Cyber attackers targeting healthcare, according to FireEye

By | August 23, 2019

According to a new report published today by FireEye, a security firm, the healthcare sector around the world is subject to numerous threat actors and malicious activity as, in some cases, hackers aim to monetize personally identifiable information and protected health information. The security company has requested the healthcare industry to advance their cyber defense capabilities.

“Actors buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common, and will almost certainly remain so due to this data’s utility in a wide variety of malicious activity ranging from identity theft and financial fraud to crafting of bespoke phishing lures,” FireEye’s report states.

The report published by the security firm is titled ‘Beyond compliance: Cyber threats and healthcare.’ It stresses how the threat to this sector is considerably severe because of the vital part it plays in our society and how it is linked to patient’s most sensitive data.

“Furthermore—given their importance and value—a growing willingness by cybercrime, or, in a period of heightened geopolitical tensions, nation state actors—to deploy disruptive and destructive tools may significantly increase the impact from these threats we have observed to date,” it adds.

The largely inter-connected systems between the offices of doctors’, hospitals, insurance firms and dealers implies that healthcare is being scrutinized by various kinds of cyber criminals, including nuisance attackers, cyber criminals, and advanced persistent threat attackers.

The healthcare sector has proven to be a preferred target among cyber criminals. In June, numerous medical-testing service providers, including Quest Diagnostics and LabCorp, revealed a break-in of their collections-service partner, American Medical Collection Agency. This breach led to a theft of nearly 20 million patient data. However, attackers are also focused on research material, such as data relating to research partakers and pharmaceutical and biomedical intellectual property.