In recent months the Dell SecureWorks Counter Threat Unit has found that the healthcare industry is particularly vulnerable to advanced threats, with many of the most prevalent malware tools used by Advanced Persistent Threat (APT) groups affecting the healthcare industry at a rate comparable to or greater than its peers in the banking, retail and manufacturing industries. Most malware subtypes are represented in the attacks that healthcare organizations have experienced. This may be partially due to the attackers' strategy of using healthcare organizations as a "testing ground" for malware, before deploying it on targets in other industries. Healthcare organizations are viable testing platforms for "proof of concept" attacks, due to the general lack of effective controls and high state of vulnerability throughout their networks. This whitepaper describes the APT threat to healthcare organizations and explores some defensive strategies to address the risks.
You will learn:
- The background of threats within the healthcare industry;
- The definition of Advanced Persistent Threat (APT), stages in the lifecycle and some tactics used by the threat actors; and
- Steps organizations need to take to protect themselves against APTs.