Why Are Healthcare Organizations One of Cybercriminals’ Favorite Targets?

The information contained within medical records is often more valuable to cybercriminals than credit card numbers, which means healthcare organizations must make an extra effort to secure their networks.

As more and more industries digitize their operations, the threat posed by cybercriminals is only getting more dire. According to some tallies, more than three billion personal records were compromised worldwide in 2016, a drastic increase from the 480 million that were compromised in 2015.

That figure is partly attributable to the fact that network security experts have become far better at recognizing when a data breach has occurred in the past year — that is to say that the 2015 figure is very likely the product of widespread underreporting. Still, it’s clear that attempted cyberattacks are only going to become more frequent and more damaging in the years to come.

One of cybercriminals’ favorite targets appears to be the healthcare space. From the UK’s National Health Service, to American health insurance providers, to actual care facilities like New York City’s Bronx Lebanon Hospital Center, a wide variety of healthcare organizations have suffered serious data breaches in recent months. This deliberate targeting is due largely to both the high value of patient medical data and the fact that the industry is still undergoing a digitization process.

The Surprisingly High Value of Stolen Medical Records

Medical records can be far more valuable to cybercriminals than financial information like credit card numbers. Not only do these records often contain sensitive identifying information like home addresses, telephone numbers, email addresses, dates of birth, and social security numbers, they also contain highly personal information about addiction histories, infectious diseases statuses, and domestic violence reports.

What’s more, unless a data breach at a healthcare organization is immediately spotted by a cybersecurity professional, patients will often have no idea that their medical records have been compromised until months or even years down the line. When an individual’s credit card information is stolen, they usually spot suspicious charges piling up right away and can work with their bank or credit card provider to nip the problem in the bud. When medical records are stolen, patients rarely have such a luxury.

Experienced cybercriminals are quite adept at assessing stolen patient data and piecing it together to form a comprehensive picture of a high-value target. Beyond using this data to file fictional claims with insurers or purchase restricted medical equipment or pharmaceuticals, cybercriminals can use medical records to greatly improve the sophistication of the kind of phishing attempts that serve as a precursor to high-value ransomware attacks.

All It Takes Is a Small Mistake

Given the severity and frequency of these attacks, securing these records must be healthcare organization’s top priority. Yet many are still struggling to find the right approach to network security.

The breach at the Bronx Lebanon Hospital Center, for instance, was the result of a fairly rudimentary mistake: a misconfigured rsync backup server. Rsync is a free, open-source software utility (originally designed for Unix- and Linux-like systems, but now easily adaptable for Windows) that copies files and directories from one host to another. The software makes it possible to maintain offsite backup copies of their records by syncing data to servers outside of their internal firewalls, thereby freeing up onsite server space and providing a disaster recovery mechanism in the event of a total onsite system breakdown.

If IT administrators fail to institute proper rsync security protocols, however, anyone who knows how to use a tool like Shodan — a search engine that helps users find all the devices connected to the internet falling within a wide variety of parameters — can easily gain access to the backup versions of information hosted outside an organization’s internal firewalls.

Getting Help From a Healthcare IT Expert

Ultimately, breaches of healthcare organizations’ networks have serious consequences for everyone involved. Patients suffer by becoming targets of phishing attacks or having their identities stolen, and the organizations themselves are often hit with substantial fines for failing to comply with the Health Insurance Portability and Accountability Act (HIPAA). Perhaps worst of all, the critical trust between healthcare providers and patients is weakened or destroyed.

As such, every healthcare organization should strongly consider partnering with an experienced network security expert like Turn-key Technologies to ensure that its critical patient data remains safe and secure. We understand the unique challenges involved in healthcare IT, and we leverage our decades of experience in the medical field to deliver robust networking solutions that are as high-performing as they are secure.

By Craig Badrick

10.31.2017

Sign up for the TTI Newsletter