Firm: Hacker attacks on HIT doubled in Q4

An information security firm is reporting that attempted hacker attacks launched against its 82 healthcare clients doubled in the fourth quarter of 2009.

SecureWorks, a global information security services provider, said that attempted attacks against other types of organizations that are clients of the company did not increase in the fourth quarter.

The Atlanta-based company reported that attempted attacks increased from an average of 6,500 per healthcare client, per day, during January through September 2009, to an average of 13,400 per client, per day, during October through December 2009. The statistics were extrapolated from a 12-month study of 38 healthcare clients who use the SecureWorks' managed intrusion detection and prevention services.

The company blamed the increase on hundreds of SQL injection and Butterfly/Mariposa bot malware attacks launched against large hospitals, academic medical schools and affiliated hospitals, hospital enterprises, and health insurance providers, according to Hunter King, a security researcher at SecureWorks.

If a computer is infected with the Butterfly malware, it can be used to steal data stored by the victim's browser, including passwords. It can also download additional malware onto the infected computer, and launch distributed denial-of-service attacks, King said.

SecureWorks recommends that healthcare organizations of all sizes perform regular security risk assessments and implement intrusion prevention and detection services, data loss prevention monitoring, and daily log monitoring. Sites should also perform regular Web application security testing and use robust firewalls in view of hackers' increased awareness of healthcare IT as a source of data to steal, particularly with respect to identity theft.

Related Reading

Conficker worm invades U.K. hospital IT network, January 29, 2010

HIMSS Survey: Hospitals not ready to protect electronic records, November 12, 2009

FDA issues cybersecurity reminder, November 9, 2009

Conficker worm highlights PACS cybersecurity issues, June 2, 2009

Intrusion-detection testing finds network vulnerabilities, August 11, 2008

Copyright © 2010

Page 1 of 603
Next Page