TrickBot trojan named the most dangerous threat to healthcare

The infamous Emotet and TrickBot trojans have been named as the two most popular attacks on healthcare organisations in 2019.

Emotet detections surged at the beginning of 2019 but a huge wave of TrickBot threats in the second half of the year has placed it as the number one threat to healthcare organisations today.

The number of threats presented by trojans, hijackers and riskware each grew by over 80% in 2019 compared to last year, according to Malwarebytes.

The cyber security company said the healthcare threat landscape has experienced significant growth this year which means those tasked with protecting it should be especially concerned as we approach the start of 2020.

The firm also observed a 60% increase in the overall number of threat detections at healthcare organisations in just the first three quarters of 2019 compared to the entirety of 2018.

In addition, there was an observable 45% increase attacks on healthcare-facing endpoints from Q2 2019 to Q3.

"Healthcare is vital to our population, industries and economy, which is why it's an especially concerning industry to see targeted by cybercriminals," said Adam Kujawa, director of Malwarebytes Labs. "Emotet, TrickBot, exploit, and backdoor detections targeting healthcare organisations are known to drop ransomware payloads later in their attack chains.

"For too long, these organisations have suffered due to antiquated equipment and underfunded IT departments, making them especially vulnerable," he added. "We should be arming healthcare now with extensive security measures because this pattern suggests that ransomware is looking to penetrate healthcare organisations from several different angles."

Healthcare is an industry which is famously underfunded and one in which cyber security is rarely prioritised. There are certain challenges that must be overcome in order to reach a point where healthcare institutions can afford to take cyber security seriously, according to Dr Saira Ghafur, lead for digital health, Institute of Global Health Innovation, Imperial College London.

Speaking at a Westminster eForum event in October 2019, Dr Ghafur said the NHS only spends about 2% of its annual budget on cyber security and this is because things like "buying cancer drugs are often seen as more of a priority than cyber security".

She also said there are no IT professionals on any of the NHS boards "so until you've got those people on NHS boards, then it's very difficult to then kind of ask for the money and make the case to the people who are actually in charge of budgets".

"[Assigning budget to security is] absolutely a choice but then when the NHS is underfunded as a whole system, then actually IT is going to be ... lower down in the priority of when you've got direct clinical care that you need to provide for patients," she added.

Healthcare organisations also rely on legacy technology to keep their life-saving equipment operational in some cases. Certain machines can only operate using the likes of Windows XP which has gone end of life and it can be difficult to replace these within constrained budgets.

"We need a lot more money to replace legacy infrastructure to actually secure medical devices and all other IT equipment that we already have, let alone all the new things that are coming into play as well," said Dr Ghafur, comparing the NHS' budget to other industries which can much spend more.