- by Medikoe HealthTech Expert
- 0 Shares
- Apr 28 2017
FBI alert: Cybercriminals targeting FTP servers to compromise health data
When servers are configured to allow anonymous access, hackers can infiltrate an organization and launch a cyberattack.
Cybercriminals are actively targeting file transfer protocol servers of medical and dental organizations, according to an FBI alert released March 22.
Hackers operating anonymously are attempting to access protected health information and personal identifiable information to harass, intimidate and blackmail business owners, officials said.
While the FBI recognizes that white hat hackers perform similar tasks for research purposes, it emphasized that these criminals are attempting to infiltrate the servers of healthcare organizations to store malicious tools or launch cyberattacks.
In 2015, a University of Michigan research team discovered that more than 1 million FTP servers were configured to allow anonymous access, allowing users to authenticate with a common username with a generic password– or without using a password or email address at all.
"In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft and compromise by cyber criminals who can use the data for criminal purposes such as blackmail, identity theft or financial fraud," officials said.
The FBI recommends that all healthcare organizations to check FTP network servers to determine whether they are running in anonymous mode. If the IT team needs the server configured to run anonymously, officials said, protected health information and personally identifiable information should not be stored on that system.
Note We at Medikoe provide you with the best healthcare articles written and endorsed by experts of the healthcare industry to boost you knowledge. However, we strongly recommend that users consult a doctor or concerned service provider for expert diagnosis before acting on this information.