2 min read

US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations

Silviu STAHIE

May 06, 2020

US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations

An advisory from the US Department of Homeland Security (DHS) Cybersecurity, the Infrastructure Security Agency (CISA) and the UK”s National Cyber Security Centre (NCSC) warns of a coordinated attack against the healthcare industry and other essential services.

Advanced Persistent Threat (APT) groups are targeting numerous organizations, including healthcare bodies, pharmaceutical companies, academia, medical research organizations and local governments, especially those involved in national and international COVID-19 response teams.

APTs are usually groups backed by states or an actual state actor seeking to disrupt services, steal data, or spy on the activities of companies and even countries. Healthcare organizations are often hit because they host valuable health-related data. The pandemic makes them a prime target because APTs try to obtain information for domestic research into COVID-19-related medicine.

“These organizations” global reach and international supply chains increase exposure to malicious cyber actors,” reads the advisory. “Actors view supply chains as a weak link that they can exploit to obtain access to better-protected targets. Many supply chain elements have also been affected by the shift to remote working and the new vulnerabilities that have resulted.”

One method used in these attacks is called password spraying, in which bad actors try a brute force attack using common passwords. Since one of the most significant security issues consists of people who choose ridiculously easy passwords or reuse the same password on multiple services, the technique usually yields results.

Even if a single password works in an organization, it”s enough, especially for APT groups who are much more prepared than regular hackers. They can compromise the network, move laterally inside the company or institution if necessary, and access other credentials.

CISA and NCSC say that, as long the COVID-19 pandemic continues, any organization in the healthcare industry will carry extra risk. The two government institutions also presented several possible mitigations:

  • Update VPNs, network infrastructure devices and devices being used in remote work environments with the latest software patches and configurations.
  • Use multi-factor authentication to reduce the impact of password compromises.
  • Protect the management interfaces of your critical operational systems. In particular, use browse-down architecture to prevent attackers from easily gaining privileged access to your most vital assets.
  • Set up a security monitoring capability so you collect data that will be needed to analyze network intrusions.
  • Review and refresh your incident management processes.
  • Use modern systems and software. These have better security built in. If you cannot move off out-of-date platforms and applications straight away, there are short-term steps you can take to improve your position.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read