Kwampirs Trojan Targets Healthcare Industry

In response to the latest attack on the healthcare industry by the cybercriminal group Orangeworm, Fortified Health Security COO William Crank penned a commentary for the Disaster Recovery Journal – the leading industry resource for business continuity professionals covering disaster recovery, crisis management, and risk management. Throughout the article, Crank discusses what healthcare leaders should know about a known cybercriminal group that is targeting healthcare industries, often acting through connected medical devices.

Read the full article, An Industry at Siege: What Every Healthcare Leader Should Know About Kwampirs Trojan Cyberattacks in The Disaster Recovery Journal. Below is an excerpt from the article.

An Industry at Siege: What Every Healthcare Leader Should Know About Kwampirs Trojan Cyberattacks

WILLIAM CRANK | MAY 19, 2020

The cybercriminal group known as Orangeworm is once again targeting healthcare organizations, often acting through connected medical devices. The FBI released a Private Industry Notification (PIN) stating that the group was using Kwampirs Remote Access Trojan (RAT) to access healthcare networks. As the industry faces this threat, it’s imperative that healthcare leadership enact strong data loss prevention strategies. 

Understanding the Data Threat

Orangeworm was first discovered in 2015. The group primarily targets organizations in the healthcare industry, including medical equipment manufacturers, pharmaceutical companies, healthcare providers, and associated IT companies. The largest portion of the cybercriminal group’s targets has been in the United States, making up 17% of victims. The identity of the Orangeworm group is currently unknown.