Healthcare Cyber-Attacks Still Going Up

Healthcare providers and government agencies across the US have seen an increase in cybersecurity breaches in recent months, exposing sensitive data from hundreds of thousands of people as the sector scrambles to find adequate defense mechanisms.

“These threats are real,” Oscar Alleyne, senior adviser at the National Association of County and City Health Officials, said  during a recent panel in Washington.

The breaches include malware attacks, computer thefts, unauthorised network access and other security breaches, according to a government database that tracks attacks in the health-care sector.

A recent trail of large-scale cyberattacks on the health-care industry exposed the vulnerability of the sector. 

Last year’s global WannaCry ransomware attack crippled parts of the UK’s National Health Service for days.

In a 2015 hack, US health insurance giant Anthem Inc. had about 79 million customers’ personal information exposed.

Along with detailed personal information like Social Security numbers, health-care hacks can include sensitive information about a patient’s medical history and treatment. In other cases, breaches can cripple a hospital or health system, preventing sick people from getting the care they need.

They can be a business risk, too.

“Of course, there’s privacy,” Axel Wirth, a technical architect at security firm Symantec Corp., said during the panel, “but there’s also intellectual property and business data. Your latest vaccine research could be compromised.”

In April, there were 42 reports of data breaches in the health-care sector, according to the Department of Health and Human Services database, which tracks cases where data from 500 or more people were affected.

That month, the California Department of Developmental Services reported that 12 of its computers, containing medical records of 582,174 people, had been stolen. A few days later, Inogen Inc., a medical-equipment company, said personal information of almost 30,000 customers was exposed after a hacker had gained access to an employee’s email account.

Costly Attacks

The attacks can get expensive: According to estimates Alleyne cited during the panel, a data breach can cost health-care providers more than $400 per patient.

“When I was a local epidemiologist, my county was 312,000-something people,” Alleyne said. “You multiply that out by records and see the significant cost.”

Anthem, the insurer, eventually agreed to pay $115 million to resolve consumer claims over its 2015 breach.

Health departments in counties and cities tend not to have sufficient defense mechanisms in place. Alleyne said only 33 percent of the local health departments in the association had plans on how to defend against a cyberattack. Only 23 conducted training on the issue, and only 8 percent participated in drills or exercises.

Information- Management

You Might Also Read: 

British NHS Sure To Be Hit By More Cyber Attacks:

5 Major US Hospital Hacks:

 

« Public Cloud Security Is A Conundrum
Powering The Future Of Artificial Intelligence »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Beachhead Solutions

Beachhead Solutions

Beachhead's SimplySecure is a configurable, web-based management tool allowing you to remotely secure vulnerable mobile devices in your organization.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

CS Group

CS Group

CS Group offers a complete range of security solutions from consultancy to security maintenance and from secure infrastructure design to security governance.

Protenus

Protenus

Protenus provide a solution to proactively monitor and protect patient privacy in the electronic health record (EHR).

Beame.io

Beame.io

Beame.io is an information security company that distributes open source authentication infrastructure based on encryption.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

Farsight Security

Farsight Security

Farsight Security provides the world’s largest real-time actionable threat intelligence on how the Internet is changing.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

MTS-ISAC promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.

Otorio

Otorio

OTORIO delivers industrial cybersecurity and digital risk-management solutions and services. We help our customers to keep their revenue-generating operations resilient, efficient, and safe.

FTCYBER

FTCYBER

FTCYBER offers the latest technology and data recovery services to identify and extract data from computers and other digital devices.

GuardYoo

GuardYoo

GuardYoo's SaaS platform allows cybersecurity professionals to perform Compromise Assessment remotely from anywhere in the world.

Obrela Security Industries

Obrela Security Industries

Obrela provides security analytics and risk management services to identify, analyze, predict and prevent highly sophisticated security threats in real time.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.