May 17, 2020

Symantec announces new cyber threat to healthcare organisations

Cyber Attacks
Health technology
Cyber Attacks
Health technology
Catherine Sturman
4 min
cyber threat
US software company Symantec has recently announced its recent findings surrounding an ongoing cyber threat to the healthcare industry.

Named Orangewor...

US software company Symantec has recently announced its recent findings surrounding an ongoing cyber threat to the healthcare industry.

Named Orangeworm, the cyber attack has affected up to 100 organisations, situated in the US (17%), Europe and Asia, the company has reported.

"According to Symantec telemetry, almost 40% of Orangeworm’s confirmed victim organizations operate within the healthcare industry."

"The Kwampirs malware was found on machines which had software installed for the use and control of high-tech imaging devices such as X-Ray and MRI machines.

“Additionally, Orangeworm was observed to have an interest in machines used to assist patients in completing consent forms for required procedures," the company added.

The malware is able to replicate itself over various network, making its worm-like actions inaccessible by outdated virus software and IT systems, such as Windows XP, which have been found to remain rampant across the industry.

However, the malware has also impacted supply chains, IT, pharmaceutical and manufacturing companies who work with healthcare providers. Targeting a number of industries has therefore heightened the range of information which hackers can obtain.

“What they do is clearly aimed at collecting information across the entire healthcare supply chain of their targets. You don’t really see that. What we’re seeing is corporate espionage, not for the sake of sabotage or destruction of equipment, and not for financial gain,” explained Jon DiMaggio, Senior Threat Intelligence Researcher at Symantec.

“The attackers cast a wide net and then choose high-value targets out of the sample. From there, they spend an immense amount of time trying to learn the ins and outs of the target’s systems, including seeking out directories, finding out what everything’s connected to, finding open shares.

See also

“This is speculation, but if they had source code or pirated technology, it would fit the story and would explain why they’re so interested in how things operate. But that’s just a theory.

“The situation could be so much worse; these guys have the capability to wipe hard drives or destroy equipment,” he continues.

“Implementing basic security procedures like patching and network segmentation would prevent this threat with minimal work. And, the healthcare community as a whole needs to push their software vendors to consider security more so than ease-of-use.”

Jalal Bouhdada, Founder and Principal ICS Security Consultant for Applied Risk, also outlined why "security by design" is crucial to cure security issues in the healthcare industry.

“It is perhaps no surprise that a new attack group, dubbed Orangeworm, has been discovered targeting the healthcare industry. There have been repeated warnings that healthcare systems are easy pickings for cybercriminals, and although there has been an understandable desire within the industry to press ahead and unlock the benefits of IoT technology, a lack of consideration regarding the security ramifications of this has begun to concern many,” he says.

“While innovation in the healthcare industry is having a great impact on the quality of life for many people, what if the opposite is also true? While in the case of Orangeworm it seems the attackers were only looking to learn about the inner workings of a system, could this often life-saving medical equipment be turned against us?

“There has been much speculation over potential scenarios in which devices such as insulin pumps are hijacked and held to ransom; or terrorists attack connected pacemakers en masse. Sadly, this is no longer the stuff of fiction, as made clear by the FDA’s recent warnings regarding exploitable flaws in connected cardiac pacemakers. Medical device manufacturers must come to terms with the idea that the security of the healthcare equipment itself is also a life and death issue.

“Medical device manufacturers must now begin adhering to best practice security advice. New data privacy laws and strict FDA requirements mean the responsibility is now with the developers to ensure the protection of networks and systems, or they will face the consequences.

“To help meet these obligations, the security industry and medical device manufacturers must develop a closer relationship, ensuring that new devices are developed with security defences baked in. The ethos of “secure by design” must become entrenched within all product developers."

Share article

Jun 18, 2021

Skin Analytics wins NHSX award for AI skin cancer tool 

2 min
Skin Analytics uses AI to detect skin cancer and will be deployed across the NHS to ease patient backlogs

An artificial intelligence-driven tool that identifies skin cancers has received an award from NHSX, the NHS England and Department of Health and Social Care's initiative to bring technology into the UK's national health system. 

NHSX has granted the Artificial Intelligence in Health and Care Award to DERM, an AI solution that can identify 11 types of skin lesion. 

Developed by Skin Analytics, DERM analyses images of skin lesions using algorithms. Within primary care, Skin Analytics will be used as an additional tool to help doctors with their decision making. 

In secondary care, it enables AI telehealth hubs to support dermatologists with triage, directing patients to the right next step. This will help speed up diagnosis, and patients with benign skin lesions can be identified earlier, redirecting them away from dermatology departments that are at full capacity due to the COVID-19 backlog. 

Cancer Research has called the impact of the pandemic on cancer services "devastating", with a 42% drop in the number of people starting cancer treatment after screening. 

DERM is already in use at University Hospitals Birmingham and Mid and South Essex Health & Care Partnership, where it has led to a significant reduction in unnecessary referrals to hospital.

Now NHSX have granted it the Phase 4 AI in Health and Care Award, making DERM available to clinicians across the country. Overall this award makes £140 million available over four years to accelerate the use of artificial intelligence technologies which meet the aims of the NHS Long Term Plan.

Dr Lucy Thomas, Consultant Dermatologist at Chelsea & Westminster Hospital, said: “Skin Analytics’ receipt of this award is great news for the NHS and dermatology departments. It will allow us to gather real-world data to demonstrate the benefits of AI on patient pathways and workforce challenges. 

"Like many services, dermatology has severe backlogs due to the COVID-19 pandemic. This award couldn't have come at a better time to aid recovery and give us more time with the patients most in need of our help.”

Share article