4.5 million sensitive patient data records have been exfiltrated by a Chinese hacker group, according to a report made on Monday by the US Securities and Exchange Commission. The data includes names, addresses, phone numbers, and Social Security Numbers, which might be sufficient information to initiate financial fraud on the patients affected.
Websense® Security Labs™ has tracked down an increasing number of malicious activities hitting hospitals during the last couple of months. The first spikes started as early as October 2013 and have been increasing ever since, leaving hospitals as primary targets for quite some time.
The majority of the attacks are delivered by the infamous Heartbleed vulnerability (CVE-2014-0160), which targets unpatched OpenSSL libraries used by the vast majority of Web services and clients (read more here).
In our reports we have also seen an increased number of Zeus Gameover malware infections and Command & Control server traffic. Zeus Gameover uses a Peer-to-Peer network to communicate with the Command and Control server.
Special thanks to Michael Swafford and team for the data visualization.