Tech & Innovation in Healthcare
Threat Actors Rain Down Malware From the Cloud
Question: Our practice uses a couple different cloud services to share files and keep HR documentation available to easily review. Should we be concerned about viruses or other threats sneaking into our network? Oregon Subscriber Answer: Yes, you should always be aware of and vigilant against possible cybersecurity threats. In fact, cloud services, while helpful, are apps that cyberthreat actors are leveraging to deliver and deploy malware in healthcare. In a March 2024 threat labs report, Netskope found that Microsoft OneDrive is the most popular app in healthcare for malware delivery. OneDrive, a cloud app, is widely used and is the most popular app in healthcare. Researchers found that 42 percent of healthcare workers use OneDrive per day. Healthcare is one of the most popular cybersecurity threat targets, and cloud services act as ideal delivery vehicles for malware. Netskope researchers found that approximately 40 percent of malware downloads in healthcare came from cloud apps, whereas an estimated 30 percent of malware downloads originated from the same source the year prior. Malware is more likely to be downloaded from cloud apps because cloud-based files tend to be trusted and the files can avoid common security measures, such as “domain block lists or [tools] that do not inspect cloud traffic,” Netskope wrote in the report. Along with OneDrive, some of the popular cloud services used in healthcare include: According to the report, the most common malware families used to attack healthcare were the following: NjRat: This remote access trojan that allows the threat actor to access the victim’s camera, manage files, log the victim’s keystrokes, and steal credentials from web browsers. Amadey: This botnet collects an infected computer’s information and sends it to a C2 server. Azorult: This malware is an infostealer that captures credential information from the victim, such as account passwords. Reach out to your IT administrator or cybersecurity team to review your security policies and plans to protect your practice against all threats, including those that could originate from the cloud.
Tech & Innovation in Healthcare
- Artificial Intelligence:
Use AI to Tackle Your Claims Backlog With These 3 Tips
Remember to review the tech’s code choices. Revenue cycle teams handle thousands of medical claims [...] - Prior Authorization:
Final Rule Aims to Improve Interoperability and Access to Care
Plus: Feds finalize new API requirements and a MIPS measure, too. After the pandemic revealed [...] - Cybersecurity Corner:
Recognizing the Fallout of the Change Healthcare Ransomware Attack
Find out if new regulations could be in store. On Feb. 21, 2024, Change Healthcare [...] - Reader Questions:
Stay Vigilant of Scammers During Change Healthcare Outage
Question: I remember scammers trying to trick patients during the pandemic by claiming to sell test [...] - Reader Questions:
Use Wearable Technology to Detect Seizures
Question: I have several patients who suffer from epilepsy that is well controlled with medication, but [...] - Reader Questions:
Threat Actors Rain Down Malware From the Cloud
Question: Our practice uses a couple different cloud services to share files and keep HR documentation [...] - Reader Questions:
Detect OSA While Wearing a Watch When Patients Sleep
Question: I’ve had several patients come in for their annual wellness visit claiming to be frequently [...]
