The following is an excerpt from a post by Nate Winslow, the senior principal data scientist at Prevailion:
For the past few months, I’ve been monitoring the health care industry from a cyber risk perspective. A clear picture has emerged, which shows US and French hospitals having high risk. This is disturbing given that many of these hospitals are already facing a crisis of epidemic proportions.
The data I’ve been using to monitor the health care industry consists of intercepted communications to malicious internet domains. By analyzing the daily communications from hundreds of thousands of IP (Internet Protocol) addresses to these malicious domains, I can reconstruct a global view of computer network compromise (see the banner graphic above). This view has remarkable resolution at the city, country, company, and industry group levels. The line plot below shows the stage of compromise within the health care industry broken into 4 subsectors. The red line corresponds to hospitals. The hospitals subsector consistently has the highest stage of compromise within the health care industry.
Within the hospitals subsector, I have also been monitoring the hospitals with the highest stages of compromise. These hospitals are located in the United States and France. The final line plot below shows the stages of compromise for the most impacted hospitals. Stages of compromise range from 1 to 4 (similar to the stages of cancer). When an organization gets above stage 3, the evidence of compromise is very strong, and consistent with malware aggressively spreading within a network.
The above hospitals have computer networks displaying strong evidence of being infected with malware. These infections elevate the cyber risk for ALL hospitals, particularly those in the United States and France.
In the coming months, I will continue to monitor the health care industry and report on other industries observed to have high cyber risk (including the oil and gas industry as well as the pharmaceutical manufacturing industry).
For a deeper dive into Compromise Intelligence within this industry and others, look for our upcoming quarterly Apex Report, due out at the end of April.
A member of the FCC renewed urgency calls on Apple and Google to remove TikTok from their app stores, raising concerns that TikTok’s Chinese-based parent company is collecting user data that is being accessed in China.
What Wicked Webs We Un-weave: Wizard Spider once again proving it isn’t you, it isn’t me; we search for things that you can’t see Authored by: Matt Stafford and Sherman Smith Executive summary: In late January 2022, Prevailion’s Adversarial Counterintelligence Team (PACT) identified extensive phishing activity designed to harvest credentials for Naver. Naver is a […]