(L-R) Jesmond Chang, Head of Corporate Communications, APAC, Kaspersky; Denis Makrushin, Security Architect at Ingram Micro;  Yury Namestnikov, Head of Global Research and Analysis Team (GReAT) Russia at Kaspersky; and Vitaly Kamluk, Director, GReAT APAC, Kaspersky

 

Amongst the countries which logged the most number of attacks are Pakistan (54%), Egypt (53%), Mexico (47%), Indonesia (46%), and Spain (45%). Four more countries from the Asia Pacific region cap off the top 15 nations with the highest percent of devices infected. These include India, Bangladesh, Hong Kong, and Malaysia with more or less 4-in-10 machines with detected malicious attempts.

 

“While it is a known fact that money-hungry cybercriminals can easily earn by attacking banks, we also observe that these hackers as well as cyberespionage groups are slowly paying a lot of attention towards the industry of advanced medicine,” says Yury Namestnikov, Head of Global Research and Analysis Team (GReAT) Russia at Kaspersky.

 

“They are slowly realizing that pharmaceutical companies house a treasure trove of highly valuable data such as the latest drugs and vaccines, the newest researches, as well as medical secrets. The rise of internet-connected operational technology (OT) inside these pharmaceuticals also contributes to the widening attack surface inside this sector,” comments Namestnikov.

 

Among the Advanced Persistent Threat (APT) groups which have been waging sophisticated spying over pharmaceuticals globally include Cloud Atlas and APT10 also known as MenuPass.

 

“Based on our monitoring of several APT actors’ movements in the Asia Pacific and globally, we figured that these groups infect servers and exfiltrate data from pharmaceutical companies. Their attack techniques and behaviour also prove that these attackers’ apparent goal is to get their hands on intellectual properties related to the latest medical formulas and research results as well as the business plans of their victims,” adds Namestnikov.

 

Vulnerabilities in open source EMR-systems and its dangers

 

In his own research, Denis Makrushin, Security Architect at Ingram Micro, revealed the risks that come along with the steady migration of hospitals from paper-based data storage to electronic medical record (EMR) systems. Makrushin further notes that healthcare organizations, scrambling to digitize their data storage, see open source EMR web-portals as an easy and quick option, despite their known security challenges.

 

“We are seeing lesser printed or hand-written medical books inside hospitals and clinics worldwide with the advent of open source. Given their limited internal IT workforce, healthcare institutions opt to use convenient services such as OpenEMR, OpenMRS or similar web applications. This technology’s rapid adoption triggers the rise of the threats against this widely-used services,” says Makrushin,

 

OpenEMR and OpenMRS are open platforms for medical practice management. Any organization can use this product for business without any restrictions. The source code of this product is also available for any developer. In addition, this software has certifications from trusted organizations (for example OpenEMR is ONC Complete Ambulatory HER certified).

 

“Their free and open nature make these EMR-applications highly sensitive to cyberattacks. There have been a lot of security patches released as researchers unmask one exploit after another. I, myself, have discovered vulnerabilities in these applications, hackers can inject malicious code at the initial stage of registration, and portray himself as a patient. From this, malicious actors can infect the portal’s page and collect medical information from all users of the portal, including doctors and admins. These data can be easily exfiltrated,” he adds.

 

To securely use this platform, Makrushin suggests healthcare facilities to:

 

  • Conduct secure software development lifecycle (Secure SDLC)
    • Regularly perform architecture analysis, conduct penetration testing, security code review on systems being use
  • Control the attack surface
    • Periodically update your installed software and remove unwanted applications
    • Try to remove all exposure nodes that process medical data
  • Raise security awareness for every person involved
    • Conduct regular cybersecurity awareness training for all staff and even patients

RECOMMENDED ARTICLE FOR TECHWORLD


 
Lenovo Introduces New Laptops for the ‘Modern Avid Gamer’
Techworld Date Posted: 17 August 2018 5:23 PM | 703 Views
Lenovo, a global leader in PCs and smart devices development, is launching two new laptops designed to meet the demands of the ‘modern avid gamers’. . See More
 
Lenovo Introduces New Laptops for the ‘Modern Avid Gamer’
Techworld Date Posted: 5:23 PM | 703 Views
Lenovo, a global leader in PCs and smart devices development, is launching two new laptops designed to meet the demands of the ‘modern avid gamers’. See More

 
DJI Introduces Mavic 2 Pro and Mavic 2 Zoom: A New Era for Camera Drones
Techworld Date Posted: 21 September 2018 9:10 AM | 68 Views
DJI, the world’s leader in civilian drones and aerial imaging technology, has introduced a new era for camera drones with two additions to its iconic Mavic series: Mavic 2 Pro, the world’s first drone.... See More
 
DJI Introduces Mavic 2 Pro and Mavic 2 Zoom: A New Era for Camera Drones
Techworld Date Posted: 9:10 AM | 68 Views
DJI, the world’s leader in civilian drones and aerial imaging technology, has introduced a new era for camera drones with two additions to its iconic Mavic series: Mavic 2 Pro, the world’s first drone...See More

 
Filipino Microfinance Institution Deploys SD-WAN to Boost Network Reliability and Improve the Lives of Women in Rural Communities
Techworld Date Posted: 27 April 2019 10:06 AM | 85 Views
Riverbed®, The Digital Performance Company™, has announced that Negros Women for Tomorrow Foundation (NWTF), one of the Philippines’ oldest and largest microfinance institutions, is advancing the human experience in the digital world through next-generation.... See More
 
Filipino Microfinance Institution Deploys SD-WAN to Boost Network Reliability and Improve the Lives of Women in Rural Communities
Techworld Date Posted: 10:06 AM | 85 Views
Riverbed®, The Digital Performance Company™, has announced that Negros Women for Tomorrow Foundation (NWTF), one of the Philippines’ oldest and largest microfinance institutions, is advancing the human experience in the digital world through next-generation...See More

 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 18 May 2018 2:23 PM | 57 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to.... See More
 
Roaming Mantis Extends DNS Hijacking Attacks from Asia to Rest of World, Adds Crypto-Mining
Techworld Date Posted: 2:23 PM | 57 Views
On 16 April, Kaspersky Lab researchers reported on a new Android malware distributed through a domain name system (DNS) hijacking technique and targeting mainly smartphones in Asia. Four weeks on, the threat continues to...See More

 
New Forces Join Popular Team Group Gaming T-FORCE Series
Techworld Date Posted: 30 September 2017 9:35 AM | 68 Views
Team Group, world renowned memory solutions and accessory provider, is proud to announce today the addition of new products as to their prestigious T-FORCE gaming line of products. See More
 
New Forces Join Popular Team Group Gaming T-FORCE Series
Techworld Date Posted: 9:35 AM | 68 Views
Team Group, world renowned memory solutions and accessory provider, is proud to announce today the addition of new products as to their prestigious T-FORCE gaming line of productsSee More

 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 3 January 2018 2:26 PM | 587 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.. See More
 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 2:26 PM | 587 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.See More

 
iPhone Xs and Xs Max, Now Available in Power Mac Center
Techworld Date Posted: 5 November 2018 5:21 PM | 101 Views
Power Mac Center, the premier Apple partner in the country, recently welcomed the arrival of iPhone Xs, iPhone Xs Max, and Apple Watch Series 4 with a midnight launch party at its flagship store.... See More
 
iPhone Xs and Xs Max, Now Available in Power Mac Center
Techworld Date Posted: 5:21 PM | 101 Views
Power Mac Center, the premier Apple partner in the country, recently welcomed the arrival of iPhone Xs, iPhone Xs Max, and Apple Watch Series 4 with a midnight launch party at its flagship store...See More

 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 26 April 2018 5:31 PM | 46 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until.... See More
 
As Data Volumes Explode, Toshiba and Helium Help the Cloud Float to New Capacity Highs
Techworld Date Posted: 5:31 PM | 46 Views
Storing digisnaps of places visited and meals eaten, archiving documents, sharing conference materials with colleagues; these days it’s becoming second nature to store all sorts of data in the cloud, where it’s safe until...See More

 
PLDT Introduces a New Era of Home Broadband with All-New Google Wifi Plans
Techworld Date Posted: 4 January 2019 3:53 PM | 139 Views
Leading digital services provider PLDT is ushering in a new era of home broadband as it introduces the new PLDT Home Google Wifi Plans, which lets you enjoy Unli Fibr in every room and.... See More
 
PLDT Introduces a New Era of Home Broadband with All-New Google Wifi Plans
Techworld Date Posted: 3:53 PM | 139 Views
Leading digital services provider PLDT is ushering in a new era of home broadband as it introduces the new PLDT Home Google Wifi Plans, which lets you enjoy Unli Fibr in every room and...See More

 
Grade School Students, Big Winner in Power Mac Center App Contest
Techworld Date Posted: 27 February 2019 3:51 PM | 77 Views
A game app that will help toddlers and grade school students build their passion for learning bagged the grand prize in Power Mac Center’s recently concluded “emPOWER UP! Design a Better World: App Development.... See More
 
Grade School Students, Big Winner in Power Mac Center App Contest
Techworld Date Posted: 3:51 PM | 77 Views
A game app that will help toddlers and grade school students build their passion for learning bagged the grand prize in Power Mac Center’s recently concluded “emPOWER UP! Design a Better World: App Development...See More


Power by

Download Free AZ | Free Wordpress Themes