Major healthcare breaches involving hackers accessing patient information soared in 2016 as criminals attempted to sell data for a quick profit. But now more attackers are shifting their attention to ransomware attacks because of the glut of stolen health information hitting the black market, says Dan Berger, vice president of the security consulting firm CynergisTek, which is now part of Auxilio.
"The biggest trend for 2016 was that healthcare providers were under attack," Berger says in an interview at the HIMSS17 conference in Orlando. Hacking incidents at healthcare providers in 2016 increased 320 percent over 2015, he says of the most startling finding in the seventh annual Redspin breach report, issued by CynergisTek.
The report analyzed trends of breaches appearing on the Department of Health and Human Services' Office for Civil Rights' "wall of shame" website listing health data breaches affecting 500 or more individuals.
Many of the hacker breaches occurring in 2016 were reported by smaller healthcare providers, Berger says. "The takeaway is that hackers now see healthcare providers as soft targets."
A Shift in Breaches
Unlike some of the massive hacker attacks in 2015 that targeted large companies such as Anthem Inc. and were suspected to have been committed by nation states, many of the cyberattacks in 2016 appear to have involved hackers "looking to monetize the information," he says.
"What's occurring is that there's been sort of a rush to flood the black market [with stolen health data], which in turn has caused a decrease in the value of a health record in the black market. That's what has led to ransomware."
In the interview with Information Security Media Group (see audio link below photo), Berger also discusses:
- Predictions of "an explosion" of attacks involving hackers using ransomware-as-a-service offerings;
- Potential distributed-denial-of-service attacks involving medical devices;
- Identity and access management mistakes to avoid;
- Steps healthcare entities can take to avoid falling victim to cyberattacks and other data breaches.
Berger was previously president and CEO at Redspin, an IT security assessment company that was acquired by Auxilio in 2015 and is now a unit of CynergisTek as part of Auxilio's January 2017 purchase of that firm.