- Nordpass and Nordstellar examined data teraoctets
- The analysis discovered bad password practices in the health care industry
- Organizations lack solid staff and policies
Hygiene in hospitals and clinics is essential, but cyber -hygiene – although just as important – is constantly neglected, have warned experts.
A report from Nordpass and Nordstellar said that low password practices are “dangerously common” in the health care industry.
Based on a 2.5 TB examination of various sources accessible to the public (including the Dark web), the two organizations have found that different medical institutions, including private clinics and hospital networks, are based on “predictable, recycled or default passwords” to protect critical systems. Consequently, sensitive patient data, and possibly their health, is placed at an immense risk.
Neglect
“When the systems protecting patient data is kept by passwords like” 123456 “or” P @ ssw0rd “, it is a critical failure in cybersecurity hygiene. In a sector where confidentiality and availability are vital, this type of negligence can have real consequences, ”said Karolis Arbaciaskas, commercial product at Nordpass.
The report also lists the most frequently used passwords identified in the health care sector. If you use one of them (or a variant), be sure to change them for something more difficult to break:
- Fabrizio19
- 123456
- Melu3 @ 12345
- @ Vow2017
- Mercury9.
- password
- Marty1508!
- Carlton @ 1988
- 12345678
- @ Vowcomm2018
- dad
- 12345
- Durson @ 123
- P @ ssw0rd
- Simerica
- Raffin2209!
- ASSPAIN28 #
- Black-smith
- neuro
- default
Policies and training
The teams warn the passwords that reflect personal names, simple numbers or default configurations, are all main targets for raw-fun attacks and the dictionary, in which cybercriminals automatize the process and try countless combinations until they slip away.
To make things worse – a break -in is more than sufficient to wreak havoc, because the lateral movement can compromise whole networks, expose sensitive data and cause different infections of malware and ransomware.
The report underlines that health establishments “lack of clear passwords or staff training policies”, which is why they are recommended to apply solid password policies, eliminate the use of default or specific passwords, use a professional quality password manager, train staff and introduce 2FA as far as possible.
