Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has been detected in pharmaceutical organizations in Vietnam, aimed at stealing precious drug formulas and business information.

 

PlugX malware is a well-known remote access tool (RAT). It is usually spread via spear phishing and has previously been detected in targeted attacks against the military, government and political organizations. The RAT has been used by a number of Chinese-speaking cyber threat actors, including Deep Panda, NetTraveler or Winnti. In 2013, it was discovered that the latter – responsible for attacking companies in the online gaming industry – had been using PlugX since May 2012. Interestingly, Winnti has also been present in attacks against pharmaceutical companies, where the aim has been to steal digital certificates from medical equipment and software manufacturers.

 

PlugX RAT allows attackers to perform various malicious operations on a system without the user’s permission or authorization, including – but not limited to – copying and modifying files, logging keystrokes, stealing passwords and capturing screenshots of user activity. PlugX, as with other RATs, is used by cyber criminals to discreetly steal and collect sensitive or profitable information for malicious purposes.

 

RAT usage in attacks against pharmaceutical organizations indicates that sophisticated APT actors are showing an increased interest in capitalizing on the healthcare sector.

 

Kaspersky Lab products successfully detect and block the PlugX malware.

 

Private and confidential healthcare data is steadily migrating from paper to digital form within medical organizations. While the security of the network infrastructure of this sector is sometimes neglected, the hunt by APTs for information on advancements in drug and equipment innovation is truly worrying. Detections of PlugX malware in pharmaceutical organizations demonstrate yet another battle that we need to fight – and win – with cyber criminals,” said Yury Namestnikov, security researcher at Kaspersky Lab.

 

Other key findings for 2017 in the research include:

  • More than 60% of medical organizations had malware on their servers or computers;
  •  Philippines, Venezuela and Thailand topped the list of countries with attacked devices in medical organizations.

 

In order to stay protected, Kaspersky Lab experts advise businesses to take the following measures:

  • Remove all nodes that process medical data from public and secure public web portals;
  • Automatically update installed software using patch management systems on all nodes, including servers.
  • Perform network segmentation: refrain from connecting expensive equipment to the main LAN of your organization
  • Use a proven corporate grade security solution in combination with anti-targeted attack technologies and threat intelligence, such as Kaspersky Threat Management and Defense solution. These are capable of spotting and catching advanced targeted attacks by analyzing network anomalies and giving cybersecurity teams full visibility over the network and response automation.

 

For more recommendations, please visit Securelist.com.

 

To learn more about PlugX attacks and healthcare cyber security, read our blogpost on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Power Mac Center Launches Lowered Service Rates, Enhanced Mail-In Repair Service
Techworld Date Posted: 7 November 2018 4:06 PM | 205 Views
In its commitment to provide genuine and hassle-free premium services to its customers, Power Mac Center’s Apple Authorized Service Provider is introducing lowered service repair rates and enhanced service offerings. . See More
 
Power Mac Center Launches Lowered Service Rates, Enhanced Mail-In Repair Service
Techworld Date Posted: 4:06 PM | 205 Views
In its commitment to provide genuine and hassle-free premium services to its customers, Power Mac Center’s Apple Authorized Service Provider is introducing lowered service repair rates and enhanced service offerings. See More

 
Chinese-Speaking APT Actor Caught Spying on Pharmaceutical Organizations
Techworld Date Posted: 15 March 2018 11:36 AM | 693 Views
Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has.... See More
 
Chinese-Speaking APT Actor Caught Spying on Pharmaceutical Organizations
Techworld Date Posted: 11:36 AM | 693 Views
Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has...See More

Frank Emmanuel Trazo
The Great White Mystery in Kona
Techworld • By: Frank Emmanuel Trazo | Date Posted: 6 September 2017 9:52 AM | 300 Views
Every hometown has its own tall tales. Such tales makes every community unique, interesting and historically significant. When these tales are translated into video games, gamers will get to know better about a hometown's.... See More
Frank Emmanuel Trazo
The Great White Mystery in Kona
Techworld • By: Frank Emmanuel Trazo | Date Posted: 9:52 AM | 300 Views
Every hometown has its own tall tales. Such tales makes every community unique, interesting and historically significant. When these tales are translated into video games, gamers will get to know better about a hometown's...See More

 
VST-ECS Appointed as Riverbed Technology’s New PH Distributor
Techworld Date Posted: 15 March 2019 2:53 PM | 180 Views
Riverbed Technology, The Digital Performance Company, announced on Tuesday that it has signed a strategic distribution partnership with local ICT distribution powerhouse VST ECS Phils., Inc., (formerly MSI-ECS Phils., Inc) . See More
 
VST-ECS Appointed as Riverbed Technology’s New PH Distributor
Techworld Date Posted: 2:53 PM | 180 Views
Riverbed Technology, The Digital Performance Company, announced on Tuesday that it has signed a strategic distribution partnership with local ICT distribution powerhouse VST ECS Phils., Inc., (formerly MSI-ECS Phils., Inc) See More

PCBG Gaming Crew
2017 Mid-Season Invitational Mania
Techworld • By: PCBG Gaming Crew | Date Posted: 12 April 2017 10:51 AM | 1380 Views
As the first half of major league tournaments all over the globe has been exhausted and judged, the 2017 Mid-Season Invitational will begin on the 29th of April with massive hungry league fans waiting.... See More
PCBG Gaming Crew
2017 Mid-Season Invitational Mania
Techworld • By: PCBG Gaming Crew | Date Posted: 10:51 AM | 1380 Views
As the first half of major league tournaments all over the globe has been exhausted and judged, the 2017 Mid-Season Invitational will begin on the 29th of April with massive hungry league fans waiting...See More

 
Nokia 7 plus Is Now Out in Philippine Market
Techworld Date Posted: 3 May 2018 3:55 PM | 352 Views
HMD, the home of Nokia phones, is happy to bring you the latest news everyone has been waiting for. The flagship hero without the flagship price tag, the Nokia 7 plus, is now officially.... See More
 
Nokia 7 plus Is Now Out in Philippine Market
Techworld Date Posted: 3:55 PM | 352 Views
HMD, the home of Nokia phones, is happy to bring you the latest news everyone has been waiting for. The flagship hero without the flagship price tag, the Nokia 7 plus, is now officially...See More


 
Buckle Up: 12 Safety Tips as PH Travels the Risky Road of a Cashless Society
Techworld Date Posted: 20 November 2017 5:12 PM | 354 Views
Digital payments and online banking are gaining traction in the Philippines as revealed by the Kaspersky Cybersecurity Index.. See More
 
Buckle Up: 12 Safety Tips as PH Travels the Risky Road of a Cashless Society
Techworld Date Posted: 5:12 PM | 354 Views
Digital payments and online banking are gaining traction in the Philippines as revealed by the Kaspersky Cybersecurity Index.See More

 
Taking High Tech Entertainment to a Whole New Level
Techworld Date Posted: 4 January 2018 11:17 AM | 321 Views
TCL Multimedia, the world’s third largest TV manufacturer and leading QLED TV innovator, conducted an exciting virtual racing competition, in partnership with Gameloft, makers of Asphalt Nitro, for mallgoers of the SM Mall of.... See More
 
Taking High Tech Entertainment to a Whole New Level
Techworld Date Posted: 11:17 AM | 321 Views
TCL Multimedia, the world’s third largest TV manufacturer and leading QLED TV innovator, conducted an exciting virtual racing competition, in partnership with Gameloft, makers of Asphalt Nitro, for mallgoers of the SM Mall of...See More

 
CES 2018: HyperX Reveals First Wireless Headset and New Suite of RGB Gaming Gear
Techworld Date Posted: 11 January 2018 10:58 AM | 348 Views
HyperX®, the gaming division of Kingston Technology, today demonstrated its first wireless gaming headset, the HyperX Cloud FlightTM, and an expanded suite of RGB gaming peripherals including the HyperX Alloy Elite RGBTM mechanical keyboard.... See More
 
CES 2018: HyperX Reveals First Wireless Headset and New Suite of RGB Gaming Gear
Techworld Date Posted: 10:58 AM | 348 Views
HyperX®, the gaming division of Kingston Technology, today demonstrated its first wireless gaming headset, the HyperX Cloud FlightTM, and an expanded suite of RGB gaming peripherals including the HyperX Alloy Elite RGBTM mechanical keyboard...See More


Power by

Download Free AZ | Free Wordpress Themes