Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has been detected in pharmaceutical organizations in Vietnam, aimed at stealing precious drug formulas and business information.

 

PlugX malware is a well-known remote access tool (RAT). It is usually spread via spear phishing and has previously been detected in targeted attacks against the military, government and political organizations. The RAT has been used by a number of Chinese-speaking cyber threat actors, including Deep Panda, NetTraveler or Winnti. In 2013, it was discovered that the latter – responsible for attacking companies in the online gaming industry – had been using PlugX since May 2012. Interestingly, Winnti has also been present in attacks against pharmaceutical companies, where the aim has been to steal digital certificates from medical equipment and software manufacturers.

 

PlugX RAT allows attackers to perform various malicious operations on a system without the user’s permission or authorization, including – but not limited to – copying and modifying files, logging keystrokes, stealing passwords and capturing screenshots of user activity. PlugX, as with other RATs, is used by cyber criminals to discreetly steal and collect sensitive or profitable information for malicious purposes.

 

RAT usage in attacks against pharmaceutical organizations indicates that sophisticated APT actors are showing an increased interest in capitalizing on the healthcare sector.

 

Kaspersky Lab products successfully detect and block the PlugX malware.

 

Private and confidential healthcare data is steadily migrating from paper to digital form within medical organizations. While the security of the network infrastructure of this sector is sometimes neglected, the hunt by APTs for information on advancements in drug and equipment innovation is truly worrying. Detections of PlugX malware in pharmaceutical organizations demonstrate yet another battle that we need to fight – and win – with cyber criminals,” said Yury Namestnikov, security researcher at Kaspersky Lab.

 

Other key findings for 2017 in the research include:

  • More than 60% of medical organizations had malware on their servers or computers;
  •  Philippines, Venezuela and Thailand topped the list of countries with attacked devices in medical organizations.

 

In order to stay protected, Kaspersky Lab experts advise businesses to take the following measures:

  • Remove all nodes that process medical data from public and secure public web portals;
  • Automatically update installed software using patch management systems on all nodes, including servers.
  • Perform network segmentation: refrain from connecting expensive equipment to the main LAN of your organization
  • Use a proven corporate grade security solution in combination with anti-targeted attack technologies and threat intelligence, such as Kaspersky Threat Management and Defense solution. These are capable of spotting and catching advanced targeted attacks by analyzing network anomalies and giving cybersecurity teams full visibility over the network and response automation.

 

For more recommendations, please visit Securelist.com.

 

To learn more about PlugX attacks and healthcare cyber security, read our blogpost on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Kingston Enhances Award-Winning IronKey D300 Encrypted USB
Techworld Date Posted: 19 November 2018 3:15 PM | 249 Views
Kingston Technology, a world leader in memory products and technology solutions, has added new features to its recent Cyber Defense 2018 Global Awards winning IronKey™ D300 encrypted USB flash drive to improve device management.... See More
 
Kingston Enhances Award-Winning IronKey D300 Encrypted USB
Techworld Date Posted: 3:15 PM | 249 Views
Kingston Technology, a world leader in memory products and technology solutions, has added new features to its recent Cyber Defense 2018 Global Awards winning IronKey™ D300 encrypted USB flash drive to improve device management...See More

 
Building a Safer World with Kaspersky: The Company Unveils New Branding and Visual Identity
Techworld Date Posted: 11 June 2019 10:01 AM | 17 Views
For more than two decades, Kaspersky Lab has been offering the best security solutions to customers in pursuit of its mission to save the world. As the world has become more digitized and globalized,.... See More
 
Building a Safer World with Kaspersky: The Company Unveils New Branding and Visual Identity
Techworld Date Posted: 10:01 AM | 17 Views
For more than two decades, Kaspersky Lab has been offering the best security solutions to customers in pursuit of its mission to save the world. As the world has become more digitized and globalized,...See More

PCBG Contributing Writer
The Genius Behind Threadripper
Techworld • By: PCBG Contributing Writer | Date Posted: 2 August 2017 10:12 AM | 36 Views
Lisa Su, for those in the dark, is a Silicon Valley genius. She is one of the biggest names in the semiconductor business, a notable Forbes name for one of the most creative female.... See More
PCBG Contributing Writer
The Genius Behind Threadripper
Techworld • By: PCBG Contributing Writer | Date Posted: 10:12 AM | 36 Views
Lisa Su, for those in the dark, is a Silicon Valley genius. She is one of the biggest names in the semiconductor business, a notable Forbes name for one of the most creative female...See More

 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 16 May 2018 11:31 AM | 17 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.. See More
 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 11:31 AM | 17 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.See More

 
Philips Showcases Impressive Monitors at National Retail Conference
Techworld Date Posted: 25 August 2018 4:55 PM | 714 Views
Philips, a well-known brand for making high-performance and innovative display solutions for home and businesses, was at the recently concluded National Retail Conference (NRCE) Philippines that was held at SMX Convention Center, Pasay City,.... See More
 
Philips Showcases Impressive Monitors at National Retail Conference
Techworld Date Posted: 4:55 PM | 714 Views
Philips, a well-known brand for making high-performance and innovative display solutions for home and businesses, was at the recently concluded National Retail Conference (NRCE) Philippines that was held at SMX Convention Center, Pasay City,...See More

 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 25 May 2018 2:51 PM | 20 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding.... See More
 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 2:51 PM | 20 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding...See More

 
Kaspersky Index in H2 2016: People are Becoming more Cyber Savvy
Techworld Date Posted: 8 May 2017 11:06 AM | 377 Views
Kaspersky Lab has updated its Kaspersky Cybersecurity Index, a set of indicators that allow the evaluation of the level of risk for Internet users worldwide. The Index for the second half of 2016 demonstrates.... See More
 
Kaspersky Index in H2 2016: People are Becoming more Cyber Savvy
Techworld Date Posted: 11:06 AM | 377 Views
Kaspersky Lab has updated its Kaspersky Cybersecurity Index, a set of indicators that allow the evaluation of the level of risk for Internet users worldwide. The Index for the second half of 2016 demonstrates...See More

 
OpenSignal Cites Smart for Having the Country’s Fastest LTE Network
Techworld Date Posted: 17 April 2018 1:46 PM | 40 Views
Mobile analytics firm OpenSignal has recognized PLDT wireless unit Smart Communications, Inc. for having the country’s fastest LTE network, bestowing the company four citations including best in 4G LTE download speed; best in overall.... See More
 
OpenSignal Cites Smart for Having the Country’s Fastest LTE Network
Techworld Date Posted: 1:46 PM | 40 Views
Mobile analytics firm OpenSignal has recognized PLDT wireless unit Smart Communications, Inc. for having the country’s fastest LTE network, bestowing the company four citations including best in 4G LTE download speed; best in overall...See More

 
Realme Holds Biggest Flash Sale to Date at Shopee Brand Day
Techworld Date Posted: 9 August 2019 6:10 PM | 71 Views
Realme Holds Biggest Flash Sale to Date at Shopee Brand Day. See More
 
Realme Holds Biggest Flash Sale to Date at Shopee Brand Day
Techworld Date Posted: 6:10 PM | 71 Views
Realme Holds Biggest Flash Sale to Date at Shopee Brand DaySee More

 
10 Tip to Improve Your Internet Privacy
Techworld Date Posted: 31 July 2018 5:09 PM | 573 Views
Massive data breaches, marketers tracking your every step online, shady people exploring the photos you shared in social networks — the list of digital annoyances goes on and on. However, it’s not completely hopeless:.... See More
 
10 Tip to Improve Your Internet Privacy
Techworld Date Posted: 5:09 PM | 573 Views
Massive data breaches, marketers tracking your every step online, shady people exploring the photos you shared in social networks — the list of digital annoyances goes on and on. However, it’s not completely hopeless:...See More


Power by

Download Free AZ | Free Wordpress Themes