Old malware threatens connected medical equipment

4 July 2016
According to security company TrapX, the health care sector has become one of the most threatened industries when it comes to malware, cyberattacks et cetera.  It is under attack more these days than are industries such as financials and retailing.

A good example of this threat is a new version of Conficker that is specifically targeting connected medical equipment. The threat is serious, because a lot of connected equipment in for example hospitals have low levels of security, TrapX states in a press release concerning the report Anatomy of an Attack – Medical Device Hijack 2” (MEDJACK 2).

Often these devices push to or receive data from databases (like EHR’s) full of patient information. If they have been infected with malware, cybercriminals can gain access to the patient information. Mostly these days that is the ‘gold’ cybercriminals are after. They have little or no interest in seizing medical equipment in order to hurt patients, though it’s possible ransomware can infect a device, making hospitals pay money if they want to use a device again.

But the patient information – records concerning e.g. someones medical history – is a much bigger source of money these days. This information makes identity theft and fraude possible. Cybercriminals could for example get the costs for expensive medicine reimbursed. And because the level of security is usually lower then when credit card data is concerned, the ratio between costs and benefits is a lot better.

Recently Deloitte research pointed out that hospitals have a long way to go in getting up to speed with securing their connected equipment. Of 24 hospitals surveyed in nine countries, more than have use only standard passwords (default settings) to secure connected equipment.