Feds warn healthcare organizations of ongoing abuse of legitimate security tools

The Department of Health and Human Services Cybersecurity Coordination Center warned the healthcare sector of a number of legitimate security tools that are most often abused by hackers in an Oct. 6 whitepaper. 

Five things to know:

  1. The most commonly used security tools include Cobalt Strike, PowerShell, Mimikatz, Sysinternals, Anydesk and Brute Ratel.

  2. One of the most prolific of these is Cobalt Strike. The tool has been abused for malicious purposes for the last five years.

  3. Cobalt Strike is a commonly used remote access tool that is able to orchestrate cyberattacks and has been frequently used by prolific ransomware groups like Emotet, Ryuk, Conti and Cuba.

  4. Another commonly used tool is PowerShell. This tool allows hackers to compromise resources.

  5. HC3 is not endorsing or criticizing the legitimate tools detailed in the report, but is calling on healthcare organizations to evaluate open source, vendor tools and capabilities prior to purchase or deployment to determine the possible risks.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars