Healthcare Industry Affected by the Increasing New Malware Detected in 2017

Malware

In 2017, McAfee Labs report a steady increase in the volume of new malware samples detected every quarter. Q3 had a record high of 57.6 million new malware samples detected. That translates to detecting a new malware sample every quarter of a second. The most targeted vertical in the United States is the healthcare industry. In Q3, the main attack vector is account hijacking. Then there were leaks, DDoS, malware and other targeted attacks.

The HMSS Analytics/Mimecast survey had similar findings as McAfee Labs. But the biggest concern of healthcare IT professionals was the email related phishing attacks. In Q3, 263 security breaches globally were publicly disclosed and over 60% of that number happened in the Americas. That number increased by 15% from Q2. There was also a 10% increase in malware attacks since Q2. 781 million new malware samples were detected in 2017, which records a 27% increase from 2016.

Cybercriminals’ favorite moneymaker is the ransomware. In Q3, the number of new ransomware samples increased by 36%. The total of ransomware samples detected in 2017 was 12.2 million. One ransomware that appeared in Q3 was the Lukitus. McAfee detected 23 million spam emails during the first 24 hours of its campaign alone.

Fileless malware threats, though not the biggest threat in Q3, still caused a major concern. Script-based malware, such as written in PoweShell or JavaScript, is easy to obfuscate and hard to detect. Many campaigns used this malware over the past two years. McAfee reports a 36% decrease in JavaScript-based malware in Q2 but a 119% increase in PowerShell-based malware. Fileless malware leverage trusted applications or gain access to native system operating tools without the need for downloading any executable files at the beginning of the attack. Attackers have made a big leap forward in taking control of computers using this type of malware.

Mobile malware samples detected also increased. The total number of 21.2 million in Q3 registers a 10% increase compared to Q2. The increase was primarily because of the Android screen-locking ransomware.

Carbon Black’s 2017 Threat Report showed that 52% of attacks are not related to malware. For malware-related attacks, the most affected industries are financial services, retail stores and healthcare providers. The major threats include the Kryptik Trojan, the Nemucod downloader, Strictor ransomware, the Skeeyah Trojan and the Emotet banking Trojan.

Ransomware attacks will continue to dominate in 2018. The revenue from ransomware attacks in 2017 is estimated at $5 billion by Carbon Black. The healthcare industry is on the 9th out of 10 listed industries targeted by ransomware. The primary targets were tech firms, government organizations and law firms.