The health sector is being struck by cyber-espionage

Security researchers say a group of hackers has been targeting firms related to health care in order to steal intellectual property.

The news:  Symantec reports that it’s observed a hacking team, called Orangeworm, compromise the systems of pharmaceutical firms, medical-device manufacturers, health-care providers, and even IT companies working with medical organizations. Victims don’t appear to have been chosen at random but “carefully and deliberately.”

What they’re doing: The point to these hacks doesn’t appear to be theft of patient data like insurance records. Instead, the hackers seem to be looking for intellectual property—such as details of drug manufacturing, or technical details about expensive medical imaging systems.

Who’s doing it? That remains unclear. Symantec says it doesn’t appear to be the work of a nation-state, but rather “an individual or a small group of individuals.” But so far there are no clues within the attacks to reveal who is in the group, or where it’s based.

Why it matters: It’s unusual that a small band of hackers would go after intellectual property in this way, rather than personal details that can be easily sold for cash. That raises questions about who is paying them to gather the information. But the group is clearly doing its job well: it’s attacked over 100 organizations since 2015.