Orangeworm has struck again, this time targeting the computers that operate MRI, X-Ray and other medical devices and machines. These attacks aren’t destructive or malicious however, rather the hackers are accessing the devices in order to learn more about them as part of an ongoing corporate espionage operation. The attack appears to be targeting/gathering information on how these types of machines work, and have also shown interest in "machines used to assist patients in completing consent forms for required procedures.
However, these attacks shouldn’t be considered benign, as once a computer is successfully infected with Malware, hackers have the ability to extend the functionality “by downloading and executing additional modules in memory” which then “may be customized to the victim’s environment to assist the attackers in performing any desirable action on these devices” claims Alan Neville, Symantec researcher.
Companies in industries such as manufacturing, information technology, agriculture and logistics, many of which have links to the healthcare industry, have also been targeted.