The industry of healthcare is the most affected by a strain of malware known as the Gatak Trojan Malware, in accordance to Symantec, a data security firm.
The latest Gatak Trojan malware can lie undetected and untraced for extended time periods, and also is capable of extending to other computers on a network in several cases, the company discloses.
In a just released blog posting, Symantec informed that healthcare agencies comprise 40% of Gatak victims. The automotive, construction, education and gambling industries each account for 5% of victims, with another 40% unclassified.
It is still unclear how Gatak benefits from attacks, but one potential reason is the selling of personally identifiable data, which could explain the focus on healthcare agencies, because health records typically command a higher price, Symantec points out.
Furthermore, healthcare agencies mostly do not have sufficient security resources, which could lead to taking shortcuts and utilizing pirated software, increasing the vulnerability to malware attacks.
What makes the Gatak Trojan Malware so dangerous and risky is its capability to lay dormant for long periods after infection, thus evading tracking and detection. Gatak is keenly accepted by victims because it seems to be from a vendor and provides product licensing keys for pirated software.
“The malware is bundled with the product key, and if the victim is trapped into downloading and opening 1 of these files, the Gatak Trojan is surreptitiously installed on their computer,” Symantec elaborates. The key module of the malware then steals important data from the infected computer.
Software product keys being provided are those most likely to be utilized in expert environments, in accordance to the firm.
Software brands used to lure victims to download Gatak malware involve, Native Instruments Drumland, SketchList3D, BarTender Enterprise Automation, BobCad-CAM, HDClone, Siemens SIMATIC STEP 7, CadSoft Eagle Professional, Originlab Originpro, PremiumSoft Navicat Premium, Manctl Skanect, and Symantec System Recovery (part of Veritas).
The complete blog of Symantic is available here.
No comments:
Post a Comment