Health Care is the Target of New APT Attacks - Machado Consulting's News You Can Use | Worcester, Massachusetts | Machado Consulting


Helder Machado

President/CEO of Machado Consulting

Health Care is the Target of New APT Attacks

How strong are your passwords? This is the question that security agencies in both the US and the UK are asking health care professionals. That’s because they’ve identified a dramatic rise in the number of attacks targeting these workers and their institutions. 

CISA, the cybersecurity arm of the US Department of Homeland Security, has issued a joint alert in conjunction with the United Kingdom’s National Cyber Security Centre (NCSC). According to them, advanced persistent threat (APT) groups are seeking to steal from organizations responding to COVID-19. 

This victim group in US and the UK includes health care bodies, medical research organizations, pharmaceutical companies, and local even governments and universities. 


Why Health Care?

The pandemic has piqued the interest of APT actors thanks to the potential to obtain secret intelligence or research related to COVID-19. This could be used to further national priorities. Also vulnerable to attack is the bulk personal information of millions of people and the intellectual property of institutions looking for treatments, cures, and vaccines for the virus. The company or nation which can find and manufacture a treatment or vaccine stands to benefit massively. Global demand for such an item would be astronomical, so it’s no wonder APTs are swarming.

Knowing Your Enemy 

An advanced persistent threat or APT is a group that attempts to gain undetected access to a computer network for a long period of time. Their attacks seek to distribute malicious code to computers across a network in order to perform specific, long-term tasks. Motivations for APT groups are usually political or economic, and they are often operated or sponsored by nations.  

The main tool APT actors are using in this endeavor is called password spraying. This type of attack tries to gain access to accounts by trying commonly used passwords. Rather than attempting to brute force their way into a single account which may lock them out after several failed tries, password spraying tries the same few passwords across many accounts. This way, attackers are largely able to avoid detection because they don’t get locked out after too many failed attempts. 

These attacks work because people often use weak, easy-to-guess passwords. The NCSC says that common passwords include names (like Ashley, Michael, or Daniel), soccer teams, musicians, and fictional characters. “123456,” “password,” and “qwerty” also made the list with millions of accounts using them. 

What Can Be Done?

While both CISA and the NCSC are doing what they can to protect the stressed health care industries in their countries, they need the companies and workers themselves to take steps to stop APTs.  

The report offers some ways that they can do this. It all starts by using strong, hard-to-guess passwords as well as enabling multi-factor authentication. They also recommend utilizing virtual private networks (VPNs), remote access tools which automatically install the latest patches and updates, and monitoring software to identify when network intrusions are occurring.  

Creating an in-depth security plan that works for your health care organization can be difficult and time-consuming, but it doesn’t have to be. Rather than fending for yourself, asking for help can be a truly heroic move. As you’ve seen, these threats are on the rise. The time to act is now. Reach out to a trusted managed service provider like us and see how we’re more than your IT department. Contact us at  or by phone at (508) 453-4700. 

In COVID-19's Wake: Opportunity for Change
Reopening MA: Second Phase

Search Blog

Subscribe to Our Blog