Take our Salary Survey for a chance to win prizes! | Take the Survey

Hackers Using Imagers to Access Your Data

Hackers Using Imagers to Access Your Data

Your imaging machine may be looking through more than your patients.
The data company Symantec warns providers and facilities that a hacker group named Orangeworm is using software used to control X-ray and magnetic resonance imaging (MRI) machines to access personal health information (PHI) and other data. Symantec admits the exact motives of the group are unclear.

Hackers Favoring Healthcare

While attacking industries all over the world, Orangeworm’s Kwampers malware is largely being found on healthcare systems. The group, Symantec reports, has an interest in machines in used to assist patients in competing consent forms for required procedures, such as kiosks and pad computers.
Symantec said, “We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare. Orangeworm’s secondary targets include Manufacturing, Information Technology, Agriculture, and Logistics. While these industries may appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organizations that provide support services to medical clinics, and logistical organizations that deliver healthcare products.”
Once Orangeworm bores its way into a victim’s network, they deploy Trojan. Kwampirs, providing the shady organization with remote access to the compromised computer. Resourceful, it evades hash-based detection but doesn’t seem to exhibit any concern about being discovered.

Hackers LOVE Older Machines

Symantec warns that, “Kwampirs uses a fairly aggressive means to propagate itself once inside a victim’s network by copying itself over network shares. While this method is considered somewhat old, it may still be viable for environments that run older operating systems such as Windows XP. This method has likely proved effective within the healthcare industry, which may run legacy systems on older platforms designed for the medical community. Older systems like Windows XP are much more likely to be prevalent within this industry.”

Kill Hackers with Compliance

Make sure your compliance plan includes up-to-date security, both installed on computers and your organization’s IT equipment. Check to assure your IT staff is aware of this threat.

Brad Ericson
Latest posts by Brad Ericson (see all)

About Has 338 Posts

Brad Ericson, MPC, CPC, COSC, is a seasoned healthcare writer and editor. He directed publishing at AAPC for nearly 12 years and worked at Ingenix for 13 years and Aetna Health Plans prior to that. He has been writing and publishing about healthcare since 1979. He received his Bachelor's in Journalism from Idaho State University and his Master's of Professional Communication degree from Westminster College of Salt Lake City.

Comments are closed.