Why Cybercriminals Are Increasingly Targeting Healthcare Sector
Murali Urs, Country Manager, Barracuda Networks, 0
Recent incident like the data being stolen from an Indian-based healthcare website is a wakeup call for the industry. In February, a bad actor stole 6,800,000 records associated with an India-based healthcare website that contained patient information and personally identifiable information (PII), doctor information and credentials. They are directly selling data stolen from healthcare organizations and web portals globally, including India through the underground markets. Although, there have been multiple attacks in the past, this one is notable for number of reasons. One was the extent of the attack, another was how it impacted healthcare organization, but probably the biggest part of the story was how a lot of this could have been avoided.
Why is healthcare data being targeted?
Healthcare service providers have huge databases with more extensive customer information than any other industry. The stolen medical record has historically been a very lucrative piece of information to sell on the dark web. Attackers are just likely to make more money collecting ransom, than by using stolen medical records for fraudulent billing or identity theft. Health information is sold for more than credit card data and can be used for fraud or identity theft. Medical identity theft is often not immediately identified by a patient or their provider giving a fraudster enough time to milk the credentials. Low security controls across the industry makes it easy
for hackers to get large amount of personal data. The key takeaway, though, is that it ought to be kept offline, i.e. still in backups, but not always connected to their networks.
In fact, while this breach might be the largest ever publicly acknowledged one in the healthcare industry, it’s probably only a matter of time before an even larger breach gets discovered. In the new scheme of things, it probably makes a lot of sense for IT to not only have a good data backup, but have a backup strategy so that while everything is properly backed-up, not everything is readily available to a network that’s under attack. They need to strengthen their data protection by:
• Deploying E-mail Threat Scanner which scans all office 365 emails and identifies these dormant threats like spear phishing & account takeover without impacting the system’s performance.
• Archiving to reduce their email storage requirements and boost user productivity. It enables organizations to store data securely and ensures compliance and streamlines E-discovery.
• AI based threat detection tool which learns your business’s unique communication patterns to detect personalized fraud in real-time, to protect against business email compromise and account takeover.
• Organizations need to have forensics in order to understand what happens in the organization, investigate incidents and remediate and deal with them in real time.
In the meantime, complacency is always going to be any organization's worst enemy. Cybercriminals are never going to stop the launch of new variants of cyber-attacks. It’s simply too lucrative opportunity for them to ignore. They are counting on the fact that at some point, someone in the organization would have failed to back up a critical piece of data. The cost of launching cyber-attacks is nominal so it only takes a few payments for cybercriminals to see a return on their investment. The challenge cyber security professionals face is making sure that when those attacks inevitably do arrive, so that the organization is prepared to just shake them off like the form of pestilence they really are.
In fact, while this breach might be the largest ever publicly acknowledged one in the healthcare industry, it’s probably only a matter of time before an even larger breach gets discovered. In the new scheme of things, it probably makes a lot of sense for IT to not only have a good data backup, but have a backup strategy so that while everything is properly backed-up, not everything is readily available to a network that’s under attack. They need to strengthen their data protection by:
• Deploying E-mail Threat Scanner which scans all office 365 emails and identifies these dormant threats like spear phishing & account takeover without impacting the system’s performance.
• Archiving to reduce their email storage requirements and boost user productivity. It enables organizations to store data securely and ensures compliance and streamlines E-discovery.
• AI based threat detection tool which learns your business’s unique communication patterns to detect personalized fraud in real-time, to protect against business email compromise and account takeover.
• Organizations need to have forensics in order to understand what happens in the organization, investigate incidents and remediate and deal with them in real time.
Organizations need to have forensics in order to understand what happens in the organization, investigate incidents and remediate and deal with them in real time
In the meantime, complacency is always going to be any organization's worst enemy. Cybercriminals are never going to stop the launch of new variants of cyber-attacks. It’s simply too lucrative opportunity for them to ignore. They are counting on the fact that at some point, someone in the organization would have failed to back up a critical piece of data. The cost of launching cyber-attacks is nominal so it only takes a few payments for cybercriminals to see a return on their investment. The challenge cyber security professionals face is making sure that when those attacks inevitably do arrive, so that the organization is prepared to just shake them off like the form of pestilence they really are.