Hospital Hit With Cryptocurrency Mining Malware
Are More Healthcare Sector Entities at Risk?
Do healthcare entities face a growing risk of being hit with cryptocurrency mining attacks, which have become more common in other sectors? A Tennessee hospital may be the first victim in the sector, and some security experts predict many more such incidents.
Cryptocurrency mining refers to solving computationally intensive mathematical tasks, which are used to verify the blockchain, or public ledger, of transactions.
” Cryptocurrency miners aren’t specifically seeking systems in healthcare; they compromise any system they can find.”
—Keith Fricke, partner and principal consultant, tw-Security
Keith Fricke, partner and principal consultant at tw-Security, says cryptocurrency mining schemers “scan the Internet for systems with vulnerabilities that can be exploited, granting them unauthorized access for purposes of installing cryptocurrency mining software. This becomes a cheaper alternative to purchasing their own hardware and paying for electricity to run it. Cryptocurrency miners aren’t specifically seeking systems in healthcare; they compromise any system they can find.”
Despite the growing cryptocurrency mining threat, Fricke contends that ransomware is still likely a bigger threat to healthcare entities because of the potential disruptions to care delivery as well as possible privacy breaches ransomware poses. Healthcare entities can take steps to better detect these incidents as well as reduce their risk of becoming victims of cryptocurrency mining malware attacks.
“Cryptocurrency mining software can tax the processing capabilities of a system, leading to a degradation in system performance,” Fricke notes. “Additionally, look for suspicious software services running in the system’s memory. There may be some unexpected outbound traffic from the compromised server communicating computation results to an external party.”