How to Protect Healthcare Data from Orangeworm

Orangeworm, the new cyber group, seems to have its eyes set on undermining healthcare data security. Just last month, Symantec reported that they believe Orangeworm is using malware Trojan.Kwampirs to target:

  • Healthcare Providers
  • Pharmaceutical Firms
  • IT Solution Providers for Healthcare
  • Healthcare Equipment Manufacturers
  • Manufacturing, IT, Agriculture, and Logistics Firms Possibly Linked to Healthcare

Symantec believes the firms in the last bullet point have been targeted as “part of a larger supply-chain attack in order for Orangeworm to get access to the intended victims related to healthcare.” At this point, we don’t know why Orangeworm is targeting healthcare data, but we do know that Trojan.Kwampirs spreads over computers running legacy operating systems — like Windows XP — and you need to do everything you can to protect against it.

Protect Your Organization from Orangeworm with Healthcare Security Best Practices

Start following these healthcare security best practices to protect your healthcare organization’s data from Orangeworm, Trojan.Kwampirs, ransomware, and all other types of malware:

  1. Use a firewall.
  2. Make sure software patches are up-to-date.
  3. Enforce complex password policies.
  4. Ensure users have the lowest level of system privilege needed to do their job.
  5. Disable AutoPlay to prevent auto launches of executable files.
  6. Turn off file sharing (if unnecessary).
  7. Physicians should closely examine EHR file-share requests to ensure it’s a verified healthcare professional on the other end.
  8. Turn off Bluetooth (if unnecessary).
  9. Turn off and remove unnecessary services.
  10. Block suspicious file attachments with your email server.
  11. Educate and train employees on email security best practices.
  12. Don’t accept unsigned or unknown applications.
  13. Create a plan to quickly isolate infected computers.
  14. Have a data backup and recovery plan.
  15. Watch for these 5 cybersecurity threats to EHRs and EMRs.

Implement a Strategic IT Healthcare Data Protection Plan

At Integracon, we help protect healthcare organizations’ data with a variety of services, including:

  • IT Managed Services Contracts
  • IT Managed Security
  • IT Mail Services
  • IT Advanced Recovery Services
  • IT Cloud Services
  • Strategic IT Management and Infrastructure Services
  • IT Telecom Services
  • IT Mobile Device Management
  • IT Regulatory Compliance Services
  • IT Emergency Services
  • Asset Disposal and Recycling Services

With these managed healthcare IT services, you received built-in IT security, disaster recovery, usage-based pricing, service level guarantees, technology upgrades and access to the latest technology, and unlimited functional and technical support. In the end, this helps healthcare organizations thwart groups like Orangeworm (as well as malware and ransomware) and streamline their IT operational costs. Best yet, our managed IT services also help healthcare centers re-focus their attention on what they’re there for — healthcare services, not IT infrastructure and applications.

Want to see how your healthcare organization stacks up in the fight against Orangeworm and malware? Contact Integracon for a free network assessment!