Symantec researchers have confirmed that a cybercrime group called ‘Orangeworm’ has succeeded in deploying a custom backdoor known as Trojan.Kwampirs in most of the databases owned by healthcare organizations in United States, Europe and some parts of Asia.
As per the discovery of Symantec, the targeted organizations include equipment manufacturers, IT service providers, pharmaceutical companies, and hospital networks.
The study carried out by California based cybersecurity firm has confirmed that ‘Orangeworm’ launches attack only after doing a lot of homework on the target which includes the type of data the organization holds, accessing its current security strategies and the value of the organization’s data on the dark web.
Researchers found that Kwampirs malware can be induced onto medical devices such as X-rays, and MRI machines and other medical equipment.
Presently the study did not detect any data transfer from the infected devices. It means that the espionage was being carried out to learn more about the machine and might also be a rehearsal for something big to happen in near future.
According to the telemetry gathered by Symantec, almost 40% organizations have become victims to the said malware attack within the healthcare industry.
And among the countries, US tops the list with 17% of healthcare firms becoming a victim to Kwampirs malware, followed by India with 7% and the United Kingdom at 5%.
Note- Symantec customers are protected against Orangeworm invasions by default with the help of Intelligence Services or WebFilter enabled products. The products include Web Security Services(WSS), ProxySG, Advanced Secure Gateway(ASG), Security Analytics, Content Analytics, Malware Analysis, SSL Visibility, and Packetshaper.
