main

Application SecurityAttack MitigationDDoS AttacksSecurity

2018 In Review: Healthcare Under Attack

December 12, 2018 — by Daniel Smith0

Healthcare-Under-Attack-960x568.jpg

Radware’s ERT and Threat Research Center monitored an immense number of events over the last year, giving us a chance to review and analyze attack patterns to gain further insight into today’s trends and changes in the attack landscape. Here are some insights into what we have observed over the last year.

Healthcare Under Attack

Over the last decade there has been a dramatic digital transformation within healthcare; more facilities are relying on electronic forms and online processes to help improve and streamline the patient experience. As a result, the medical industry has new responsibilities and priorities to ensure client data is kept secure and available–which unfortunately aren’t always kept up with.

This year, the healthcare industry dominated news with an ever-growing list of breaches and attacks. Aetna, CarePlus, Partners Healthcare, BJC Healthcare, St. Peter’s Surgery and Endoscopy Center, ATI Physical Therapy, Inogen, UnityPoint Health, Nuance Communication, LifeBridge Health, Aultman Health Foundation, Med Associates and more recently Nashville Metro Public Health, UMC Physicians, and LabCorp Diagnostics have all disclosed or settled major breaches.

[You may also like: 2019 Predictions: Will Cyber Serenity Soon Be a Thing of the Past?]

Generally speaking, the risk of falling prey to data breaches is high, due to password sharing, outdated and unpatched software, or exposed and vulnerable servers. When you look at medical facilities in particular, other risks begin to appear, like those surrounding the number of hospital employees who have full or partial access to your health records during your stay there. The possibilities for a malicious insider or abuse of access is also very high, as is the risk of third party breaches. For example, it was recently disclosed that NHS patient records may have been exposed when passwords were stolen from Embrace Learning, a training business used by healthcare workers to learn about data protection.

Profiting From Medical Data

These recent cyber-attacks targeting the healthcare industry underscore the growing threat to hospitals, medical institutions and insurance companies around the world. So, what’s driving the trend? Profit. Personal data, specifically healthcare records, are in demand and quite valuable on today’s black market, often fetching more money per record than your financial records, and are a crucial part of today’s Fullz packages sold by cyber criminals.

Not only are criminals exfiltrating patient data and selling it for a profit, but others have opted to encrypt medical records with ransomware or hold the data hostage until their extortion demand is met. Often hospitals are quick to pay an extortionist because backups are non-existent, or it may take too long to restore services. Because of this, cyber-criminals have a focus on this industry.

[You may also like: How Secure is Your Medical Data?]

Most of the attacks targeting the medical industry are ransomware attacks, often delivered via phishing campaigns. There have also been cases where ransomware and malware have been delivered via drive-by downloads and comprised third party vendors. We have also seen criminals use SQL injections to steal data from medical applications as well as flooding those networks with DDoS attacks. More recently, we have seen large scale scanning and exploitation of internet connected devices for the purpose of crypto mining, some of which have been located inside medical networks. In addition to causing outages and encrypting data, these attacks have resulted in canceling elective cases, diverting incoming patients and rescheduling surgeries.

For-profit hackers will target and launch a number of different attacks against medical networks designed to obtain and steal your personal information from vulnerable or exposed databases. They are looking for a complete or partial set of information such as name, date of birth, Social Security numbers, diagnosis or treatment information, Medicare or Medicaid identification number, medical record number, billing/claims information, health insurance information, disability code, birth or marriage certificate information, Employer Identification Number, driver’s license numbers, passport information, banking or financial account numbers, and usernames and passwords so they can resell that information for a profit.

[You may also like: Fraud on the Darknet: How to Own Over 1 Million Usernames and Passwords]

Sometimes the data obtained by the criminal is incomplete, but that data can be leveraged as a stepping stone to gather additional information. Criminals can use partial information to create a spear-phishing kit designed to gain your trust by citing a piece of personal information as bait. And they’ll move very quickly once they gain access to PHI or payment information. Criminals will normally sell the information obtained, even if incomplete, in bulk or in packages on private forums to other criminals who have the ability to complete the Fullz package or quickly cash the accounts out. Stolen data will also find its way to public auctions and marketplaces on the dark net, where sellers try to get the highest price possible for data or gain attention and notoriety for the hack.

Don’t let healthcare data slip through the cracks; be prepared.

Read “Radware’s 2018 Web Application Security Report” to learn more.

Download Now

Security

How Secure is Your Medical Data?

February 6, 2018 — by Louis Scialabba0

healthcare-smb-mssp-960x640.jpg

Imagine getting online with your doctor on the other end of the streaming connection, and then sending her real-time data of your blood pressure and glucose levels for real-time analysis and consultation.  It’s convenient, it’s timely, and it’s altogether probably cheaper than making a visit to the office.  But is your information secure?  Who else might be snooping on the data you are sending?  The risk is probably higher than you think, and the reward for malicious cyber criminals is certainly worth their time and effort.

Security

The Healthcare / Cyber-Security Connection

January 9, 2018 — by Radware0

healthcare-roundup-960x640.jpg

One of the businesses in the spotlight lately when it comes to cyber-attacks is healthcare – in fact, 46% of healthcare organizations experienced a data breach. The data associated with this industry is extremely sensitive and highly regulated, and also actively sought by hackers. It has even gotten to the point where we need to worry about the possibility of someone’s pacemaker or other medical device being hacked. We’ve covered this topic in much detail over the course of 2017, and below is our roundup of everything you need to know about cyber-security and healthcare.

SecurityWAF

Healthcare & Web Application Security: A Prescriptive Look at Application-Layer Security Risks

December 7, 2017 — by Radware0

waf-healthcare-960x640.jpg

The healthcare sector consists of a wide number of segments: payers, such as insurance companies; providers such as hospitals and doctors; and manufacturers, both pharmaceutical as well as medical device and equipment. Because the industry deals with quality of life issues across the spectrum, access to real-time data, especially sensitive data such as patient records, requires both the security and availability of in-house, Web, mobile, or cloud applications.

Application Delivery

Encryption is a Double-Edged Sword for the Healthcare Industry

December 5, 2017 — by Frank Yue1

ssl-healthcare-encryption-960x641.jpg

The healthcare industry must take security and privacy seriously.  They collect and retain personal health information (PHI) and financial information while providing life-saving medical care.  The protection of this information and the networks that manage it is one of the top concerns for IT organizations in the healthcare industry.

Application DeliverySecuritySSL

5 Key Items for the Digital Transformation of Healthcare

September 20, 2017 — by Frank Yue0

healthcare-ssl-1-960x640.jpg

People’s lives are at risk as the healthcare industry transforms patient care with modern IT technologies. Data security and application availability are essential when a patient’s medical information is on the network. Hospitals and medical practices are digitizing healthcare applications like x-rays, CAT scans, medication distribution and surgical procedures using interactive video. In addition, patient care staff are accessing all of this medical information on tablets, phones, and other devices in real-time.

Attack Types & VectorsSecurity

Hospital Stays Can Take Out More Than Your Organs

August 30, 2017 — by Louis Scialabba0

healthcare-mssp-960x620.jpg

The Cyber Theft Threat in Healthcare and how Service Providers can Transform Risk to Reward

You went to the hospital to get your appendix out and one week later your identity was taken from you as well.  How did this happen? In their 2017 Data Breach survey, Verizon found that ransomware has jumped up from the 22nd most common type of malware in 2014 to the 5th most common. The report also discovered that 72% of all healthcare attacks in 2016 were ransomware and the only industry targeted more than health care is financial services.

Security

GDPR and HITECH: Can the past predict the future?

June 27, 2017 — by David Hobbs2

gdpr-hitech-compliance-960x640.jpg

In February of 2017, Memorial Healthcare System settled their HIPAA violation fines for $5.5 Million USD. During an investigation, it was discovered that over 100,000 patient records had been impermissibly accessed. Allegedly, an ex-employee retained access to personal identifying information and sold data records to people who filed fraudulent tax returns using the data. Federal criminal charges were filed against the ex-employee.

Attack Types & VectorsDDoSSecurity

Early Attack Activity Forcing New Thinking in Healthcare IT/Security

July 7, 2016 — by Ben Desjardins0

healthcare-security-attack-activity-3-960x592.png

Every year when we conduct our survey for the Global Application & Network Security Report, one of the more interesting things to observe is how different industries are viewing the threat landscape. Changes such as technology adoption within industry tend to create new points of vulnerability, which quickly become the targets of malicious actors looking to exploit these new-found points of access. This year has been a particularly eye-opening year for the healthcare industry, which has seen a rash of recent attacks targeting their increased reliance on technology and networked data, often through the tactic of ransom attacks.

The increase in ransom attacks was one of the many interesting angles we saw within the inputs of the healthcare industry through our survey. Others provide additional insight into areas IT and security practitioners in the space have more or less concern, or feel either exposed or more or less secure.