A research by cyber security firm Symantec has found that the group behind the Gatak Trojan (Trojan.Gatak) continues to pose a threat to healthcare organisations, which are heavily affected by cyber attacks.
Gatak is known for infecting its victims through websites, promising product licensing keys for pirated software.
According to the Symantec study, the victims of Gatak are infected when using websites offering product key generators or keygens for pirated software. The malware is bundled with a product key and, if the victim is tricked into downloading and opening one of these files, the malware is surreptitiously installed on their computer.
Attackers in most cases appear to focus on offering product keys for software which is more likely to be used in professional environments.
“Analysis of recent enterprise attacks leads that the healthcare sector is by far the most affected. 40 per cent of the top 20 organisations affected by Gatak happen to be in the healthcare sector,” Symantec said.
The largest number of breaches took place within the health services sub-sector, which actually comprised 39 per cent of all breaches in 2015. Symantec researchers found potentially damaging vulnerabilities in dozens of devices.
Sectoral breakdown of most heavily infected organisations include those dealing in insulin pumps, x-ray systems, CT-scanners, medical refrigerators and implantable defibrillators.
“Healthcare organisations can often be pressurised, under-resourced, and many use legacy software systems that are expensive to upgrade. Consequently, workers could be more likely to take shortcuts and install pirated software,” the Symantec study pointed out.
But it is unclear how Gatak is profiting from healthcare attacks. “One could be data theft, with attackers selling personally identifiable information and other stolen data on the cyber underground. This could explain the attackers heavy focus on the healthcare sector, with healthcare records usually selling for more than other personal information,” the cyber security expert said.