The new favorite target for hackers? Hospitals. And that's comforting news in the war against cyber crime, said no one ever.
Researchers at the security firm Websense tell the MIT Technology Review that cyber attacks on hospitals have risen 600% in the last 10 months.
Much of that increase can be traced back to the cyber attack on Community Health Systems, where military-run Chinese hackers stole 4.5 million non-medical data records from 206 hospitals in 29 states. Filing a report with the SEC on Aug 18, the healthcare company acknowledged that the breaches occured in April and June.
Websense blames the Heartbleed bug, which exposed half of a million servers, for many of the breaches. The firm warns that patient records remain vulnerable still, as many hospitals have not implemented the Heartbleed patch.
According to the MIT Technology Review, hackers are turning to hospitals because security firewalls are easy to breach and the payoff is hundrends of thousands of data records.
John Halamka, chief information officer and dean of technology for the Harvard Medical School, tells the MIT Technology Review that the healthcare industry spends far less on IT compared to other industries. And whereas credit card numbers and social security numbers bring in relatively little cash on the black market, the data from health records is a gold mine, particularly for the un- and underinsured who want to obtain a better quality of medical care.
As for the breach commited on Aug. 18 by Chinese hackers, the SEC and Community Health Systems theorize that because medical records and personal identification was not stolen, a possible motive for the hack was to acquire product development plans, manufacturing techniques, business plans and emails to senior executives. In short, the hackers want information that will help Chinese companies become more competitive.
China has denied the accusations, but the U.S. Dept of Justice has secured criminal indictments on five of the alledged hackers.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.