The healthcare industry has many ailments: financial pressures, a lack of skilled healthcare providers, uncertainties around reform and, in many cases, an increasingly unhealthy populace. But that’s not all it has to deal with.
A new report, Beyond Compliance: Cyber Threats and Healthcare, released today by intelligence-led security company FireEye has highlighted common cyber-threats to healthcare organizations.
The report identifies cyber-espionage as being one of the top three most-common threats. Making up the triad of terror are data theft and disruptive and destructive threats.
An interesting finding made by FireEye was the large number of healthcare-associated databases observed for sale online between October 1, 2018, and March 31, 2019.
The databases – the majority of which could be bought for under $2,000 – contained personally identifiable information (PII) and protected health information (PHI), such as patients' ZIP codes, email addresses, driver’s licenses and health insurance details associated with healthcare institutions in the US, the UK, Canada, Australia and India. Some data sets were on sale for as little as $200.
Luke McNamara, a principle analyst at FireEye Intelligence, said: “The large number of data sets being sold and the low prices you can purchase the sets for shows how ubiquitous access to them is.”
The report acknowledged that “buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common" and predicted that this scenario was unlikely to change given the data’s "utility in a wide variety of malicious activity ranging from identity theft and financial fraud to crafting of bespoke phishing lures.”
Thefts of valuable research and mass records were observed being carried out by nation-states as well as by individuals.
FireEye witnessed the deployment of multiple advanced persistent threat (APT) attack campaigns by several different countries, including China, Vietnam and Russia. China attracted special mention in the report for showing a particular interest in mining data linked to cancer research.
Asked if China was the biggest culprit when it came to cyber-espionage, McNamara said: “I think so, from what we have seen over the years. They have shown the most concerted interest in the space.
“There are well-known groups like APT 32 from Vietnam who targeted the UK and many one-offs, but China by far makes up most of the activity.”
Healthcare organizations will continue to be attractive targets for cyber-criminals because of the nature and quantity of the data with which they are associated. At least with this report, they have some idea of what’s lurking in the shadows.
McNamara said: “By putting this report out there we hope to get organizations to understand the range of threats out there.”