Category : Blog
Why healthcare industry is being targeted by Hackers?
Health care is one of the most important industries. While other sectors focus on products people want, the medical field provides a service the public actually needs. Sadly, this altruism isn’t rewarded. Hackers are increasingly targeting these institutions with their nefarious plots, and a lot of patients are getting caught in the crossfire. The problem here is that quite a lot of people don’t understand the threat facing the health care industry right now. News reports of retailers and financial institutions getting hacked have people thinking these are the most targeted sectors, but this just isn’t true. Analysis of 10 years of cyber-attack data actually points to health care as being the most hacked industry out there. Clearly, hackers have a lot of motivation to go after these kinds of institutions. However, hospitals don’t really come to mind when most people think of an easy buck.
Why hackers target Hospital or healthcare industry
Healthcare organizations collect and store vast amounts of personal information, making them a major target for cyber-criminals. This valuable data can be used for identity theft, says Peter Carlisle, head of EMEA at cloud and data security company Thales security. “In the US, stolen personal health insurance information can be used by criminals to obtain expensive medical services, devices and prescription medications, as well as to fraudulently acquire government benefits like Medicare or Medicaid.”
Healthcare breaches are especially serious because personal data can, in some cases, mean the difference between life and death. For example, says Carlisle, it could cause medications to become mixed up – or people might fail to get treatment for conditions such as diabetes. Making things worse, healthcare providers often struggle to find room in tight budgets to invest in new IT systems, leaving them vulnerable. “Compliance issues are commonplace in healthcare too, where organizations need to meet stringent requirements of governing bodies such as HIPAA,” Carlisle adds.
Why a VAPT service could have been a good habit to prevent hack?
NOW LET US SEE WHAT CEO OF ICSS HAD SAID ABOUT THIS TOPIC
What type of attacks healthcare industry have seen in past?
Security concerns are growing exponentially in healthcare, as hospitals become the most financially lucrative targets for cyber-attackers. The main reason for the increase in cyber-criminals targeting the healthcare industry is for the ease with which hackers can pull vast amounts of personal data from aged systems that lack necessary security features. The main reason for the increase in cyber-criminals targeting the healthcare industry is for the ease with which hackers can pull vast amounts of personal data from aged systems that lack necessary security features.
THE “KANE” INCIDENT
The theft or even alteration of patient data had been a looming menace long before Dutchman “Kane” compromised Washington University’s Medical Center in 2000. The hospital at the time believed they had successfully detected and cut off the attack, a belief they were rudely disabused of six months later when Kane shared the data he’d taken with Security Focus journalist Kevin Poulsen, who subsequently published an article describing the attack and its consequences. This quickly became global news. Kane was able to stay hidden in the Medical Center networks by allowing his victims to believe they had expelled him. He did this by leaving easily discoverable BO2K Remote Access Trojans (a tool developed by the hacker group, “Cult of the Dead Cow” and popular around the turn of the century) on several of the compromised servers while his own command and control infrastructure was somewhat more discrete. The entire episode is well documented online and I suggest you read up on it, as it is both an excellent example of an early modern APT and a textbook case of how not to deal with an intrusion—procedurally and publicly.
to See the original article
Notable Example: Presbyterian Medical Center
One of the more common types of attack occurring in 2016 has been ransomware. When this occurs, a hacker infiltrates the network and accesses data. It is then copied over and encrypted. Once encryption is complete, the original data will be deleted and data will be inaccessible until a ransom is paid. This usually results in an inability to access the EHR while the application is locked down; any communication has to be completed via telephone calls or faxes, resulting in an overall delay in patient care.
This recently occurred at Hollywood Presbyterian Medical Center in February 2016. Hackers used malware to infect the computers at the facility and stopped communication between devices. They demanded a ransom of $17,000 to restore their applications back to fully functional. Physicians were unable to access medical records for more than a week and they were forced to utilize paper record keeping until the facility ultimately paid the requested amount. While Hollywood Presbyterian stated that patient care was not impacted, patient history could not be viewed and test results could not be shared from lab work, X-rays, and more. It is believed that this occurred because an employee opened an infected email or downloaded the malware from a pop-up ad which brought the virus onto the network. A few weeks later, a group of Turkish hackers claimed responsibility for the attack which may mean that the motivation of the attack was not to steal patient data for financial means but as a political statement.
What kind of action or preventive measures have saved the industry from being hacked and face humiliation?
These days most of our important transaction happens over internet. The hackers have numerous ways to steal important data which is then put to misuse. Below there are five most common ways your data can be stolen and the precaution you can take to stay safe:
Phishing is a fake email masquerading as legitimate. Hackers create phishing emails through which they intend to steal your confidential information like passwords and bank account details. This kind of email appears to have come from a well-known person or organization like your bank or company that you work for. These emails generally try to create an urgency or panic to trick users into giving out their personal details. For example, you receive an email from your bank saying that your ATM card has been disabled and you need to confirm your card number or your Aadhaar number to re-activate it. A victim who has received this email might think that it is from a legitimate source when in reality this email has been sent from a malicious hacker trying to steal your confidential information.
HOW TO PREVENT IT:
Look for spelling or grammatical errors in domain names or email addresses. Cyber criminals also often use email addresses that resemble the names of well-known companies but are slightly altered. For example, firstname.lastname@example.org instead of email@example.com (“l” instead of “i”).
Think twice before clicking any links. If you see a link in a suspicious email message, don’t click on it. Instead, hover your mouse on the link to see if the URL matches the link that was provided in the message.
Cyber criminals often use threats that your security has been compromised or your account has been blocked. Don’t fall for such tricks. Take your time to assess the situation.
2. Insecure Network:
Connecting your system or device to an insecure network can create the possibility of a hacker gaining access to all the files on your system and monitoring your activity online. A hacker in control of your system can steal passwords of your social accounts, bank accounts and even inject malware on authentic websites that you trust. With programmes freely available on the Internet, anyone can sit in a car outside your home and access your critical files, accounting data, usernames and passwords, or any other information on the network. A competitor in possession of such in-depth knowledge of your official documents can be a damaging or even fatal threat to your business.
HOW TO PREVENT IT:
Never connect to open Wi-Fi networks that you can’t trust. Just because it’s free, it doesn’t mean it’s safe too. When in a cafe with a Wi-Fi facility, ask the staff for the Wi-Fi you can connect to instead of randomly connecting to any open network.
If you are using a public Wi-Fi, avoid performing any bank transactions or accessing any critical information while being connected.
Use strong encryption like WPA2 on your home and office Wi-Fi router instead of Open or WEP security as these can easily be hacked.
Your security is in your own hands. Stay cautious and alert at all times. Always remember, someone, somewhere is trying to hack you and basic security practices mentioned above can protect you from most hacks.
3. Insecure API
There is a big misconception that every app available on Google Play store or Apple store is safe and legitimate. However, this is not the case. Not every app available on these stores is safe for users. Some of these apps may contain malicious code that can put your privacy at risk.
HOW TO PREVENT IT:
Always check the permissions before downloading an app.
Check reviews and ratings.
Avoid downloading an app if it has less than 50,000 downloads.
Do not download apps from third party app stores.
Never download pirated/cracked apps.
Malware is a malicious software that is written with the intent of compromising a system and stealing the data available on the system. These programmers can perform a variety of functions some of which include stealing or deleting sensitive data, modifying system’s core functionalities, and secretly tracking the victim’s activities. There are various factors that can lead to the installation of malware in your system. One is running an older or pirated version of an operating system which is not safe or updated and thus vulnerable to attacks. Clicking on unknown links or installing fake/pirated software can also lead to downloading of malicious programmers.
HOW TO PREVENT IT:
Use a legitimate anti-virus software.
Do not download any fake software as there are chances it may contain malware.
Never click on fake antivirus pop-ups that are generated from websites.
Always keep your operating system updated.
Never download pirated apps/software as they always contain some kind of malware.
5. Physical Threads:
A physical threat is any threat to your sensitive information that results from other people having a direct physical access to your devices like laptops, hard drives and mobile devices.
Physical security threats are often underestimated in favor of technical threats such as phishing and malware. Physical device threats occur when someone is able to physically gain access to your confidential data like data gathered from stolen devices.
Physical security breaches can happen at your workplace or even at your home. For example, someone could get hold of your confidential files that they are not supposed to see or access an unattended system which is not password-protected.
HOW TO PREVENT IT:
Be careful how you store confidential information. Use encrypted computer hard drives, USBs, etc if they contain sensitive information.
Never write your passwords on a post-it or notepad.
Never leave your system unattended. Always protect it with a strong password.
Don’t leave your phone unlocked and unattended.
Make sure proper backup and remote wipe services are enabled in case you lose your device.