Hackers Increasingly Targeting U.S. Healthcare


Caduceus Grunge Symbol Nicolas Raymond 4.24.13

The discovery of the first known breach that exploited the Heartbleed bug is another reminder that the U.S. Healthcare industry is being targeted by sophisticated hacker groups. The cybercriminals exploited the OpenSSL Heartbleed bug in a Juniper Networks device, causing a data breach at Community Health Systems (CHS) that could impact up to 4.5 million patients.

The surge in Chinese attacks on U.S. healthcare companies is motivated by the Chinese government’s desire to grow its medical technology industry. The focus of attacks has been trade secrets and intellectual property from pharmaceuticals and medical device manufacturers, which is why the CHS attack is unusual. According to security experts cited in this Bloomberg article, the CHS attack “may be the first time the Chinese group has targeted consumer data, terrain usually left to cybercriminals in Eastern Europe and elsewhere.” According to the article, the Chinese group has hit at least 18 different companies in the past year, hitting the health-care industry hard.

The reminder for healthcare organizations is that they must dedicate themselves to security more than they are doing so today. Mick Coady, a partner with the PwC health information privacy & security group said in the article, “I recently met with three CEOs in healthcare and in most cases they had come to the conclusion that they definitely did under-invest [in security]. Healthcare is at least a decade, if not more, behind.”

Secure Messaging is a core area of security that should be evaluated and one where it is possible to get a quick win. With the cloud-based Cirius Secure Messaging Platform, you can deploy in minutes with no disruption to your existing infrastructure. Secure Messaging is a great opportunity for security professionals to build momentum for their overall security strategy, so sign up for a free trial here to take the first step.