Bangalore, March 12, 2018: Health care experiencesd 211% increase in disclosed security incidents in 2017, finds Device-to-cloud cybersecurity company, McAfee.
The company has released its McAfee Labs Threats Report: March 2018, examining the growth and trends of new malware, ransomware, and other threats in Q4 2017. Although publicly disclosed security incidents targeting health care decreased by 78% in the fourth quarter of 2017, the sector experienced a dramatic 210% overall increase in incidents in 2017. Through their investigations, McAfee Advanced Threat Research analysts conclude many incidents were caused by organizational failure to comply with security best practices or address known vulnerabilities in medical software. McAfee Advanced Threat Research analysts looked into possible attack vectors related to health care data, finding exposed sensitive images and vulnerable software. Combining these attack vectors, analysts were able to reconstruct patient body parts, and print three-dimensional models.
“Health care is a valuable target for cybercriminals who have set aside ethics in favor of profits,” said Christiaan Beek, McAfee Lead Scientist and Senior Principal Engineer. “Our research uncovered classic software failures and security issues such as hardcoded embedded passwords, remote code execution, unsigned firmware, and more. Both health care organizations and developers creating software for their use must be more vigilant in ensuring they are up to date on security best practices.”
McAfee Labs saw on average eight new threat samples per second, and the increasing use of fileless malware attacks leveraging Microsoft PowerShell. The Q4 spike in Bitcoin value prompted cybercriminals to focus on cryptocurrency hijacking through a variety of methods, including malicious Android apps.
“The fourth quarter was defined by rapid cybercriminal adoption of newer tools and schemes—fileless malware, cryptocurrency mining, and steganography. Even tried-and-true tactics, such as ransomware campaigns, were leveraged beyond their usual means to create smoke and mirrors to distract defenders from actual attacks,” said Raj Samani, McAfee Fellow and Chief Scientist. “Collaboration and liberalized information-sharing to improve attack defenses remain critically important as defenders work to combat escalating asymmetrical cyberwarfare.”