Healthcare IT Blog

Insights on advancing the business of care



HHS report reveals concerning trend in cyber attacks against practices

Common Security Tools Are Being Targeted by Hackers for Remote Access Without Detection. 

In a recent report by the Department of Health and Human Services (HHS), several legitimate security tools have been identified as points of entry for cybercriminal activity. These tools, which include Cobalt Strike and Microsoft Powershell, are commonly employed to support healthcare IT environments. 

Use the following information to better understand this troubling trend and the steps your practice can take to remain truly protected. Contact a PEAKE Practice Advisor for a free consultation or schedule a Security Risk Assessment before the end of the year. 

This trend is a counterattack to existing antivirus and endpoint detection/response (EDR) tools. Since any illegitimate or black-market remote monitoring tool would likely be detected and blocked by endpoint protection software, hackers are finding ways to exploit existing security tools connected to target networks.

Many threat actors who specifically target the healthcare industry have been leveraging penetration testing tools and controlling remote computers in elaborate ransomware strategies. Cobalt Strike, a popular tool that organizations often use to simulate a cyberattack, has been flagged in recent ransomware attacks. Code in pentesting tools like Cobalt can be customized for nefarious purposes including social engineering and email phishing scams.

What can your practice do about these new threats?

It is important to note that the HHS report does not recommend abandoning the use of these tools, but rather professionally evaluating their use and policies surrounding their use.

The best way for healthcare business leaders to protect themselves is by having a firm grasp of what their IT environment looks like. It is imperative that someone in your organization maintains organized visibility into your IT systems and performance

IT support organizations like PEAKE should provide the metrics and management options to bring confidence in your IT infrastructure and security, including internal tools and experts who can recognize when a monitoring, administrative, or controlling tool behaves suspiciously.  If an unknown security tool’s commands show up, it could be evidence of a cyberattack, insider threat, or internal misuse. So, it stands to reason that the staff who monitor your IT systems need to identify what is known from what is unknown.

Schedule regular communication with your IT director or PEAKE Technical Account Manager.  Include a discussion regarding the tools used on your network and tools used by any vendors that have access to your network. Communication and awareness are often our best defenses.

Learn more about PEAKE’s recommendations on Cyber Security Strategies on our website or call (866) 357-3253 to speak with an IT expert.

Cyber Defense Whitepaper

Recommended action for any medical practice to mitigate the risk of cyber attack. [Download Whitepaper]

by Elisabeth Happel

October 2022

How can we partner with you?

IT Operations

As a fully-managed service provider, PEAKE promises 24/7 monitoring and rapid response.

Learn More +

Security Risk Assessment

Protect your IT investment with HIPAA-compliant security and data-management tools.

Learn More +

Private Cloud

PEAKE’s Private Cloud solution provides predictable cost and performance using a platform tailored to your organization’s needs.

Learn More +

Hosted VoIP

This system is built to scale easily from 5 to 5,000 employees and includes advanced call center, reporting, and telework features.

Learn More +

Call 866.357.3253 to speak with a PEAKE Solutions Representative about partnering with PEAKE for your IT Support needs.

PEAKE Technology Partners is an industry-leading IT Managed Services Provider for Healthcare organizations.



5041 Howerton Way
Suite A
Bowie, MD 20715
(866) 357-3253

North Carolina
3915 Beryl Road
Raleigh, NC 27607

2021 PEAKE Technology Partners. All rights reserved.