Orangeworm has been active since January 2015 and has infected a large number of organizations across the world. Researchers say 40% of the victims are companies activating in the healthcare sector. Researchers believe attackers attempted a supply-chain attack by infecting a service provider in order to penetrate the networks of the desired healthcare organization. Investigators believe that a major factor in the group keeping its operations under the radar is the fact that most healthcare organizations use old computers, most of which are rarely updated, and hence, are easy to hack.
Source: https://www.bleepingcomputer.com/news/security/orangeworm-hackers-infect-x-ray-and-mri-machines-in-their-quest-for-patient-data/