Kaspersky Lab: Hackers for hire dangle attacks against medical organizations
Hacking for hire groups have added healthcare sector to their portfolio of services on the dark web, proving that medical data continues to be among the hottest commodities online. Kaspersky’s research reveals that the base price has gone so cheap, depending on the type of breach or goods an anonymous customer requires.
The dark web is made of anything that is not commonly indexed on the surface web. To be able to get into this hidden part of the web, a user should use a special software such as Tor. Tor stands for “the onion router” and is a method for anonymizing data.
Based on the research of the global cybersecurity company, hospital and healthcare infiltrations are among the newest services being offered by anonymous hacking groups, alongside targeted attacks and cyberespionage against specific countries as well as infections to gain energy and maritime information.
“With the healthcare sector a bit lagging in terms of their cybersecurity capabilities, we observe that hacking groups are now off to exploit this fact by adding medical information and hospital attacks to their services list publicly available on the dark web. Any organizations, individuals, and companies can be their potential customers since these cybercriminals are offering various services,” comments Seongsu Park, security researcher at Kaspersky.
Park also noted that medical records can be considered more valuable than a simple credit card. This is because a hospital generally requires a patient’s personal and financial credentials before a check-up or an admission.
“Based on the indications and patterns we have seen and are still seeing on the dark web, the main purpose of the individuals behind these hacking groups is to sell the medical information to another crime group or to any individual who aims to access confidential medical data. It is quite alarming that we are increasingly coming across such active advertisements, which can either mean this illegal practice has turned into a normal type of business or the demand for such attacks are becoming increasingly high,” adds Park.
The motives of the buyers, according to Park, can include calling scam, identity and monetary theft, as well as blackmailing and any derived crimes. Such malicious actions are possible with the amount of records and confidential data hacking for hire groups can harvest illegally from the affected health institutions. When it comes to the possible customer profiles, the nature of the dark web being anonymous opens the possibility that it could be anyone – from a new hacker, to an enterprise, or even a nation-backed cyberespionage group.The hospital loopholes and how to secure them
The current threats posed against the healthcare sector show how more and more malicious actors are targeting the industry. To be able to help protect these organizations and their patients, Kaspersky names the possible security loopholes and how to build their defenses below:
1. Exposed vulnerable servers and patient records
-
The security challenge: These vulnerabilities are usually unintentional and are the result of misconfiguration or unconcern.
- The suggested solutions:
- Kaspersky suggests healthcare organizations to identify the important data they are storing and to figure out how they can protect them.
- Increased in education in terms of cybersecurity is also needed so the workforce could know the do’s and don’ts and the signs of a cyber incident. This could be done through a series of Security Awareness Training.
2. Complex and ultra-connected medical devices
-
The security challenge: The functions of medical devices are becoming diverse and complex. Many medical devices are also being connected to the network without considering its security.
-
The suggested solutions:
- An assessment of the hospital or healthcare facilities’ devices and networks should be done to review the access policies and the exposure of the devices to the internet.
- Follow the basic rules including keeping all software up to date and institute a strong password policy for devices connected to the web.
- For added layer of security, it is suggested to employ real-time and in-depth threat intelligence as well as holistic cybersecurity solutions into a medical organization’s IT infrastructure.