Cybersecurity firm Malwarebytes is reporting a 60 percent increase in attacks involving Trojan malware in the healthcare industry.
Those threat detections are a reason for concern for 2020, according to the firm’s analysts, but many providers are not ready for the rising tide of these attacks.
The two most dangerous Trojan malware threats are Emotet and TrickBot. Emotet detections surged at the start of 2019 followed by a wave of TrickBot in the second half of the year, according to Adam Kujawa, director of Malwarebytes Labs.
“Emotet, TrickBot, exploit and backdoor detections targeting healthcare organizations are known to drop ransomware payloads later in their attack chains,” Kujawa explains. “For too long, these organizations have suffered with antiquated equipment and underfunded IT departments, making them especially vulnerable.”
Healthcare organizations in the western United States are more susceptible to attack. Kujawa can’t say with certainty if there is less data security awareness in the West than in other regions, but he notes that the South, Midwest and Eastern regions with larger business and industries protect their information systems more.
“Providers want applications and juicy data, which opens opportunities for bad actors to steal data,” he says. “Be aware of Internet of Things devices that are not being updated by developers, which introduces infection.”
Physician and nurse use of laptops on carts brings more challenges, Kugawa says. A person may bring an injured friend into the emergency department. While clinicians are focused on treating the patient, that friend could look at open data on a laptop or download information to a thumb drive.
In its research, Malwarebytes queried 800 healthcare organizations, and 89 percent of them said they had been breached. “That’s a huge number,” Kugawa says. What he most worries, however, is what comes in 2020 with a whole new batch of next-generation apps and other innovations. “Medical could be the top target for hackers in the first half of 2020.”
The bottom line, however, is that the industry is not ready for a flood of new threats during the next year, Kujawa contends. “You will need greater investment in the next year—a big investment—otherwise it’s just going to be blood bath. Put in more people and money to develop security methods.”