Surge in Q4 Hacker Attacks

Vendor survey spots increase Some healthcare organizations saw a doubling in hacker attacks in the fourth quarter of 2009, according to a small study of customers of SecureWorks Inc., an Atlanta-based information security services company.

"From October through December of 2009, we blocked hundreds of SQL Injection and Butterfly/Mariposa Bot malware attacks launched at our healthcare clients," says Hunter King, a SecureWorks security researcher.

The study of 38 of the company's 82 healthcare clients found attempted attacks increased from an average of 6,500 per day per organization in the first nine months of last year to 13,400 per day in the fourth quarter, King says. The company did not see an increase in attacks during Q4 among the clients it surveyed in other industries.

If a computer is infected with the Butterfly malware, King says, it can be used to steal data stored in the computer's browser, including passwords; launch distributed denial of service attacks, spread via USB devices or peer-to-peer, and download additional malware onto the infected computer.

The SQL Injection attacks were launched at legitimate web sites to spread the Gumblar Trojan virus, King adds.

Healthcare as a target

Healthcare organizations are particularly vulnerable to hacker attacks because they store a wide variety of valuable patient data, ranging from Social Security numbers to billing addresses, says Beau Woods, a solutions architect with SecureWorks. "The black market is an economy," he notes. "The more a hacker can get out of an attack, the better."

But Woods is uncertain why the surge of attacks occurred in the fourth quarter. He warned, however, that more hackers appear to be attempting to steal health insurance-related information as part of medical identity theft efforts.

Healthcare organizations participating in the study include hospitals, delivery systems, health insurers and others.


About the Author

Howard Anderson

Howard Anderson

News Editor, ISMG

Anderson is news editor of Information Security Media Group and was founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.