Chinese-speaking hacker caught spying on pharma organizations

 

By Rose de la Cruz

 

Kaspersky Lab, a global cybersecurity company operating in the market for over 20 years, has discovered evidence of an emerging and alarming trend:  more advanced cyber threat actors turning their attention to attacks against the healthcare sector.

 

The infamous PlugX malware has been detected in pharmaceutical organizations in Vietnam, aimed at stealing precious drug formulas and business information.

 

Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.

 

The Chinese-speaking PlugX, also considered an advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by a person or persons targeting a specific entity. APT usually refers to a group, such as a government, with both the capability and the intent to target, persistently and effectively, a specific entity.

 

PlugX malware is a well-known remote access tool (RAT) that usually spreads via spear phishing and has previously been detected in targeted attacks against the military, government and political organizations.

 

The RAT has been used by a number of Chinese-speaking cyber threat actors, including Deep Panda, NetTraveler or Winnti.

 

In 2013, it was discovered that the latter - responsible for attacking companies in the online gaming industry - had been using PlugX since May 2012. Interestingly, Winnti has also been present in attacks against pharmaceutical companies, where the aim has been to steal digital certificates from medical equipment and software manufacturers.

 

PlugX RAT allows attackers to perform various malicious operations on a system without the user’s permission or authorization, including - but not limited to - copying and modifying files, logging keystrokes, stealing passwords and capturing screenshots of user activity.

 

PlugX, as with other RATs, is used by cyber criminals to discreetly steal and collect sensitive or profitable information for malicious purposes.

 

RAT usage in attacks against pharmaceutical organizations indicates that sophisticated APT actors are showing an increased interest in capitalizing on the healthcare sector.

 

 “Private and confidential healthcare data is steadily migrating from paper to digital form within medical organizations. While the security of the network infrastructure of this sector is sometimes neglected, the hunt by APTs for information on advancements in drug and equipment innovation is truly worrying. Detections of PlugX malware in pharmaceutical organizations demonstrate yet another battle that we need to fight – and win - with cyber criminals,” said Yury Namestnikov, security researcher at Kaspersky Lab.

 

Other key findings for 2017 in the research include: More than 60% of medical organizations had malware on their servers or computers; Philippines, Venezuela and Thailand topped the list of countries with attacked devices in medical organizations.

 

In order to stay protected, Kaspersky Lab experts advise businesses to take the following measures: a) remove all nodes that process medical data from public and secure public web portals; b) automatically update installed software using patch management systems on all nodes, including servers; c) perform network segmentation: refrain from connecting expensive equipment to the main LAN of your organization; d) use a proven corporate grade security solution in combination with anti-targeted attack technologies and threat intelligence, such as Kaspersky Threat Management and Defense solution.

 

These are capable of spotting and catching advanced targeted attacks by analyzing network anomalies and giving cybersecurity teams full visibility over the network and response automation.

 

Kaspersky Lab’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Currently, over 400 million users are protected by Kaspersky Lab technologies and 270,000 corporate clients protect what matters most to them.

Like us in Facebook

facebook like box joomla

Features

Latest News

Japan remains top ODA source

    By Rose de la Cruz   Japan continues to be the main source of official development assistance of the Philippine government, where... Read More...
Critical infrastructure: a role model to protect normal businesses?

    By Andrey Suvorov, Head of Critical Infrastructure Protection at Kaspersky Lab After many years of working with clients trying to protect their... Read More...
Bong still unsure of Senate run

Should he stay or should he go?  This is the question that Special Assistant to the President Christopher “Bong” Go is trying to answer and... Read More...
IMAGE In the know: Solar Philippines

Solar Philippines is currently the country’s – and Southeast Asia’s – largest solar-energy company. Founded in August 2013 by Leandro... Read More...
Wrong Dream Girl and Other Laughs

Wrong Dream GirlA FROG telephones the Psychic Hotline. His Personal Psychic Advisor tells him, "You are going to meet a beautiful young girl who will... Read More...
Confession Code and other laughs

Confession Code AN old priest who became sick of all the people in his parish who kept confessing to adultery said one Sunday, in the pulpit,"If I... Read More...
IMAGE PAGIGING MAKABAYAN

KAMAKAILAN ay tumawag ng atensyon ang plano ni Sen. Manny Pacquiao na maghain ng panukalang batas na naglalayon na isama bilang bahagi ng curriculum... Read More...
IMAGE PUTULIN ANG MONOPOLYO NG MERALCO!

SUPORTADO nang ibat-ibang consumer group kabilang na ang Institute for Consumer Research and Empowerment (ICORE) ang panukalang dapat putulin na ang... Read More...

Our Guests

Today43
Yesterday886
This week4335
This month16745
Total1004615

Visitor Info

  • Your IP: 54.166.228.35

Who Is Online

21
Online

Friday, 20 July 2018
© 2016 OpinYon News Magazine Online. All Rights Reserved.

Please publish modules in offcanvas position.