Skip to main content

Windows-powered medical scanners are being hit by health care hackers

Liz West / Flickr (Creative Commons)

Hackers have been targeting medical scanning equipment like X-ray and MRI machines for the past few years and some of them have been very successful. While the attacks raise the potential of the theft of personal patient medical data, they appear to be centered around learning how certain medical software operates, possibly as part of an industrial espionage campaign.

Recommended Videos

While much of the world’s PCs have today moved on to more modern and secure operating systems like Windows 10, old equipment like medical scanners can still be found using ancient legacy platforms like Windows 95. That’s been the case with a number of X-ray and MRI machines which have been targeted by a group known as Orangeworm, who over the past few years have infected more than 100 different health care organizations with malware.

A Symantec report on this problem shows that health care providers have been the biggest target for this kind of malware, with some 39 percent of the group’s attacks in recent years targeting that industry. Other common targets are IT and manufacturing, along with agriculture and logistics to a lesser extent. However, each of those targets has been part of the medical supply chain, suggesting a coordinated effort to understand the entire health care industry’s IT infrastructure.

What’s confusing the security professionals, however, is that the attacks don’t appear to have a clear purpose. While they seem to use phishing emails as an attack vector — a common method for many malware types — they don’t seem to share many characteristics with more traditional digital assaults. No data appears to have been stolen, no ransoms are being demanded, and the systems aren’t left running cryptominers.

That leaves security researchers like those at Symantec unsure about who is truly responsible. As PCMag points out, the lack of a clear goal may suggest state-sponsored hackers, but the fact that the attacks are relatively unsophisticated suggests otherwise.

Regardless though, Symantec and its contemporaries see this as a wake-up call for the health care industry to overhaul its digital security. While these attacks have so far been rather benign, there’s little stopping those responsible from returning with much more dangerous plans in mind. Malicious software could wipe patient records, steal information, or shut down much needed medical equipment, potentially putting lives at risk.

The general advice given, for now, is for institutions to update their systems where possible and, where not, to isolate them on smaller, localized networks so that they aren’t so easily accessed.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
This massive exploit lets hackers breach apps like Chrome, 1Password, and Telegram
A dark mystery hand typing on a laptop computer at night.

A massive security bug has just been discovered that affects WebP images used in untold numbers of websites and apps, and it could potentially let hackers break into your computer and extract data from it. In fact, Google has already seen it being actively exploited in the wild. Because of that, it’s essential that you patch your computer as soon as possible.

The discovery has been detailed by researcher Alex Ivanovs, who wrote about the bug in a blog post. Right now, it seems to affect almost all of the best web browsers, including Chrome, Firefox, Edge, and Brave. WebP images are used all over the web, meaning huge numbers of sites and apps could be affected.

Read more
Lapsus$ hackers convicted of breaching GTA 6, Nvidia, and more
A hacker typing on an Apple MacBook laptop, which shows code on its screen.

The Lapsus$ hacking gang caused havoc in 2021 and 2022 with a series of high-profile security breaches and ransom demands. Yet things have been very quiet since then, and two alleged members of the group have just been convicted in the U.K., potentially bringing an end to one of the most notable hacking sprees in recent times.

According to Bloomberg and the BBC, two people accused of being members of the gang were convicted in the U.K. of a number of crimes, including serious computer misuse, blackmail, and fraud. The defendants included Arion Kurtaj, 18, and a 17-year-old male who could not be named due to his age. Both defendants are autistic and psychiatrists deemed that Kurtaj was not fit to stand trial, so he did not give evidence. They will both be sentenced at a later date.

Read more
In the age of ChatGPT, Macs are under malware assault
A person using a laptop with a set of code seen on the display.

It's common knowledge -- Macs are less prone to malware than their Windows counterparts. That still holds true today, but the rise of ChatGPT and other AI tools is challenging the status quo, with even the FBI warning of its far-reaching implications for cybersecurity.

That may be why software developer Macpaw launched its own cybersecurity division -- dubbed Moonlock -- specifically to fight Mac malware. We spoke to Oleg Stukalenko, Lead Product Manager at Moonlock, to find out whether Mac malware is on the rise, and if ChatGPT could give hackers a massive advantage over everyday users.
State-sponsored attacks

Read more