The healthcare industry was the number one target of cybercriminals in 2015, new research indicates. Previously, the banking industry held the top position.
In 2015, more than 100 million healthcare records were compromised, according to IBM’s “2016 Cyber Security Intelligence Index.” It is based on data collected between January 1, 2015 and December 13, 2015 and from more than 8,000 client devices in over 100 countries.
The Independent reports that “five of the eight largest healthcare security breaches since the beginning of 2010, with more than one million records compromised, took place during the first six month of 2015.”
Healthcare records are a veritable jackpot for cybercriminals, providing them access to credit card data, Social Security numbers, employment information and medical history records. These can be used in the commission of fraud and identity theft. The following is just one example of the impact of medical records having been hacked:
“Martin Borrett, CTO IBM Security Europe, explained how much damage stolen health data can cause and why it is such a target for theft.
‘We had a situation with a colleague from IBM in the US. John Kuhn, a senior security threat researcher, had to show hospital staff his stomach to prove he did not have a scar from the surgery they had charged him for.
John’s medical records had been stolen, and sold to someone else who had used them to have the surgery, leaving him with a $20,000 bill.’”
Another disturbing element of the findings for 2015 is that approximately 60 per cent of cyber-attacks were conducted by “insiders.”
The top five industries targeted by hackers:
Ransomware attacks on hospitals have been in the news frequently of late, having occurred in California, Indiana, Kentucky, and Maryland. Because of the nature of the business of hospitals, hospital personnel is coerced into a rushed decision-making process in order to recover their systems and avoid disruption of patient care.
Why has healthcare become such an appealing target?
Relating computer security to the health-conscious practices healthcare providers have in place, Hanley said: “[It’s about] getting back to the basics, user education, security hygiene.”
Written by: Sneacker
Edited by Pierluigi Paganini
(Security Affairs – Healthcare Industry, cybersecurity)