Cybersecurity report warns of range of attacks and malicious activity

22 August 2019 14:00

The healthcare sector is facing a range of cyberattacks and malicious activity, according to a report from cybersecurity experts FireEye.

Medical cyber physical systems, or biomedical devices, are becoming an increasing target for hackers, the report suggests. Though the report says the company isn’t aware of any malicious activity against personal medical devices, it highlights there are threats that highlight the vulnerabilities in these systems.

In its conclusion the report says: “Looking forward, as biomedical devices increase in usage, the potential for them to become an attractive target for disruptive or destructive cyberattacks – especially by actors willing to assume greater risk – may present a more contested attack surface than today.”

FireEye also warns that “the existence of networking features and remote access will eventually be used to harm individuals or groups, whether intentionally through a targeted attack or inadvertently through unexpected interactions between device software and activity during access to devices.”

The report warned that some devices have security shortfalls including “smart storage” devices.

Also discovered were multiple healthcare associated databases for sale on underground forums for under $2000, and that Chinese espionage groups are targeting medical research groups, including those focussed on cancer research.

One investigation at a health manufacturing company uncovered, a hacker was believed to be in the organisation’s network for at least 60 days prior to detection, and used or accessed approximately 14 user accounts, and accessed or installed backdoors on more than 450 systems.

Regarding a cybersecurity threat to a UK organisation, Luke McNamara, principle analyst at FireEye, said: "The targeting of a healthcare entity in the U.K. represents an interesting departure of focus for APT32, a Vietnamese cyber espionage group. While it is not entirely clear as to the motivation for this specific incident, APT32 is known to target international entities with a business presence in Vietnam. This example also highlights the challenge organisations in this sector face in dealing not just with known, high-frequency threats, but also less-frequent intrusions by nation state actors—some of whom may not have a long track record of targeting healthcare."

The report can be read in full, here.

Related

Training our way out of the cybersecurity shortfall

Congress empowers the FDA to act on cyber threats in medical devices

Ways of optimising power and security in BLE medical devices

Zener launches course to protect medical devices from cyber threats