Healthcare Organizations are Among the Biggest Targets for Attackers
Of all the organizations threatened by insider threats, healthcare companies top the list. In the past several years, healthcare organization data is among the top of the list in the biggest data breaches recorded. Yahoo and Equifax had large breaches, but numerous healthcare industries lose smaller sets of records that add up to millions of people losing their data to an attacker. These attackers are not always outsiders. In many cases, the threat is a trusted employee.
Why Attackers Prefer Healthcare Organizations
Several factors play a role in why healthcare is such a huge target for data theft. The first one is that healthcare records contain enough information for an attacker to sell it on the black market for huge profits or use it for identity theft. Social security numbers, address information, and drivers’ license numbers are just a few pieces of data that can be used to open new credit accounts for fraud purposes.
The other reason attackers prefer healthcare organizations is that usually, these companies do not have sufficient cyber security to protect infrastructure. Healthcare organizations are recently in the last few years turning their paper assets to digital ones, which makes them easier targets for attackers. HIPAA guidelines require healthcare companies to store digital assets a certain way, but proper cyber security requires expertise that many IT professionals don’t have.
One common mistake is that IT professionals take extra measures to protect from outside attackers, but they don’t consider what can happen should an insider threaten to steal data. HIPAA requires logging and auditing, but the right attacker will even use another employee’s credentials to gain access to data, rendering these methods useless in many forensic responses.
Insider Threats and Healthcare
Insider threats include malicious attacks and negligence. Several years ago, a hospital in California was forced to pay a ransom to an attacker that used phishing and ransomware to encrypt records. The attack crippled the hospital to a point that they were forced to use paper and pen methods to work with patients. The attack was not from a malicious insider, but instead was an outsider that sent hospital staff an email with an executable attachment that encrypted data.
As a matter of fact, outside attackers take advantage of employees that don’t know the signs of an attack. They send phishing emails asking for employees to enter them into a website the attacker owns, or they send attachments that contain malware. Both of these attack vectors have proven profitable for an attacker that wants data from any organization, but healthcare companies are particularly attractive targets due to the massive amount and quality of data contained in their databases.
Recent studies have shown that employee training and education help with avoiding attacks. Education must also be accompanied by dedicated resources that stop cyber attacks from becoming major data breaches. The average compromise costs companies about $4 million in revenue loss, which means that you should be taking as many physical and virtual steps to stop attacks, especially with insider threats on the rise.
It’s not just healthcare organizations that need to take steps to avoid insider threats. Every industry is a target, and the cost of a data breach is worth the added budget and expenses for proper IT security.
GateKeeper is a physical protection from social engineers or malicious employees that are able to gain access to an unlocked desktop. When an employee walks away from their desk, GateKeeper automatically locks the terminal and stops an attacker from using the employee’s credentials to steal data. It’s just one extra step that stops insider threats.