Healthcare organizations of all kinds are being routinely attacked and compromised by increasingly sophisticated cyberattacks, according to a study by a cybersecurity firm and a security research institute
The study found that networks and Internet-connected devices in places such as hospitals, insurance companies and pharmaceutical companies are under siege and in many cases have been infiltrated without their knowledge, according to an article on the L.A. Times website.
The study was conducted by Norse, a cybersecurity firm, and SANS, a security research institute. The study found that from September 2012 to October 2013, 375 U.S. healthcare organizations had been compromised, and in many cases are still compromised because they haven't detected the attacks.
In addition to getting access to patient files and information, the attackers infiltrated devices such as radiology imaging software, conferencing systems, printers, firewalls, Web cameras and mail servers, the article said.
"What's concerning to us is the sheer lack of basic blocking and tackling within these organizations. Firewalls were on default settings. They used very simple passwords for devices. In some cases, an organization used the same password for everything," ," said Sam Glines, chief executive of Norse, the the article.
The study found that 7% of traffic was coming from radiology imaging software, another 7% of malicious traffic originated from video conferencing systems, and another 3% came from digital video systems that are most likely used for consults and remote procedures, the article said.
Read the article.