In the seemingly endless world of corporate data breaches, yet another health insurance company has become the victim of a cyberattack. In mid-March, Premera Blue Cross announced that it had suffered a hack that exposed medical information for more than 11 million patients, making it the largest cyberattack of its kind. Earlier this year, health insurance company Anthem reported that cybercriminals had managed to access nearly 80 million records, but no medical information was compromised in that attack.
The Premera breach signifies the changing tide of cyber threats, where hackers are becoming increasingly interested in healthcare data that can be used to commit medical insurance fraud. For years the main goal of cybercriminals was to steal financial data or corporate intellectual property that could be sold on the black market for a quick profit. Now, however, the big money is in medical data, which can be sold underground for nearly three times as much as stolen credit card numbers. Part of the reason for the increased value of health information is that, unlike credit cards that can be canceled after fraud has been detected, there is no way to keep malicious actors from using stolen insurance data.
According to cybersecurity expert Pat Calhoun, the healthcare industry is especially vulnerable to cyberattacks because hackers left medical companies alone for so long that they don’t have the appropriate infrastructure to protect the massive amount of patient records they store.
“The healthcare industry is not immune to attacks,” said Calhoun. “It’s really a wake up call for manufacturers and healthcare providers to understand how to minimize the impact on security challenges.”
Healthcare companies facing a growing cyber threat landscape
Attacks on healthcare firms have been growing steadily over the last few years, but the industry’s response has been slow. According to a report by Intel Security and the Atlantic Council, 44 percent of all registered data breaches in 2013 impacted medical companies, and the number of breaches increased 60 percent between 2013 and 2014. A report from the Ponemon Institute estimates that 2.3 million people were affected by medical identity theft in 2014 and nearly 30 percent of victims were unaware of how their data was stolen.
Healthcare organizations are facing a greater number of cyber threats than ever before and have proven themselves to be unprepared for the task of protecting patient information against hackers. In order to increase their cybersecurity efforts, medical companies need to turn to a more sophisticated defense strategy. One of the most reliable ways to go about this is to employ a layered security solution.
Layered security utilizes multiple forms of protection at once to keep hackers at bay, a strategy that is especially beneficial to organizations with large amounts of sensitive information as it will protect records at all possible endpoints. Anti-virus Solutions like Faronics Anti-Virus offers traditional firewall protection, as well as Anti-Spyware, Anti-Rootkit, Anti-Virus and Web filtering.