It is unfortunate the very industry that works so diligently to offer potentially life-saving services to the populace is often the target of hackers, ransomware, malware and viruses. 

But it is precisely because of their need to gather very personal information, that hospitals, medical centers and the like are often targets for data breaches and exploitation. For example, Stegoloader Malware.

Stegoloader Malware

In this particular case, those in the healthcare industry must remain vigilant against even old malware like Stegoloader, which is still a threat to EMRs.

Stegoloader is a trojan that primarily targets small organizations in the healthcare industry, with some exploitation directed against the technology and insurance sectors as well.  Two notable victims of this particular trojan are Anthem and Premera Blue Cross, so even larger entities were casualties of this malware as well.

So how does a malware program infect vital data gathered in the healthcare industry?  In this particular case, the Stegoloader malware hides itself within an image file. 

When an unsuspecting user opens the image file, the malware crawls through the underlying network looking for vulnerabilities.  Of particular interest to the malware is EMR information, along with a secondary goal of installing another malware program designed to steal banking information.

So how can organizations defend themselves from malware like Stegoloader?  In the case of Stegoloader, users need to stay away from illegitimate software and illegal product key generators, as this is where this particular trojan often resides.  This means businesses need to avoid risky software practices such as turning to pirated software in an effort to cut costs. 

Organizations must also train their employees to avoid downloading software from sketchy sites and to avoid clicking on suspicious-looking images, links within emails, etc.  Tech providers must also perform regular backups, and keep all systems up to date with the latest anti-virus, anti-malware software and operating system patches.

If you are a health organization that would like more information on how to safeguard your EMRs from exploitation, please contact us.

Leave a Reply