[BreachExchange] How Healthcare is a Major Target for Cybercriminals

Audrey McNeil audrey at riskbasedsecurity.com
Thu Dec 21 18:53:45 EST 2017


https://www.securitymagazine.com/articles/88592-how-
healthcare-is-a-major-target-for-cybercriminals

The internet of things has transformed the healthcare sector, allowing
security practitioners to easily share information and deliver personalized
treatments.

Yet many experts in the security industry believe that of all the
industries facing serious cyber threats, healthcare is possibly the most at
risk. That’s because relatively speaking, healthcare organizations are
still behind when it comes to security defenses.

It’s also well-documented that external attackers have set their sights on
protected health information (PHI). The value of medical records on the
black market is at least 10X higher than credit card data. Why? PHI
contains more personal data points and cannot just be reissued in the event
of a problem. Bank account details and passwords can be changed following a
breach; but information about allergies, disabilities, mental health or
hereditary conditions, can’t. So, securing this data and a healthcare
institution from these calculated threats should be a top priority.

The nature of healthcare, requires that organizations within this sector
keep highly sensitive patient data on file. Doctors need to have this
information to make informed decisions about patients, and the ability to
easily share this information within a healthcare network, has resulted in
significant advancements in the way patients are treated. Personal and
medical details are also used by staff who handle post care activities,
from post-op follow-up to billing. This reduces the admin involved and
makes it a far more efficient experience for patients.

However, housing this kind of personal information poses a severe risk.
Without the right security in place, this data is left exposed to external
threats, as malicious actors use targeted threats to infiltrate networks.
But when you’re dealing with something as important as people’s lives, it’s
not enough to only have security in place, the continuity of services is
vital. Take the WannaCry ransomware outbreak earlier this year for example,
where entire hospitals in the U.K. were shut down.

Healthcare institutions therefore need to have a cyber resilience strategy
in place. This will help them defend against threats such as ransomware,
allow continuous access to critical applications and information during an
attack and provide the ability to recover data to the last known workable
state, after a threat is neutralized.

But it even goes beyond external threats. Equally important is making sure
the organization is insulated from mistakes by both well-meaning employees
and malicious insiders. Busy staff members are bound to make mistakes
regarding PHI. With the ubiquity of email, it’s not uncommon to find a
breach where employees accidentally (or carelessly) attached a spreadsheet
or document containing PHI. A mistake like this could result in personal
harm or defamation and will have severe implications for healthcare
professionals in countries that have data protection laws in place.

To prevent brand damage, fines, and audits, healthcare organizations must
actively seek to identify and prevent PHI from leaving the organization
without the proper safeguards in place. However, this can be a monumental
task without the right technology. There are capabilities that can help
address this challenge for healthcare organizations to scan, identify and
take action on emails containing PHI. These actions include holding the
message for review, encrypting the content, applying secure messaging
between parties, converting the files and more.

Ensuring that PHI does not leave the organization without the proper
encryption and safeguards is just as essential as securing against external
attackers. Healthcare is the only industry where employees are the
predominant threat of a breach.

The healthcare sector is at major risk. The time is now for them to rethink
cyber security and implement strategies that make them resilient and
prepared for both internal and external threats.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20171221/25520b08/attachment.html>


More information about the BreachExchange mailing list