Update: Cyber Attacks in Healthcare Sector Jump 600%
While physicians and other medical professionals go to great lengths to keep a patient’s medical history private, one cyber attack can result in millions of records being downloaded. That’s the new world that healthcare facilities face, with a 600% increase in attacks in this sector in the last 10 months, according to Websense Security Labs, a global leader in protecting organizations from advanced cyber attacks and data theft.
Hospitals have been the main target of these breaches as well as medical facilities because of the information hackers can obtain to sell. “The personal identifiable information that a hospital has is very valuable because it’s supplemented by links into insurance documents and bank accounts. It’s also a very complete picture of an individual such that identity theft can occur as well,” cited Carl Leonard, senior manager at Websense Security Labs, in an article in Tech News World.
Once these hackers obtain the information, they sell it in the computer underground or leverage it themselves. For example, credit card information can be used to finance additional cyber attacks. “It can be used to set up a command-and-control server or buy cloud space,” said Leonard.
Demand for health records is indeed is very high with the FBI issuing warnings this past April that the health sector, amid mandatory transition to electronic health records, lacked the protections necessary to stem the rising threat of cyber threats. The FBI followed up with this warning last month, underscoring the rise of “malicious actors” who target the healthcare and medical device fields.
Moreover, the risk of cyber attacks is predicted to increase with the Affordable Care Act’s on-line exchanges and digitized records. In fact, it recently came to light that a Healthcare.gov server was hacked in July, although it did not result in any data or consumer information being stolen or any other damage to the site. But a new report released by Government Accountability (GAO) last week, says that the site still remains “at risk” to attempts to pry into data and disrupt service. The report stated: “While [the Centers for Medicare & Medicaid Services] has taken steps to protect the security and privacy of data processed and maintained by the complex set of systems and interconnections that support Healthcare.gov, weaknesses remain both in the processes used for managing information security and privacy as well as the technical implementation of IT security controls.” This is particularly relevant as the next enrollment period for health coverage on the exchanges begins November 15th.
What’s important to contemplate is strong cyber security protocols that take into account how hackers can infiltrate a healthcare facility’s system. In addition, Cyber Liability insurance specifically designed for healthcare providers must be secured. This includes having insurance for first- and third-party coverages, payment card standards in addition to notification expenses and credit monitoring, among other key coverages. At Caitlin-Morgan, we can help you secure a cyber product that addresses the risks faced by healthcare facilities. Call one of our professionals at 877.226.1027 to discuss your insured’s needs and the programs we have available.
Sources: Tech News World, MSNBC