SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
24 Apr 2018

Advanced hackers infect X-Ray machines in healthcare espionage

Yet another hacker crew has been battering the healthcare industry in recent months.

But rather than just aim for the PCs, its also gotten footholds on the computers controlling X-Ray, MRI and other medical machines, according to a report from Symantec on Thursday.

The hacker group, dubbed Orangeworm, is mainly targeting American healthcare organizations, though there are a number of victims worldwide, including in Asia and Europe. But rather than do anything destructive, Orangeworm is likely using leverage on those medical devices - designed to process and view images from X-Ray and MRI machines - to learn more about them as part of an ongoing corporate espionage operation, Symantec said.

"Due to the fact that the attacks attempted to keep infections active for long periods of time on these devices, it's more likely the group are interested in learning how these devices operate. We have not collected any evidence to suggest the attackers have planned to perform any sabotage type activities at this time," said Alan Neville, Symantec researcher.

That's not to say the attackers couldn't carry out more aggressive attacks. Once they've successfully infected a computer with their malware, called Kwampirs, "the attackers have the ability to extend the malware’s functionality by downloading and executing additional modules in memory," Neville added. "These modules may be customized to the victim’s environment to assist the attackers in performing any desirable action on these devices," he said. Adding to the intrigue, Orangeworm also showed an interest in "machines used to assist patients in completing consent forms for required procedures," Symantec wrote.

But Orangeworm hasn't just targeted healthcare. Secondary targets included manufacturing, information technology, agriculture and logistics. Many had links to the healthcare industry, Symantec added. The hackers have also been remarkably targeted, with victims in the tens across 2016 and 2017.

Mysterious worm

The researchers haven't been able to track down Orangeworm's nationality. And, though such espionage might appear to be the work of a government, Symantec said it was unlikely. "While Orangeworm is known to have been active for at least several years, we do not believe that the group bears any hallmarks of a state-sponsored actor—it is likely the work of an individual or a small group of individuals. There are currently no technical or operational indicators to ascertain the origin of the group," the company wrote in a blog post Monday.

This isn't the first time hackers have found their way onto medical devices. Back when the WannaCry ransomware hit hospitals across the world, it found its way onto Bayer Medrad radiology equipment. And cybersecurity researchers have long warned about the vulnerability of medical machines, with even pacemakers and insulin pumps easily prized open by researchers. But now, with Orangeworm, it's clear such tech is actively being targeted by surreptitious hackers.

Tags:
information leaks surveillance
Source:
Forbes
1680
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015