Security News

Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education. To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.

The Philips Tasy EMR, used by hundreds of hospitals as a medical record solution and healthcare management system, is vulnerable to two critical SQL injection flaws. These are SQL injection flaws via two parameters, relying on the improper escaping of special characters in SQL commands.

The 5G healthcare market is projected to reach $3.667 million by 2026, at a CAGR of 76.3% between 2021 and 2026, according to MarketsandMarkets. This massive network will include billions of low-bitrates and low-energy connected health monitoring devices, remote sensors, and clinical wearables, with 5G providing a backbone infrastructure for IoT. The 5G in healthcare market is valued at an estimated $215 million in 2021 and is projected to reach $3.667 million by 2026, at a CAGR of 76.3% during the forecast period.

An "Aggressive" financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks. Cybersecurity firm Mandiant attributed the intrusions to a Russian-speaking hacker group codenamed FIN12, and previously tracked as UNC1878, with a disproportionate focus on healthcare organizations with more than $300 million in revenue, among others, including education, financial, manufacturing, and technology sectors, located in North America, Europe, and the Asia Pacific.

The healthcare IT market is estimated to grow by $121.75 billion between 2021 and 2025, growing at a CAGR of almost 10%, according to Technavio. Factors such as the rising need for automation across departments and the growing integration of big data with healthcare IT will drive the growth of the Healthcare IT Market during 2021-2025.

FIN12 is a prolific threat actor with a strong focus on making money that executes ransomware attacks since at least October 2018. FIN12 is characterized by skipping the data exfiltration step that most ransomware gangs have adopted to increase their chances of getting paid.

For the healthcare sector, the impact is far greater; cyberattacks can be a matter of life or death. While investing in these digital transformation technologies, the healthcare sector has yet to put the corresponding resources into cybersecurity to protect them.

Ponemon Institute surveyed 597 IT and IT security professionals to understand how COVID-19 has impacted how healthcare delivery organizations protect patient care and patient information from increasing virulent cyberattacks, especially ransomware. For the first time, this research shows that ransomware attacks on healthcare organizations may have life-or-death consequences.

These chronic security deficiencies leave too many healthcare professionals struggling to keep pace not only with threats, but also with other organizations, creating easy targets for attackers. Security breaches cannot be filled with "Shiny objects".

The 616 data breaches reported this past year to the US Department of Health & Human Services have resulted in the exposure / compromise of 28,756,445 healthcare records. "The effects of Covid-19, including hospitals at capacity and employee strain, have left the healthcare industry especially vulnerable. Some of the biggest threats to PHI include phishing and ransomware attacks, but also human error, a lag in network security, and blind spots in email encryption."