A group of hackers called Orangeworm has been sneaking into healthcare companies' computer systems, according to Symantec.
Of the nearly 100 companies breached by the group, 39% were in healthcare, according to the software and cybersecurity company. The group has targeted between 24 and 36 organizations this year alone, including companies in healthcare, IT, manufacturing and logistics.
The hackers have broken into imaging devices, like X-ray and MRI machines, as well as computers related to patient consent for medical procedures. They also homed in on manufacturers and others in the supply chain.
"That shows us they're not simply looking for patient data," said Vikram Thakur, a security researcher at Symantec. "They're looking for information about the industry as a whole."
But Orangeworm's motives remain unclear, he said.
After breaking into a company's network, the hackers install the Kwampirs malware to gain access to computers on the network so they can extract information about the network. They then install more malware to steal information, though Symantec isn't sure what type of information specifically.
Cybersecurity problems continue to plague healthcare, though the number of reported breaches is slightly down for the first three months of 2018, with 77 breaches compared to 83 during the same period last year. Information on more than 1 million people was breached during the first quarter of 2018, compared to 1.7 million in the first quarter of 2017.
Healthcare organizations spent 15% of their IT budgets in 2017 on information security, according to a report from the Ponemon Institute. The organizations surveyed had an average of 16 cyberattacks in 2017, up from 11 the year before.
To protect themselves against this specific threat, healthcare organizations should make sure their systems are up to date and protected by strong passwords, Thakur said.
"It's a question of raising the level of hygiene of the network to reduce the risk," he said.