Why Hackers Target Healthcare

Posted by John Dimaggio on Sep 1, 2016 3:27:37 PM

In Cyber Security

Healthcare providers are among the most frequently pursued cyberattack targets, largely because the data stored in their systems has become a lucrative currency to hackers. Yes, a currency.  In fact, Electronic Health Records (EHR) contain the trifecta of hacker currency: Personal Health Information (PHI), Personal Identifiable Information (PII) and financial information.  Hackers target healthcare organizations that don’t have the proper technical, physical and administrative safeguards in place.  With such profitable incentives luring hackers to an industry widely known for weaker cybersecurity defenses, it is no wonder that news of a healthcare security breach or ransomware incident has become almost commonplace.   

Understanding both the mind and practices of a hacker can help healthcare organizations better recognize the risk and prepare a defense.  While no two hackers are alike, hackers generally fall into two categories.  One category includes hackers that ply their trade as a compulsive hobby, and are motivated by either an ideological cause or the thrill of outsmarting their victims.  The other category practices hacking for strictly financial motives.  Hackers typically use the following process to select their targets:

  • Reconnaissance- hackers begin by researching public information about an organization to gather information about potentially lucrative victims.

  • Scan- Once a target is selected, hackers will use various technical tools and/or social engineering techniques to identify vulnerabilities which can be leveraged to gain access.  These attempts are typically undetected by the target.

  • Gain Access- hackers then exploit vulnerabilities by employing malware to infect computers or networks or through entry points using compromised credentials.

  • Maintain Access- hackers maintain entry points to allow continued access.

  • Cover Tracks- hackers typically bury their tools deep within the network to allow continued access through a backdoor, and are often able to remove traces of their attack altogether.

The home office of a hacker is often the dark web, a layer of the internet that is not indexed by search engines.  On the dark web, users can remain anonymous, share unlawful information, and conduct illegal business transactions. Because the users are virtually untraceable, they are difficult to be detected or monitored by law enforcement. PHI, PII and financial information are juicy targets for hackers because they provide huge payoffs on the dark web, where hackers are able to openly promote their stolen wares.  

The healthcare industry has a giant target on its back, and hackers are taking aim.  Yet lack of robust security controls in this critical infrastructure persists because healthcare organizations are focused on running their business in environments with limited resources and often a shortage of trained IT security personnel. The best strategy for healthcare IT is to recognize the risk and adopt a course of action that proactively defends, detects and denies cyberattacks and security breaches. For information on Cybersecurity Best Practices in the Healthcare arena, download our Cybersecurity eBook by clicking on the below link:

Download Our Cyber Security eBook

BlueOrange Compliance has been providing privacy and security assessments, remediation, training and guidance since the inception of HITECH.  Our team is comprised of former healthcare IT executives and top security, privacy and technology analysts.  Our national client base consists of hospitals, physician provider practices, Nursing Facilities, LTC Pharmacies, senior living organizations, homecare, hospice and business associates.  If you want to learn how BlueOrange Compliance can help you turn HIPAA complexity into HIPAA compliance, visit us at blueorangecompliance.com.