Surge in Q4 Hacker AttacksVendor survey spots increase Some healthcare organizations saw a doubling in hacker attacks in the fourth quarter of 2009, according to a small study of customers of SecureWorks Inc., an Atlanta-based information security services company.
"From October through December of 2009, we blocked hundreds of SQL Injection and Butterfly/Mariposa Bot malware attacks launched at our healthcare clients," says Hunter King, a SecureWorks security researcher.
The study of 38 of the company's 82 healthcare clients found attempted attacks increased from an average of 6,500 per day per organization in the first nine months of last year to 13,400 per day in the fourth quarter, King says. The company did not see an increase in attacks during Q4 among the clients it surveyed in other industries.
If a computer is infected with the Butterfly malware, King says, it can be used to steal data stored in the computer's browser, including passwords; launch distributed denial of service attacks, spread via USB devices or peer-to-peer, and download additional malware onto the infected computer.
The SQL Injection attacks were launched at legitimate web sites to spread the Gumblar Trojan virus, King adds.
Healthcare as a target
Healthcare organizations are particularly vulnerable to hacker attacks because they store a wide variety of valuable patient data, ranging from Social Security numbers to billing addresses, says Beau Woods, a solutions architect with SecureWorks. "The black market is an economy," he notes. "The more a hacker can get out of an attack, the better."
But Woods is uncertain why the surge of attacks occurred in the fourth quarter. He warned, however, that more hackers appear to be attempting to steal health insurance-related information as part of medical identity theft efforts.
Healthcare organizations participating in the study include hospitals, delivery systems, health insurers and others.