MEDJACK.3 Poses Advanced Threat to Hospital Devices
A newly discovered version of the "medical device hijack" attack targets older operating systems to bypass security measures and steal patient data.
A sophisticated zero-day attack through which hackers steal patient data, MEDJACK.3 is leaving medical devices like x-ray machines and MRI scanners vulnerable to cybercriminals.
TrapX Labs found medical devices provide backdoors for hackers to infiltrate healthcare networks because they are the hardest devices to secure and remediate after an attack. Cybercriminals use backdoors and botnets to exploit devices and enter networks. Because they use old malware to exploit older versions of Windows, they are undetected by endpoint security software.
Medical devices like MRI scanners and CT scanners on the hospital networks with older operating systems (Windows XP, Windows Server 2003) and newer ones (Windows 2008, 2012) are prime targets because hackers are using old malware spreaders to attack older operating systems without security patches. Attacks are architected in a way that new operating systems ignore because they have been patched against those spreading capabilities.
This is a major problem for the healthcare industry because most medical devices run old software. A high percentage of healthcare infrastructures already have these types of attacks resident in their medical devices; they just don't know it. It takes years for healthcare devices to get certified, and technology continues to change in the meantime. Once a device is certified on the Windows XP operating system, they won't go back through the multi-year process to get re-certified on an upgraded system.
The healthcare space is a hotspot for cybercriminals seeking easy access to sensitive patient data. Major Cyber attacks on the healthcare industry grew 63% in 2016. Sophisticated hackers were responsible for 31% of all major HIPAA data breaches in 2016, marking a 300% jump over the past three years.
Read the full article: http://www.darkreading.com/endpoint/medjack3-poses-advanced-threat-to-hospital-devices/d/d-id/1328172