Healthcare Sector: Increasingly Vulnerable to Cyber Attacks

TLP: WHITE 

Summary

Patients’ and employees’ medical, personal, and financial data are increasingly attractive to cyber criminals because of the elevated value of healthcare data on the black market, as well as the health sector’s rapid transition to electronic health records and patchy security standards. Last year, the healthcare sector accounted for roughly 40% of reported data breaches in the United States, and so far this year, the sector accounts for an overwhelming majority of compromised records, according to the Identity Theft Resource Center.

• In February, the US’s second largest health insurer, Anthem, revealed that the personal information of nearly 80 million customers and employees was compromised in a cyber attack. The following month, Premera Blue Cross reported a breach of 11 million customers’ financial and medical records. Western media attributes both breaches to state-sponsored Chinese espionage groups.
   
• Many healthcare networks consist of tens of thousands of computers, tablets, and smartphones, in addition to thousands of internet-connected medical devices such as radiology machines, patient monitors, and laboratory equipment—which increases an organization’s attack surface. Cybersecurity firms report that stolen health data can sell for $20 to $50 per record in online black markets, as compared to social security and credit card numbers, which yield only about $1 to $2 each. These figures underscore the strong profit motive for cyber criminals.
   
• As a result of industry-wide intrusions, effective 1 August 2015, healthcare insurers in New Jersey will be required to encrypt all personal data stored on computer systems or transmitted across public networks—a move that goes beyond current standards set forth by the Health Insurance Portability and Accountability Act (HIPAA), which does not mandate encryption.

Traffic Light Protocol: WHITE information may be distributed without restriction.