Brought to you by OnGuard IT Security

Medical Data in theCrosshairs: Why is

Healthcare an Ideal Targetfor Ransomware? -

Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

August 14, 2015

In May of 2015, healthcare company Carefirst Blue Cross and Blue Shieldmade news after it was hit by a data breach that exposed sensitive data ofits customers based in Maryland, Washington, and Virginia. Valuable personalinformation of the healthcare insurer’s 1.1 million-customer base gotcompromised, including social security numbers, financial records, passwordsand credit card credentials. CEO Chet Burrell expressed dismay and regretbefore assuring customers that necessary actions were being undertaken torepair damages caused by the incident.

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

This isn’t the first incident where healthcare companies appear to have fallenshort on security, leaving them vulnerable to cybercriminal schemes. In fact,Carefirst—said to be the “third Blue Cross and Blue Shield company” tobecome subject to cyber-attacks—is a considerably small addition to the pileof incidents looked into by the authorities and security experts on theburgeoning problem of healthcare as the new cybercrime target.

Healthcare under attack

In the past decade, attackers have regularly hit targets such as retailers andeven banks to mine banking and other financial credentials that will translateinto profit. They've since cast a wider net on other industries, showing thateven the most unlikely of victims and most formidable of institutions couldeasily be preyed on by online crooks. Companies, big and small, havebecome targets. In turn, customers have grown uneasy about their security.

Over the past year, the financial sector is still being hit, but healthcarecompanies are being hit harder. It begs the question: Why are healthcarecompanies being targeted?

In a nutshell, it's all about the data.

Healthcare service providers have huge database that serve as a repositoryof customer information that's more extensive than any other industry ororganization—the type that, when stolen, cannot be easily replaced. TrendMicro Global Threat Communications Manager Christopher Budd notes,“Healthcare data represents the ‘holy grail’ in terms of data theft. Whencredit card data is stolen, the criminals can use that only until the credit ordebit cards are cancelled. But how do you ‘cancel’ your social securitynumber? You can’t.”

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

Troves of mined data from healthcare companies are good as gold forcybercriminals as these can easily be used for identity theft and otherschemes, from opening accounts using stolen identities, resale in the blackmarket, and even for blackmail. It has already been proven that this dataisn't as secure, making for an even more ideal target.

The Identity Theft Resource Center (ITRC) supports this by saying that fourout of ten breaches recorded from 2005 to 2014 zoomed in on the medical orhealthcare industry as their prime attack target. The US Department ofHealth and Human Services also said that since 2009, cybercriminals havecompromised data of over 120 million customers from more than 1,100different breaches on healthcare organizations. This only goes to show thatmedical information is highly valuable in the eyes of the attackers.

2009-2015: A timeline of healthcare breaches

Healthcare-related breaches have been reported since 2005, but it was in2009 when attackers have started amassing records that exceeded the 4Million mark. That year, the Virginia Department of Health made theheadlines with a reported breach that involved 8 Million customer records andover 35 million prescriptions from a hacker that demanded $10 Million inreturn.

In 2011, the United Kingdom's National Health Services reported "humanerror" as the primary reason for compromising over 8 Million unencryptedpatient records. Laptops where unencrypted patient records resided werereported stolen, which resulted in the breach that exposed their customers'information.

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

2013 saw a big breach that exposed more than 4 Million patient records fromthe Advocate Medical Group. The incident was blamed on the lack of strongencryption measures employed on four stolen computers, exposing theircustomer's names, addresses, dates of birth, and social security numbers tocybercriminals.

Between 2012 and 2014, cybercrimals started to ramp up attacks on thehealthcare industry, which remarkably suffered more than the business,military, and government sectors. In fact, the number of health care serviceprovider victims has grown almost fourfold in 2014 from when it was firstobserved in 2005.

In 2014, Tennessee-based hospital operator Community Health Systems(CHS) announced a security breach that resulted in the loss of personal dataof over 4.5 million patients. The attackers, circumvented the company’ssecurity systems to collect five years’ worth of personal data from names,addresses, dates of birth, telephone numbers, and security systems.

The sophistication of the technique used in the CHS breach led showed thatattackers are adopting new methods to infiltrate target systems—moreadvanced methods that didn't require physical contact with the targetsystems, such as the need to steal or illegally access computers and laptops.

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

This is highlighted by the massive attack carried out on Anthem Inc., thesecond largest health insurer in the United States, that was announced lastFebruary. The attack, said to have begun in April 2014, employed the use ofcustom backdoors to amass valuable information belonging to over 80 millionformer and current customers and even employees of the company. WhileAnthem CEO Joseph Swedish said that “no evidence that credit card ormedical information, such as claims, test results or diagnostic codes weretargeted or compromised,” names, birthdays, member IDs, social securitynumbers, phone numbers, email addresses, and employment records werestill compromised.

Approximately over a month after Anthem’s announcement, Premera BlueCross divulged a breach in March of 2015 that exposed medical and financialinformation of over 11 million customers. Discovered at the tail-end ofJanuary this year, Premera shared that the initial attack occurred on May2014. While the company said that no evidence shows the removal or“inappropriate use” of information from the company’s system, names, datesof birth, email addresses, addresses, telephone numbers, social securitynumbers, member ID numbers, bank account information, claims information,clinical information that dates back to 13 years were said to have beenexposed to possible risk from the attack.

How can companies secure healthcare data?

Trend Micro’s 1Q 2015 Security Roundup showed why healthcare serviceproviders have become a goldmine for cybercriminals.

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

With retail companies, banks and other commonly-targeted organizations inthe past boosting more robust security measures, online criminals are morelikely to target less-secure organizations. Security researchers have indicatedthat the healthcare industry is “behind other industries when it comes tosecurity.” In fact, the FBI has issued a well-founded warning a year ago onthe “lax cybercsecurity systems” used to protect healthcare information,which is considered even more valuable on the black market that credit cardcredentials. At the rate the healthcare industry is responding, we might be nfor even bigger attacks soon.

While earlier attacks on the health care industry were facilitated by the theftor loss of unencrypted laptops and other devices, it's no longer the case.Sophisticated schemes are now in play and organizations need to invest inmeasures and solutions built to keep up with the threats coming their way.

Protecting healthcare information involves covering all bases of cybersecurity:guarding patient portals, proactively preparing against data loss, detectingbreaches, auditing for compliance, safeguarding medical devices, securinglegacy systems, and watching out for all possible endpoints that may beattacked.

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News

Medical Data in the Crosshairs: Why isHealthcare an Ideal Target? - Security News

Have Security Concerns?Whether a business is thinking of adopting cloud computing or just using email and

maintaining a website, cybersecurity should be a part of the plan. Theft of digitalinformation has become the most commonly reported fraud, surpassing physical theft.Every business that uses the Internet is responsible for creating a culture of securitythat will enhance business and consumer confidence. Jaxxon Consulting brings 24/7

security monitoring and disaster recovery to your business at prices you can afford tokeep you business safe and secure against today's threats and malicious software.

Learn more

Medical Data in the Crosshairs: Why is Healthcare an Ideal Target? - Security News