FBI alert: Cybercriminals targeting FTP servers to compromise health data

When servers are configured to allow anonymous access, hackers can infiltrate an organization and launch a cyberattack.
By Jessica Davis
10:48 AM

Cybercriminals are actively targeting file transfer protocol servers of medical and dental organizations, according to an FBI alert released March 22.

Hackers operating anonymously are attempting to access protected health information and personal identifiable information to harass, intimidate and blackmail business owners, officials said.

While the FBI recognizes that white hat hackers perform similar tasks for research purposes, it emphasized that these criminals are attempting to infiltrate the servers of healthcare organizations to store malicious tools or launch cyberattacks.

In 2015, a University of Michigan research team discovered that more than 1 million FTP servers were configured to allow anonymous access, allowing users to authenticate with a common username with a generic password–  or without using a password or email address at all.

[Also: Former FBI cyber section chief on using data mapping to mitigate breach risk]

"In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft and compromise by cyber criminals who can use the data for criminal purposes such as blackmail, identity theft or financial fraud," officials said.

The FBI recommends that all healthcare organizations to check FTP network servers to determine whether they are running in anonymous mode. If the IT team needs the server configured to run anonymously, officials said, protected health information and personally identifiable information should not be stored on that system.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn