Why is the healthcare industry experiencing an increasing number of data breaches?
It is no secret that the healthcare industry has emerged as the prime target for cyber criminals this year. Towards the close of 2014, the FBI issued a warning to healthcare companies that they were under increased threat, and there have already been some high profile data breaches across this sector in 2015. Furthermore, Ponemon Institute’s 2015 Global Cost of Data Breach Study, healthcare data breaches were deemed the costliest out of all industries. So, what is it about this sector that cyber criminals are so attracted to?
There is only one place to begin, and this is with the fact that a lot of medical clinics and healthcare businesses are easy targets, especially small, local practices, community hospitals and clinics. A lot of these businesses are using old, out-dated software, and they have invested very little in terms of cyber security. It is often extremely easy for a hacker to get into the system of a small healthcare business, and what’s more is that they know how to cover their tracks, so the organisations that have been victimised often do not find out about the damage for weeks, and sometimes even months, which leaves them in an impossible predicament.
Cyber criminals usually hack a computer to extract personal information, which they then sell to third parties who use the information in various schemes, including insurance fraud and identity theft. And thus, arguably the main reason cyber criminals are interested in the healthcare industry is because it is more profitable for them, as healthcare details can be sold for a premium on the black market. Cyber criminals have realised that this industry is the most profitable for them, which is why they are targeting healthcare businesses.
According to research, a stolen medical identity could make a hacker 50 times as much money as a stolen Social Security number while it could make them three to four times more than a stolen credit card number. In fact, Dell SecureWorks revealed that complete health insurance credentials were selling for about $20 a piece on underground markets several years ago. Now, imagine if you were to hack a system where the personal details of 500 patients are stored – that’s potentially $10,000 for the hacker. It is worth pointing out that some reports state that these details sell for as much as $50.
In addition to this, a lot of cyber criminals are hacking into medical businesses’ networks for the purpose of committing medical fraud, by which they will use someone else’s identity so they can then by expensive medical equipment or obtain medical care.
Why are cyber criminals targeting the healthcare industry?
All things considered, it is not difficult to see why the medical industry is proving to be popular target for cyber criminals, and a data breach could be extremely difficult for any medical practise to come back from, especially as it often takes healthcare providers longer to detect this type of fraud, which makes the damage more costly and time consuming for victims. If you don’t have updated and effective security measures in place, you need to act now.