouver le meilleur prix
Infos du jour
Lire Les dernières nouvelles
Annuaire
Consulter tous les utilisateurs DOTmed
Éthique concernant DOTmed
Voir notre programme d'éthique
L'or partie le programme de fournisseur
Recevoir des demandes PH
Programme de marchand de service d'or
Recevoir des demandes
Fournisseurs de soins de santé
Voir tous les outils des HCP (abréviation pour les professionnels de la santé)
Les travaux/Formation
Trouver / combler un poste
Parts Hunter +EasyPay
Obtenir des devis de pièces
Certification Récentes
Voir les utilisateurs récemment certifiés
Evaluation Récentes
Voir les utilisateurs récemment certifiés
Central de location
Louer de l’équipement à moindre prix
Vendre des équipements / pièces
Obtenir le maximum d'argent
Service le forum de techniciens
Trouver de l'aide et des conseils
Simple demande de propositions
Obtenir des devis pour des appareils
Expo Virtuelle
Trouver des services d'appareils
L'Access et l'utilisation de cet emplacement est sujet aux modalités et aux conditions du notre de nos MENTIONS LEGALES & DONNEES PERSONELLES
Propriété de et classe des propriétaires DOTmedà .com, inc. Copyright ©2001-2019 DOTmed.com, Inc.
TOUS DROITS RÉSERVÉS