Thousands of storage servers housing more than 45 million medical images can be accessed from the public Internet, with the majority using default ports and many showing signs of already being accessed by malicious actors, cybersecurity firm CybelAngel stated in a research report published on Dec. 15.
Over a six-month investigation, researchers from the firm discovered more than 3,000 servers that allowed connections to port 104 — one of the network ports used by the manufacturers of medical imaging machines — and presented a banner for the medical file format DICOM. A test of 50 randomly sampled servers found that 44 — or 88% — allowed connection attempts, according to the report.
While the largest volume of files was stored in the server of a Russian health center, the largest number of unsecure servers— 819 — were located in the United States, says David Sygula, senior cybersecurity analyst at CybelAngel.
These exposed servers "are totally widespread," he says. "There are some countries that are more secure than others. [While] we saw some smaller servers that were eye doctors, ... some of the biggest ones belong to medical centers."
The research underscores that storage servers and cloud storage services continue to suffer from misconfiguration problems that expose them to data leaks and breaches. While the healthcare industry has seen its share of data breaches — such as tens of millions of records stolen from medical debt collector American Medical Collection Agency (AMCA) in 2019 — the threat of ransomware attack eclipsed run-of-the-mill data leaks in 2020.
Yet CybelAngel found that many medical organizations aren't aware that they ..
Support the originator by clicking the read the rest link below.
