For over 10 years, Apple devices and Apple based systems have been seen as virtually invulnerable to all kinds of threats and malware. This is one of the reasons Apple is the most embraced brand for healthcare IT. Even though Apple’s invulnerability may not be 100 percent correct, it is almost true as there has never been a case of any Apple device being attacked or infected by malware before now.
If your healthcare IT facilities are built on Apple systems, you need to brace up as Apple’s seeming invulnerability has been “punctured” recently. In other words, you now have to beef up security and safety of your system.
This is just an early part of 2017 and the first Apple malware of the year has been uncovered. Being a medical or healthcare organization, your database has to be doubly protected as it has to do with the medical records of patients.
The malware is tagged “Fruitfly” by some Apple executives. Although it has not been proved, it looks like the seemingly harmless malware has been holed up inside OS X for many years without being found. A careful study of its codes revealed that it was programmed to move from previous OS X to “Yosemite”. If that is true, then the malware is three years old or more. This means it has been lying dormant for up to three years.
Since there are some codes from a library that have not been used since 1998, it is believed that the codes were left unutilized just to hide Fruitfly. Up till now, no one has any idea how long it has been hiding in the machine where it was discovered and no one knows who created it.
The occurrences of the malware have only been at biomedical research institutions. According to the administrator that found the malware, Fruitfly seems to be grabbing screenshots and to also force its way into computers’ webcam.
Until more details are released on Fruitfly, Healthcare or medical systems have to be twice as careful as they may be the target. It was the abnormal outbound network traffic that occurred on a particular workstation that led to the discovery of the malware. To be on the safer side, companies managing the systems of healthcare and medical companies need to watch out for irregular traffic in these networks.
Nobody is really sure of the harmlessness of Fruitfly. It has not yet caused any major damage does not mean it is really harmless. For healthcare companies that do not have managed IT services, this is the best time to arrange for one. You can’t possibly combine your business activities with the required level of monitoring that is required to ward off this kind of malware.
Prevention is always better and cheaper than cure. What if there are other more harmful malwares yet to be discovered? Besides, it is not only about security, you also need to consider workstation performance optimization, creation of a disaster recovery plan and to upgrade your database. The most important part is that these services have to be done regularly. Can you combine all these activities with provision of healthcare services? It is almost impossible since both of them require 100 percent attention and concentration.