Healthcare Cyber-Attacks Still Going Up

Healthcare providers and government agencies across the US have seen an increase in cybersecurity breaches in recent months, exposing sensitive data from hundreds of thousands of people as the sector scrambles to find adequate defense mechanisms.

“These threats are real,” Oscar Alleyne, senior adviser at the National Association of County and City Health Officials, said  during a recent panel in Washington.

The breaches include malware attacks, computer thefts, unauthorised network access and other security breaches, according to a government database that tracks attacks in the health-care sector.

A recent trail of large-scale cyberattacks on the health-care industry exposed the vulnerability of the sector. 

Last year’s global WannaCry ransomware attack crippled parts of the UK’s National Health Service for days.

In a 2015 hack, US health insurance giant Anthem Inc. had about 79 million customers’ personal information exposed.

Along with detailed personal information like Social Security numbers, health-care hacks can include sensitive information about a patient’s medical history and treatment. In other cases, breaches can cripple a hospital or health system, preventing sick people from getting the care they need.

They can be a business risk, too.

“Of course, there’s privacy,” Axel Wirth, a technical architect at security firm Symantec Corp., said during the panel, “but there’s also intellectual property and business data. Your latest vaccine research could be compromised.”

In April, there were 42 reports of data breaches in the health-care sector, according to the Department of Health and Human Services database, which tracks cases where data from 500 or more people were affected.

That month, the California Department of Developmental Services reported that 12 of its computers, containing medical records of 582,174 people, had been stolen. A few days later, Inogen Inc., a medical-equipment company, said personal information of almost 30,000 customers was exposed after a hacker had gained access to an employee’s email account.

Costly Attacks

The attacks can get expensive: According to estimates Alleyne cited during the panel, a data breach can cost health-care providers more than $400 per patient.

“When I was a local epidemiologist, my county was 312,000-something people,” Alleyne said. “You multiply that out by records and see the significant cost.”

Anthem, the insurer, eventually agreed to pay $115 million to resolve consumer claims over its 2015 breach.

Health departments in counties and cities tend not to have sufficient defense mechanisms in place. Alleyne said only 33 percent of the local health departments in the association had plans on how to defend against a cyberattack. Only 23 conducted training on the issue, and only 8 percent participated in drills or exercises.

Information- Management

You Might Also Read: 

British NHS Sure To Be Hit By More Cyber Attacks:

5 Major US Hospital Hacks:

 

« Public Cloud Security Is A Conundrum
Powering The Future Of Artificial Intelligence »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Direct Recruiters Inc

Direct Recruiters Inc

Direct Recruiters is a relationship-focused search firm that assists IT Security and Cybersecurity companies with recruiting high-impact talent.

Intelligent Waves

Intelligent Waves

Intelligent Waves holds and manages contracts to provide an array of intelligence, operational, communications and IT support to the USG in austere, forward-deployed, hazardous duty environments.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

PROW Information Technology

PROW Information Technology

PROW is at the forefront of the technology and digital revolution with a focus and mastery in the cybersecurity, information security and data management realms.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.

SecuLore

SecuLore

An innovator in public-safety-focused cybersecurity, SecuLore is dedicated to protecting critical infrastructure from cyber attacks.