A new study has discovered that ransomware is no longer the hacker’s weapon of choice when it comes to infiltrating IT systems.
Cyber criminals are, instead, using HTTPS tunnels that look like normal encrypted web traffic to steal data from healthcare organisations.
The findings come from the Vectra 2019 Spotlight Report on Healthcare, which highlighted the vulnerability of the IoT devices. Connected gadgets have now become a target for malicious online operators seeking to disrupt organisations or get their hands on private personal information.
The study made a case for the use of AI and machine learning to help uncover suspicious activity in IT networks and to help resolve glitches before hacking activity can get a foot hold in computer systems.
Ransomware, such as that used in the WannaCry attack that hit the NHS two years ago, was used less frequently through 2018. Hackers are now concealing their command-and-control dialogues inside HTTPS tunnels, which simulate the appearance of service provide traffic.
The report, issued by the US-based AI firm, said:
“Behaviours that point to the use of external remote access tools are the second most-common detections in healthcare.”
“Although these behaviours are consistent with cyberattack command-and-control communications, these behaviours also occur when healthcare organisations communicate with independent labs, imaging centres and other service providers.”
The report also issued a warning to health organisations, urging bosses to continue monitoring for ransomware as the methodology still poses a very real threat to data safety.
Brett Walmsely, chief technology officer at Bolton NHS Foundation Trust, said:
“The increase in medical IoT is beneficial for patients but makes securing healthcare systems a challenge due to limited security controls around these devices.”
“Having the visibility to quickly and accurately detect threat behaviours on and between all devices is the key to good security practice, regulatory compliance and managing risk.”
IoT devices were also signalled out for their vulnerability within IT systems by a recent cyber security study published by Check Point. The software tech firm discovered outdated programming and operating systems within the NHS reduced the organisation’s strength in the face of a cyber-attack. The report also advised separating patient information from IT systems to slow up hackers’ attempts to steal data.
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/