An Ounce Of Prevention

3427653530?profile=RESIZE_710xWapack Labs has been closely monitoring the healthcare system around the United States.  Various kinds of cyber-attacks have been plaguing the healthcare industry for the past several years. Specifically, our analysts have examined New England healthcare systems to collect and analyze malicious cyber data, with the goal of preventing future healthcare focused cyber-attacks.  

One of the largest healthcare providers in the nation is in New England.  Within this non-profit medical center there are branches such as a Cancer Center, a Children’s Hospital, and a medical school, along with other satellite offices.

Using our proprietary collection data, Wapack Labs has found multiple different security concerns that would allow attackers to cause significant damage to the company, even if they have a well-developed information security infrastructure.  It is impossible to prevent all cyber-attacks on any network, but the goal here is to make a network environment as secure as possible; even if an attacker gains initial access to the company, they would be unable to further interfere with operations or steal personally identifiable information (PII) and confidential medical information.

The facility manages/owns a Class B network which can support up to 65,534 network hosts.  Using a RedXray[1] profile created for the hospital, analysts immediately observed 3 malicious hits in our Azorult botnet tracker.  This dated August 2019 and indicating that 3 devices have been targeted and added to a botnet as slave devices.  Often times attackers will take over devices and add them to a botnet to use later in attacks on other victims such as a DDoS attack.   This specific botnet uses the Azorult trojan to take over victim devices and gain more bots.

Link to full report: WR-19-225-001_New_England_Hospital_FINAL.pdf