April 02, 2020

FBI Issues Alert on Malware Targeting the Healthcare Industry

On March 30, the FBI issued a warning regarding a persistent threat actor that is using the Kwampirs Remote Access Trojan (RAT) malware against the healthcare industry. The FBI finds that Kwampirs actors gain access to a large number of global hospitals through vendor software supply chain and hardware products. Infected software supply chain vendors included products used to manage industrial control system assets in hospitals. The FBI recommends a number of best practices to avoid being infected by the malware, such as employing regular updates to applications and the host operating system to ensure protection against known vulnerabilities. In addition, healthcare entities should establish a “known good” version of the relevant server with an online backup, and a regular change-management policy to enable monitoring for alterations to servable content with a file integrity system.