With the new year comes new viruses threatening healthcare systems. HIMSS’ latest monthly Healthcare and Cross-Sector Cybersecurity Report, unveiled just before the new year, laid out several threats that providers everywhere should be keeping an eye on as they seek to shore up cyberdefenses.
1. Kubernetes Hole Exploits May Appear
Pointing to a recent advisory from the National Institute of Standards and Technology, providers should beware of a possible Kubernetes hole in earlier versions.
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
"The Kubernetes vulnerability was reported earlier this month, the vulnerability was addressed, and the talk about it died down," report author Lee Kim, director of privacy and security at HIMSS, tells Healthcare IT News. "But the exploits are continuing to be developed. So, that was very interesting to see."
2. Phishing Continues to Open Healthcare Up to Threats
In a survey from HIMSS that came out last year, respondents identified phishing attacks as one of the top threat actors. In fact, 62 percent of respondents pointed to email as a point of compromise, a fact that isn’t likely to change anytime soon.
"There has been an uptick recently in credential phishing, including those targeting popular web mail services," says Kim.
3. Cryptomining Grows in Popularity for Hackers
Malicious cryptomining, also known as cryptojacking, allows threat actors to attack multiple devices at once, which can take a bite out of computing power. It’s on the rise in healthcare, with the report noting that “cryptomining is beating out ransomware as a top cyber threat, including in the Middle East, Turkey, and Africa.”
4. Terrible Passwords Still Leave Organizations Vulnerable
Not all threats are new, and perhaps the oldest of them all is the weak password, which can make organizations particularly vulnerable to threats like password spray attacks. What made the list as the most used passwords of 2018? You’ll never guess (OK, you probably will): At the top of the list was “12345,” followed by “password” at No. 2.
“This should be no surprise, including to people who maintain lists of common credentials,” Kim notes in the report.