Healthcare IT Has a New Cyberthreat: Cryptocurrency Mining

An emerging new cyberthreat, cryptocurrency mining malware, is keeping healthcare IT pros up at night. Although not as vicious as ransomware, cryptocurrency mining can still greatly reduce system performance and cause vital healthcare IT systems to slow or worse, shut down because the malware uses such powerful processing.

According to recent surveys, ransomware attacks have diminished since last year. Most enterprises now have ransomware strategies in place, an increase from last year. Cryptocurrency mining malware can operate without direct access to the file system so it’s more difficult to detect. It can operate without access to a victim’s host filesystem; consequently, it would be smart for enterprises to research the extent to which existing controls such as antimalware tools function in a ‘fileless’ malware framework.

The greatest weakness in companies is often its individuals. If individuals do not make appropriate cybersecurity a priority, they will continue to be the targets of malicious attempts to dupe organizations. Motivation for cyber invasions has changed very little. Money remains the central focus of cyberattacks.

Research shows that many security leaders and their organizations are not familiar with active defense strategies, such as honeypots and sinkholes. Active defense strategies are one of the most effective countermeasures to cyberattacks. About 87 percent of those who use them say they have proven successful.

The following measures are recommended to help combat cyberattacks:

  • Invest in highly-trained cybersecurity pros
  • Consider automation-driven strategies
  • Invest in existing security controls which are still valid and useful

As attacks increase and attackers evolve and adapt to new methods, enterprises must shift their defense strategies to meet new cyberthreats. Because IT environments have stringent security and compliance requirements, VAZATA provides our clients with the highest level of protection. We are able to customize and organization’s security needs to protect against the threat of evolving cybercrime.