Most healthcare organizations in the U.S. are running their medical devices on outdated software and operating systems, leaving them vulnerable to cyberattacks. According to a research from Atlas VPN, 83% of healthcare providers in the U.S. are running on outdated software. Based on cybersecurity firm Palo Alto Networks’ survey of 1.2 million IoT devices used in thousands of healthcare organizations across the U.S., 56% of devices were still running on the Windows 7 operating system, for which Microsoft discontinued support in January 2020.
More than 40% of healthcare providers stated that they were planning to enhance their cybersecurity measures this year. The research also revealed that 27% of medical devices are still running Windows XP or old versions of Linux OS. Nearly 16% of imaging systems are at 51% risk of getting hacked, according to the research. Due to the severity of the Coronavirus threat, the healthcare sector leaves many connected medical devices vulnerable to potential cyberthreats.
“Due to the COVID-19 outbreak, hospitals are using patient monitoring devices more than ever. Research shows that 1 in 4 such devices have security issues. Based on these numbers, Atlas VPN estimates that cybercriminals will be focusing on the healthcare sector in 2020,” Atlas VPN said in a statement.
Abuse of Coronavirus in Cyberspace
Cybercriminals never leave an opportunity to exploit any vulnerability or situation to prey on users online. For instance, attackers created fake Coronavirus Maps to trick people into downloading malware onto their devices. CYFIRMA Research also found that Korean-speaking hackers were planning to make financial gains using sophisticated phishing campaigns, loaded with sensitive data exfiltration malware and creating a new variant of EMOTET virus (EMOTET is a malware strain that was first detected in 2014 and is one of the most prevalent threats in 2019). The phishing email had the Korean language title “Coronavirus Correspondence”, tricking recipients into opening them and launching malware into machines and networks.