April 26, 2018 at
While medical equipment in hospitals such as X-ray, MRI and CT scanners are not a new target for computer hackers, the reasons they are being hacked is a little more unexpected. Recent attacks do not appear to be in search of data theft and the personal details of patients, but to uncover the functions of the software employed for the use of medical equipment. One of the most highly speculated perpetrators is corporate spies in the pursuit of competitor’s secrets.
As the use of technology has soared in recent years, ways of staying protected from hacking have also endeavored to stay one step ahead of the hackers. This is evident in the focus on security in new operating systems, such as Windows 10, but unfortunately, much of the medical equipment used daily has failed to employ these safer systems, using long forgotten operating systems such as Windows 95. Hacking groups have been able to take advantage of this, and more than 100 healthcare companies have fell victim to malware viruses being planted by hacking groups such as Orangeworm, who have taken responsibility for these attacks.
Looking at the evidence compiled from internet security company Symantec, approximately 39 percent of the attacks on malware have been to healthcare companies. Other industries; IT, farming, and manufacturing have also been targeted, but not on such a large scale. Many parts of the medical industry have been made the target of groups such as Orangeworm, these range from healthcare providers to their suppliers. This provides more evidence that hacking groups are targeting the IT framework of medical companies.
Although the medical industry is a clear and often targeted victim of hackers, the aim of the attacks is not entirely apparent. Patient data has not been threatened, the usual tactics of hackers of threats and blackmail have not been perused, this leaves security companies such as Symantec wondering what the hackers are gaining from the attacks. One thing is clear though; the security in the medical industry is in desperate need of updating and strengthening. A lack of a clear aim by the hackers has led to much speculation over the aims of the hackers, PC Mag has hinted at the state is responsible, but security firms who do not consider the attacks sophisticated, think others could be responsible.
At current, the situation is creating confusion and a low-level of disturbance, but the potential of the disruption that could be created is alarming. If the attacks continue and escalate, records could be deleted, information stolen, and the threat to life-saving equipment could put people in danger. One thing is clear, the medical industry needs to heed the warnings of security experts, and update security before more damage is done.