Chinese state-sponsored hackers known as APT41 are a threat to the U.S. healthcare industry, the Health Sector Cybersecurity Coordination Center warned Sept. 22.
Five things to know about the group:
- APT41 has been active since 2012 and has a history of targeting the healthcare sector, as well as education, high-tech, media, retail, software, pharma, telecoms, video games, travel services and virtual currency.
- APT41 conducted targeted campaigns on the healthcare sector in 2014, 2015, 2016, 2018, 2019 and 2020.
- APT41 uses tactics such as spear phishing, watering hole, supply chain attacks and backdoors to access victims' networks.
- Once inside victims' networks, the group gathers intelligence that can be used in future attacks and steals industry-specific information.
- Once initial access is gained, APT41 uses compromised credentials to move throughout an organization.