Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Medical Device Security. Show all posts

Indian Healthcare Website Hacked, stolen data for sale





US-based cyber-security firm FireEye discovered a hack into a leading Indian healthcare website, stealing more than 68 lakh data of both doctors and patients.

The FireEye did not name the website but said that the cybercriminals mostly from China are selling the stolen data in web portals around the world.

"In February, a bad actor that goes by the name "fallensky519" stole 6,800,000 records associated with an India-based healthcare website that contains patient information and personally identifiable information (PII), doctor information and PII and credentials," FireEye said in its report shared with IANS.

According to FireEye, in between October 1, 2018, and March 31, 2019, their intelligence team stumbled upon on multiple healthcare-associated databases which were for sale in $2,000.

"In particular, it is likely that an area of unique interest is cancer-related research, reflective of China's growing concern over increasing cancer and mortality rates, and the accompanying national health care costs," the cyber-security agency noted.

"Targetting medical research and data from studies may enable Chinese corporations to bring new drugs to market faster than Western competitors," the report claimed.

Cyber attacks on medical institutions have become more frequent in Russia


Kaspersky Lab has discovered a series of targeted attacks on large public health institutions in Russia.

The number of hacker attacks on Russian medical institutions has doubled this year. According to Kaspersky Lab, ten major Russian state medical institutions were attacked in spring 2019. The identity of the hackers is still unknown, but the Kaspersky Lab believes that the attackers speak Russian fluently but are outside the country.

The main purpose of the attackers is to collect financial documents, contracts for expensive treatment, invoices and other important documentation.

Spy software CloudMid has infected computers. Kaspersky lab notes that this is "unique malware" that the company has not met before. CloudMid is sent by e-mail and disguised as a VPN client of one of the Russian companies. After installing CloudMid, the program proceeds to collect documents on the infected computer, for which, in particular, it takes screenshots several times a minute.

It is known that the mailing did not become mass, only some organizations received messages.

The anti-virus expert of Kaspersky Lab Dmitry Kuznetsov says: "Cyber attackers began to be interested in the health sector. In this case, the attacks were not well technically developed, but they were targeted, and the attackers still managed to get what they wanted.”

Another expert at Kaspersky Lab, Alexey Shulmin, added that such attacks would be repeated.

Evgeny Gnedin, the head of the Analytics Department of Positive Technologies, said that hacker attacks on medical institutions are becoming a dangerous trend. The expert believes that the low level of security is primarily due to the insufficient allocation of funds for information security in medical organizations. So the attacks on medical institutions will remain relevant in the second half of 2019.

According to Andrey Arsentiev, the analyst of the group of companies InfoWatch, cybercriminals have formed groups specializing in attacks of medical institutions, which are aimed primarily at an extensive network of clinics with large volumes of structured personal data of patients.

"Protected medical information is one of the most liquid information on the black market, the cost of one record in some cases can be hundreds or even thousands of dollars. In some other cases, hackers may be interested in research conducted in large medical centers, "said the expert.